1a9384a6438b84f3eba845a64bf6f541ff317c14583db096a19e821c68aea396

Sharing

Copy URL Twitter E-mail

General

Target

1a9384a6438b84f3eba845a64bf6f541ff317c14583db096a19e821c68aea396
Size

291KB
MD5

0c8327c99d064323cb7feece87548837
SHA1

a3127b45338cf45079fdf9646eab297e85df1d20
SHA256

1a9384a6438b84f3eba845a64bf6f541ff317c14583db096a19e821c68aea396
SHA512

b96373382cbee4d5c309f3b6f286b07477a86b1070bc18fb6d7d3d477371cf1845848a1ca26d4a1e7f2abb7c6dcdfe5fbfec039ac7e93a30734fd4f9427a52d1
SSDEEP

3072:dBBBBBBB+pxW7gs5ArVXSMufZxMwxMKx4qbfefJ8OQT0VZhWtvVkp0DnAJPRNNBC:K8DmVXSMqXx4qTO8OQgOZLkPHFQ

Score

N/A

Malware Config

Signatures

Files

1a9384a6438b84f3eba845a64bf6f541ff317c14583db096a19e821c68aea396
.exe windows x86

2caf2dafc57f88a5b01f0b4d8773958b

Code Sign

43:b9:d4:ae:ed:20:c0:48:b6:8c:bf:55:ac:d8:90:e4
Certificate

Issuer

CN=19954213287579922673248951642579951833338429619984263244496337929139152632977919335341513133586843421771982248669268392116444899984341116227274927487793695

Not Before

25/01/2013, 06:12

Not After

31/12/2039, 23:59

Subject

CN=19954213287579922673248951642579951833338429619984263244496337929139152632977919335341513133586843421771982248669268392116444899984341116227274927487793695

Extended Key Usages

ExtKeyUsageCodeSigning

61:f0:90:11:2b:ec:3e:8d:e4:ff:39:8d:1b:e9:ec:9c:7a:15:99:6e
Signer

Actual PE Digest

61:f0:90:11:2b:ec:3e:8d:e4:ff:39:8d:1b:e9:ec:9c:7a:15:99:6e

Digest Algorithm

sha1

PE Digest Matches

false

Signature Validations

Trusted

false

Verification

Signing Certificate

CN=19954213287579922673248951642579951833338429619984263244496337929139152632977919335341513133586843421771982248669268392116444899984341116227274927487793695

04/11/2022, 15:46
Valid: false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetSystemInfo
LoadLibraryA
VirtualAlloc

user32

ReleaseCapture
ReleaseDC
SendMessageW
SetCapture
SetCursor
SetDlgItemInt
RegisterClassW
SetWindowPos
SetWindowTextW
ShowCursor
ShowWindow
SystemParametersInfoW
UpdateWindow
WinHelpW
wsprintfW
PostQuitMessage
PostMessageW
MessageBoxW
MessageBeep
LoadStringW
LoadIconW
LoadCursorW
LoadBitmapW
KillTimer
IsIconic
InvalidateRect
GetWindowRect
GetWindowDC
GetSystemMetrics
GetSysColor
GetMenu
GetDlgItemInt
GetDesktopWindow
GetDC
GetClientRect
FlashWindow
EndPaint
EnableMenuItem
DrawMenuBar
DialogBoxParamW
DefWindowProcW
CreateWindowExW
BeginPaint
SetTimer

gdi32

CreateCompatibleDC
CreateCompatibleBitmap
CombineRgn
TextOutW
StretchBlt
SetTextColor
SetRectRgn
SetPixel
SetBkColor
SelectObject
PatBlt
MoveToEx
LineTo
GetTextMetricsW
GetTextExtentPoint32W
GetStockObject
GetPixel
GetDeviceCaps
DeleteObject
DeleteDC
CreateSolidBrush
CreateRectRgn
CreatePen
CreateICW
CreateFontIndirectW
BitBlt

advapi32

RegOpenKeyA

Sections

.text
Size: 274KB - Virtual size: 274KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 404B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ata8
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ata7
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ata6
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ata5
Size: 512B - Virtual size: 100B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ata4
Size: 512B - Virtual size: 100B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ata3
Size: 512B - Virtual size: 100B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ata2
Size: 512B - Virtual size: 100B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2caf2dafc57f88a5b01f0b4d8773958b

Code Sign

43:b9:d4:ae:ed:20:c0:48:b6:8c:bf:55:ac:d8:90:e4Certificate

Extended Key Usages

61:f0:90:11:2b:ec:3e:8d:e4:ff:39:8d:1b:e9:ec:9c:7a:15:99:6eSigner

Signature Validations

Verification

04/11/2022, 15:46 Valid: false

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

Sections

.text Size: 274KB - Virtual size: 274KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 512B - Virtual size: 404B

.ata8 Size: 1024B - Virtual size: 1000B

.ata7 Size: 1024B - Virtual size: 1000B

.ata6 Size: 1024B - Virtual size: 1000B

.ata5 Size: 512B - Virtual size: 100B

.ata4 Size: 512B - Virtual size: 100B

.ata3 Size: 512B - Virtual size: 100B

.ata2 Size: 512B - Virtual size: 100B

.rsrc Size: 3KB - Virtual size: 2KB

43:b9:d4:ae:ed:20:c0:48:b6:8c:bf:55:ac:d8:90:e4
Certificate

61:f0:90:11:2b:ec:3e:8d:e4:ff:39:8d:1b:e9:ec:9c:7a:15:99:6e
Signer

04/11/2022, 15:46
Valid: false

.text
Size: 274KB - Virtual size: 274KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 512B - Virtual size: 404B

.ata8
Size: 1024B - Virtual size: 1000B

.ata7
Size: 1024B - Virtual size: 1000B

.ata6
Size: 1024B - Virtual size: 1000B

.ata5
Size: 512B - Virtual size: 100B

.ata4
Size: 512B - Virtual size: 100B

.ata3
Size: 512B - Virtual size: 100B

.ata2
Size: 512B - Virtual size: 100B

.rsrc
Size: 3KB - Virtual size: 2KB