General

Malware Config

Signatures

Files

• 3c57128b3c73bd6dc84d63f9322b4639857387a57ab156ed807524af2703eebb

  .exe windows x86

  
  

  Code Sign

  32:25:fb:5a:95:d0:75:82:45:45:99:be:4e:85:fb:b1

  Certificate

  Issuer

  CN=VeriSign Class 3 Code Signing 2009 CA

  Not Before

  17-10-2009 16:00

  Not After

  18-10-2012 16:00

  Subject

  CN=Games Software Helper Tools

  23:35:a9:ef:3a:6f:3d:64:b1:cf:8d:1f:62:ad:bd:a0

  Certificate

  Issuer

  CN=VeriSign Class 3 Code Signing 2009 CA

  Not Before

  30-09-1999 16:00

  Not After

  16-07-2036 16:00

  Subject

  CN=VeriSign Class 3 Code Signing 2009 CA

  1f:c8:63:0a:ca:74:d4:e2:24:29:7d:72:67:c1:23:93:08:a8:ad:83

  Signer

  Actual PE Digest

  1f:c8:63:0a:ca:74:d4:e2:24:29:7d:72:67:c1:23:93:08:a8:ad:83

  Digest Algorithm

  sha1

  PE Digest Matches

  true

  Signature Validations

  Trusted

  false

  Verification

  Signing Certificate

  CN=Games Software Helper Tools

  17-11-2022 13:13

  Valid: false

  Headers

  File Characteristics

  IMAGE_FILE_RELOCS_STRIPPED

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_LINE_NUMS_STRIPPED

  IMAGE_FILE_LOCAL_SYMS_STRIPPED

  IMAGE_FILE_32BIT_MACHINE

  Sections

  UPX0

  Size: - Virtual size: 208KB

  IMAGE_SCN_CNT_UNINITIALIZED_DATA

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  UPX1

  Size: 125KB - Virtual size: 128KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 4KB - Virtual size: 8KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE