46d55c0f9b4a86890ce08b736be10a8e79bccd552b7e8c3ba8ea7da17dccfb29

Sharing

Copy URL

Twitter E-mail

General

Target

46d55c0f9b4a86890ce08b736be10a8e79bccd552b7e8c3ba8ea7da17dccfb29
Size

158KB
MD5

34926506fefc6f5ebace4672d93af6ba
SHA1

4afaa8fe82b71906acf06cb2d7e52de160df2e85
SHA256

46d55c0f9b4a86890ce08b736be10a8e79bccd552b7e8c3ba8ea7da17dccfb29
SHA512

cd600ea51963756703a7c438c0d8c2d4adc06d5dd5d4521baea6335f8e8c5ca9c1b6f66d6c7ae0d24d7d9c841588944fadf23375555368422f50adf6527baac5
SSDEEP

3072:FZefcXfiFuibp8/6im+9eJAtp2Ll7JvAGk2ck:FZeEXfiLpAmAtpWMzk

Score

N/A

Malware Config

Signatures

Files

46d55c0f9b4a86890ce08b736be10a8e79bccd552b7e8c3ba8ea7da17dccfb29
.exe windows x86

7d81fc86fc0c2dc73376c17f5300a5dc

Code Sign

07:3e:67:ed:3a:f3:73:aa:48:cb:03:d6:e2:8d:c7:5f
Certificate

Issuer

CN=89756921684192352516791714489496594428982643764623228624341458968333424858821947431637249651675559255788234643837523128782722816276564479451987121518563449

Not Before

21-01-2013 04:10

Not After

31-12-2039 23:59

Subject

CN=89756921684192352516791714489496594428982643764623228624341458968333424858821947431637249651675559255788234643837523128782722816276564479451987121518563449

Extended Key Usages

ExtKeyUsageCodeSigning

25:76:70:c5:81:bf:84:57:a5:7d:05:d2:ae:a5:e8:39:e7:37:ec:5b
Signer

Actual PE Digest

25:76:70:c5:81:bf:84:57:a5:7d:05:d2:ae:a5:e8:39:e7:37:ec:5b

Digest Algorithm

sha1

PE Digest Matches

true

Signature Validations

Trusted

false

Verification

Signing Certificate

CN=89756921684192352516791714489496594428982643764623228624341458968333424858821947431637249651675559255788234643837523128782722816276564479451987121518563449

17-11-2022 13:18
Valid: false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ReadFile
GetCommandLineA
ExitProcess
VirtualAllocEx
SetUnhandledExceptionFilter
GetCommandLineW
GetModuleHandleW
WideCharToMultiByte
VirtualAlloc
VirtualFree
GetTempFileNameA
GetWindowsDirectoryA
FileTimeToSystemTime
ExpandEnvironmentStringsA
SearchPathA
GetTempPathA
GetFileAttributesA
CopyFileA
CreateFileA
DeleteFileA
CompareFileTime
CompareStringA
GetLocaleInfoW
FormatMessageA
GetSystemTime
IsBadStringPtrA
IsBadStringPtrW
IsBadWritePtr
ResumeThread
TerminateThread
WaitForMultipleObjects
GetSystemDefaultLCID
lstrcpyW
SetLastError
FlushInstructionCache
lstrcmpiA
lstrcmpA
SetFilePointer
MoveFileExW
SetErrorMode
CreateFileMappingA
CreateMutexA
DuplicateHandle
CreateProcessW
ReleaseMutex
GlobalLock
GlobalUnlock
VirtualQuery
GetSystemInfo
GetVersion
VirtualProtect
FindClose
MoveFileW
LocalAlloc
IsDBCSLeadByteEx
GlobalAlloc
SetThreadLocale
CreateFileMappingW
OpenFileMappingW
MapViewOfFile
UnmapViewOfFile
LocalFree
OpenEventW
SetEvent
ResetEvent
DeleteFileW
CompareStringW
WriteFile
lstrcpynW
lstrcmpW
lstrlenW
lstrcmpiW
CreateFileW
GetLastError
GetFileSize
MultiByteToWideChar
LoadLibraryW
GetProcAddress
FreeLibrary
GetTickCount
lstrlenA
LeaveCriticalSection
EnterCriticalSection
GetCurrentThreadId
Sleep
CreateEventW
CreateThread
InterlockedDecrement
InterlockedIncrement
WaitForSingleObject
CloseHandle
DeleteCriticalSection
InitializeCriticalSection
GetCurrentThread
FindResourceA
InterlockedExchange
GetACP
GetLocaleInfoA
GetThreadLocale
RaiseException
GetVersionExW

user32

LoadIconA
LoadCursorA
RegisterClassExA
CreateWindowExA
ShowWindow
UpdateWindow
GetMessageA
TranslateMessage
DispatchMessageA
GetClientRect
PostQuitMessage
DefWindowProcA
LoadCursorW
SetCursor
DialogBoxParamW
GetForegroundWindow
SetForegroundWindow
EndDialog
GetWindowTextW
SetWindowTextW
SetFocus
SetTimer
GetDlgItem
SendMessageW
GetWindowRect
MapDialogRect
PostMessageW
KillTimer
MessageBoxA
MessageBoxW
CharLowerW

gdi32

GetStockObject
CreateEnhMetaFileA
Rectangle
MoveToEx
LineTo
CloseEnhMetaFile
PlayEnhMetaFile
DeleteEnhMetaFile

advapi32

RegOpenKeyExA
RegQueryValueExW
RegOpenKeyExW
RegCloseKey
RegSetValueExW
RegEnumValueW
RegDeleteKeyW
GetUserNameW
RegDeleteValueW

ole32

CoUninitialize
CoInitializeEx
CoCreateInstance

Sections

.text
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 121KB - Virtual size: 121KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 732B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7d81fc86fc0c2dc73376c17f5300a5dc

Code Sign

07:3e:67:ed:3a:f3:73:aa:48:cb:03:d6:e2:8d:c7:5fCertificate

Extended Key Usages

25:76:70:c5:81:bf:84:57:a5:7d:05:d2:ae:a5:e8:39:e7:37:ec:5bSigner

Signature Validations

Verification

17-11-2022 13:18 Valid: false

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

ole32

Sections

.text Size: 15KB - Virtual size: 15KB

.rdata Size: 121KB - Virtual size: 121KB

.data Size: 14KB - Virtual size: 13KB

.reloc Size: 1024B - Virtual size: 732B

07:3e:67:ed:3a:f3:73:aa:48:cb:03:d6:e2:8d:c7:5f
Certificate

25:76:70:c5:81:bf:84:57:a5:7d:05:d2:ae:a5:e8:39:e7:37:ec:5b
Signer

17-11-2022 13:18
Valid: false

.text
Size: 15KB - Virtual size: 15KB

.rdata
Size: 121KB - Virtual size: 121KB

.data
Size: 14KB - Virtual size: 13KB

.reloc
Size: 1024B - Virtual size: 732B