2633de9da8f0901bf3647dde733697e4428fabf0c3a63e4206a4d098b129d121

Sharing

Copy URL Twitter E-mail

General

Target

2633de9da8f0901bf3647dde733697e4428fabf0c3a63e4206a4d098b129d121
Size

1.5MB
MD5

0d1a06a5763e1acbd9a36fb5bfb69e21
SHA1

cb93945736aae950ae59b6007232e6d48f123b27
SHA256

2633de9da8f0901bf3647dde733697e4428fabf0c3a63e4206a4d098b129d121
SHA512

5d17b4e80e38ef4b080b3fc8e60e6e07d5468c08d6573d4bfe7b0d2d30eef354acb8bb33b7997308cd8ce9f90c097fe4c8f07e75a5de0445caaa27bc6b663c1d
SSDEEP

24576:7/wpewTnSHEwpeNQlCkVYiJ8lMvLnrAeI4RRlcdEDS6TyavTsZ0VKFJMM50WMA6x:7YpecnSzpeNvk5JDoiRlX3LdVMFXf+

Score

N/A

Malware Config

Signatures

Files

2633de9da8f0901bf3647dde733697e4428fabf0c3a63e4206a4d098b129d121
.exe windows x64

bc71c68643fccdb9e85ed29a10e8506f

Code Sign

65:e7:85:ab:28:00:79:94:47:50:6b:d9:f1:fc:72:f0
Certificate

Issuer

CN=Logitech Z-906 Template COM

Not Before

19/11/2022, 18:43

Not After

20/11/2032, 18:43

Subject

CN=Logitech Z-906 Template COM

90:39:7f:9a:d2:4a:3a:13:f2:bd:91:5f:08:38:a9:43
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

11/05/2022, 00:00

Not After

10/08/2033, 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #3,O=Sectigo Limited,ST=Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02/05/2019, 00:00

Not After

18/01/2038, 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

6b:51:8b:97:59:91:ef:32:f4:d7:a8:f0:66:29:59:15:62:62:08:ed:b7:79:f3:65:3b:5c:ce:b5:c0:e4:68:13
Signer

Actual PE Digest

6b:51:8b:97:59:91:ef:32:f4:d7:a8:f0:66:29:59:15:62:62:08:ed:b7:79:f3:65:3b:5c:ce:b5:c0:e4:68:13

Digest Algorithm

sha256

PE Digest Matches

true

Signature Validations

Trusted

false

Verification

Signing Certificate

CN=Logitech Z-906 Template COM

17/11/2022, 13:15
Valid: false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

shell32

PathMakeUniqueName

mscoree

_CorExeMain

advapi32

GetUserNameA

user32

BeginPaint

kernel32

GetModuleHandleA

Sections

Size: - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 663KB - Virtual size: 663KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 93KB - Virtual size: 92KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

bc71c68643fccdb9e85ed29a10e8506f

Code Sign

65:e7:85:ab:28:00:79:94:47:50:6b:d9:f1:fc:72:f0Certificate

90:39:7f:9a:d2:4a:3a:13:f2:bd:91:5f:08:38:a9:43Certificate

Extended Key Usages

Key Usages

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9Certificate

Extended Key Usages

Key Usages

6b:51:8b:97:59:91:ef:32:f4:d7:a8:f0:66:29:59:15:62:62:08:ed:b7:79:f3:65:3b:5c:ce:b5:c0:e4:68:13Signer

Signature Validations

Verification

17/11/2022, 13:15 Valid: false

Headers

DLL Characteristics

File Characteristics

Imports

shell32

mscoree

advapi32

user32

kernel32

Sections

Size: - Virtual size: 1.3MB

.rsrc Size: 663KB - Virtual size: 663KB

Size: 93KB - Virtual size: 92KB

65:e7:85:ab:28:00:79:94:47:50:6b:d9:f1:fc:72:f0
Certificate

90:39:7f:9a:d2:4a:3a:13:f2:bd:91:5f:08:38:a9:43
Certificate

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

6b:51:8b:97:59:91:ef:32:f4:d7:a8:f0:66:29:59:15:62:62:08:ed:b7:79:f3:65:3b:5c:ce:b5:c0:e4:68:13
Signer

17/11/2022, 13:15
Valid: false

.rsrc
Size: 663KB - Virtual size: 663KB