088e431500f13ad5f96af8079b2e6704440bef6810903ce7f760336e65d7cece

Sharing

Copy URL

Twitter E-mail

General

Target

088e431500f13ad5f96af8079b2e6704440bef6810903ce7f760336e65d7cece
Size

359KB
MD5

03c98c932377086d5be24c119ff01175
SHA1

0b93bd233ddc8c1cfb5886116f37fb7c1315a5ef
SHA256

088e431500f13ad5f96af8079b2e6704440bef6810903ce7f760336e65d7cece
SHA512

bf100d25e83e0043b9c86433968eb5f70395240c79428d51d7fb563ec14e99d394b3c753d7b2c6b686939e2a4f032baa726e9c1146eb526dd6da4ac6f7e80650
SSDEEP

6144:xtF0wPmBjrtRAlXlNa01/Fjm+qbtPeXCOmdsP1F9nb54ceKVwCsI:xt6wPmNrtR+3ae/RmIrv4wzv

Score

N/A

Malware Config

Signatures

Files

088e431500f13ad5f96af8079b2e6704440bef6810903ce7f760336e65d7cece
.exe windows x86

a34693e330390322626fbeaefa383438

Code Sign

4a:2b:b7:5d:24:7e:58:4f:bf:19:4f:9e:0c:a1:57:68
Certificate

Issuer

CN=222222 43353314141543252521253542344351143135531225435243421431212114553232242151452153545124212541541133341442541452542334344235152411245124433221441455215315155353512255443125334315423525124412232452335432351155533431234441522144254423455223242212551541542452155554555153222254335343423133535232352332252142544433343423112525254554143111535242331451122142325232523122324424323234241551222552351251234552252444133232315212512542511153151513345342542154412252311345231114534422315545515411535231452354241451 33333333

Not Before

23-11-2012 05:32

Not After

31-12-2039 23:59

Subject

CN=222222 43353314141543252521253542344351143135531225435243421431212114553232242151452153545124212541541133341442541452542334344235152411245124433221441455215315155353512255443125334315423525124412232452335432351155533431234441522144254423455223242212551541542452155554555153222254335343423133535232352332252142544433343423112525254554143111535242331451122142325232523122324424323234241551222552351251234552252444133232315212512542511153151513345342542154412252311345231114534422315545515411535231452354241451 33333333

Extended Key Usages

ExtKeyUsageCodeSigning

91:44:de:c9:29:59:ec:95:16:3f:d3:69:0e:e8:91:7e:91:d7:68:a6
Signer

Actual PE Digest

91:44:de:c9:29:59:ec:95:16:3f:d3:69:0e:e8:91:7e:91:d7:68:a6

Digest Algorithm

sha1

PE Digest Matches

true

Signature Validations

Trusted

false

Verification

Signing Certificate

CN=222222 43353314141543252521253542344351143135531225435243421431212114553232242151452153545124212541541133341442541452542334344235152411245124433221441455215315155353512255443125334315423525124412232452335432351155533431234441522144254423455223242212551541542452155554555153222254335343423133535232352332252142544433343423112525254554143111535242331451122142325232523122324424323234241551222552351251234552252444133232315212512542511153151513345342542154412252311345231114534422315545515411535231452354241451 33333333

17-11-2022 13:15
Valid: false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCommandLineW
GetTimeFormatW
GetDateFormatW
GetLocalTime
GetLocaleInfoW
HeapFree
FileTimeToSystemTime
FileTimeToLocalFileTime
GetDiskFreeSpaceExW
GetVersionExW
FormatMessageW
CreateEventW
ResetEvent
SetEvent
WaitForSingleObject
lstrcmpiA
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
LoadLibraryA
VirtualFree
VirtualAlloc
WriteFile
CreateProcessW
CreateFileW
GetFileSize
CreateFileMappingW
MapViewOfFile
ExpandEnvironmentStringsW
lstrcpynW
GetFileAttributesW
UnmapViewOfFile
CloseHandle
ReadFile
SetLastError
GetCurrentThreadId
GetCurrentProcess
RaiseException
InterlockedExchange
GetStartupInfoW
GetModuleHandleA
RemoveDirectoryW
LocalAlloc
GetComputerNameW
GetVolumeNameForVolumeMountPointW
FindFirstFileW
FindNextFileW
FindClose
lstrcmpW
MoveFileW
DeleteFileW
SetFileAttributesW
FlushInstructionCache
GlobalAlloc
GlobalLock
GlobalUnlock
EnterCriticalSection
LeaveCriticalSection
GetShortPathNameW
LoadLibraryExW
FindResourceW
LoadResource
SizeofResource
lstrlenA
GetWindowsDirectoryW
GetLastError
LoadLibraryW
GetProcAddress
FreeLibrary
HeapCreate
GetSystemInfo
GetModuleFileNameW
lstrcatW
HeapDestroy
lstrcmpiW
InterlockedDecrement
InterlockedIncrement
DeleteCriticalSection
InitializeCriticalSection
lstrcpyW
lstrlenW
MultiByteToWideChar
GetSystemTimeAsFileTime
GetProcessHeap
HeapAlloc
HeapReAlloc
GetSystemDirectoryW
GetCPInfo
ExitProcess

