General

Malware Config

Signatures

Files

• 36b8ffd1ce553c07824f1cfd0597d7c2c483396fc9872910c684b68462c846c8

  .exe windows x86

  f34d5f2d4577ed6d9ceec516c1f5a744

  
  

  Code Sign

  29:b9:79:80:af:91:6f:ab:41:36:5f:d6:c3:fe:6c:be

  Certificate

  Issuer

  CN=NIKOLAS\\Anon

  Not Before

  02-05-2014 04:42

  Not After

  02-05-2015 10:42

  Subject

  CN=NIKOLAS\\Anon

  21:ee:24:cc:11:ed:53:3a:8e:98:a4:4d:35:5e:d7:8f:7c:ff:01:82

  Signer

  Actual PE Digest

  21:ee:24:cc:11:ed:53:3a:8e:98:a4:4d:35:5e:d7:8f:7c:ff:01:82

  Digest Algorithm

  sha1

  PE Digest Matches

  true

  Signature Validations

  Trusted

  false

  Verification

  Signing Certificate

  CN=NIKOLAS\\Anon

  17-11-2022 13:15

  Valid: false

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

  IMAGE_DLLCHARACTERISTICS_NX_COMPAT

  IMAGE_DLLCHARACTERISTICS_NO_SEH

  IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

  File Characteristics

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_32BIT_MACHINE

  Imports

  mscoree

  _CorExeMain

  Sections

  .text

  Size: 390KB - Virtual size: 389KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rsrc

  Size: 2KB - Virtual size: 2KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .reloc

  Size: 512B - Virtual size: 12B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_DISCARDABLE

  IMAGE_SCN_MEM_READ