user32

InvalidateRect
EndPaint
GetClientRect
BeginPaint
IsChild
GetFocus
SetFocus
ShowWindow
GetParent
RegisterClassExW
wsprintfW
LoadCursorW
GetClassInfoExW
CreateWindowExW
SetWindowPos
SendMessageW
MapWindowPoints
SystemParametersInfoW
GetWindowRect
GetWindow
LoadStringW
GetDesktopWindow
AdjustWindowRectEx
GetSystemMetrics
LoadImageW
MessageBoxW
ExitWindowsEx
SetForegroundWindow
FindWindowW
SetCursor
SetWindowRgn
OffsetRect
EqualRect
IntersectRect
wvsprintfW
GetKeyState
IsWindow
CallWindowProcW
GetWindowLongW
SetWindowLongW
UnionRect
CharNextW
DestroyWindow
DefWindowProcW
ReleaseDC
GetDC
PtInRect
DestroyAcceleratorTable

gdi32

CreateRectRgnIndirect
CreateMetaFileW
SetWindowExtEx
CloseMetaFile
DeleteMetaFile
CreateDCW
LPtoDP
SaveDC
SetMapMode
SetWindowOrgEx
SetViewportOrgEx
DeleteDC
RestoreDC
GetDeviceCaps

msvcrt

realloc
_ftol
wcscmp
wcsstr
free
_wtoi
strtol
_wcsnicmp
_except_handler3
malloc
_purecall
wcschr
_controlfp
_onexit
__dllonexit
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__wgetmainargs
_wcmdln
exit
_cexit
_XcptFilter
_exit
_c_exit
_wtol
wcsncmp
__CxxFrameHandler

advapi32

FreeSid
SetFileSecurityW
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
CloseServiceHandle
RegDeleteKeyW
RegDeleteValueW
RegCloseKey
RegCreateKeyExW
RegOpenKeyExW
RegSetValueExW
RegQueryInfoKeyW
RegEnumValueW
RegEnumKeyExW
RegCreateKeyW
DeregisterEventSource
RegisterEventSourceW
RegQueryValueExW
OpenServiceW
OpenSCManagerW
QueryServiceConfigW
QueryServiceStatus
LsaClose
LsaOpenPolicy
LsaQueryInformationPolicy
ReportEventW
RegQueryValueExA
RegOpenKeyExA
RegOpenKeyA

ole32

CoTaskMemAlloc
CoTaskMemRealloc
CoCreateInstance
CoInitialize
CoUninitialize
OleRegEnumVerbs
OleRegGetUserType
CoRegisterClassObject
OleRegGetMiscStatus
CreateDataAdviseHolder
OleLoadFromStream
WriteClassStm
OleSaveToStream
CreateOleAdviseHolder
CoRevokeClassObject
CoTaskMemFree

shlwapi

SHDeleteValueW
SHGetValueW
StrCpyNW
PathGetArgsW
StrCmpIW
ChrCmpIW
StrToIntW
StrCmpNIW
PathFindFileNameW
PathRemoveFileSpecW
PathAppendW

Sections

.text
Size: 346KB - Virtual size: 345KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 432B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a34693e330390322626fbeaefa383438

Code Sign

4a:2b:b7:5d:24:7e:58:4f:bf:19:4f:9e:0c:a1:57:68Certificate

Extended Key Usages

91:44:de:c9:29:59:ec:95:16:3f:d3:69:0e:e8:91:7e:91:d7:68:a6Signer

Signature Validations

Verification

17-11-2022 13:15 Valid: false

Headers

File Characteristics

Imports

kernel32

user32

gdi32

msvcrt

advapi32

ole32

shlwapi

Sections

.text Size: 346KB - Virtual size: 345KB

.data Size: 6KB - Virtual size: 6KB

.rsrc Size: 512B - Virtual size: 432B

.reloc Size: 1KB - Virtual size: 1KB

4a:2b:b7:5d:24:7e:58:4f:bf:19:4f:9e:0c:a1:57:68
Certificate

91:44:de:c9:29:59:ec:95:16:3f:d3:69:0e:e8:91:7e:91:d7:68:a6
Signer

17-11-2022 13:15
Valid: false

.text
Size: 346KB - Virtual size: 345KB

.data
Size: 6KB - Virtual size: 6KB

.rsrc
Size: 512B - Virtual size: 432B

.reloc
Size: 1KB - Virtual size: 1KB