d52ccc7622d7014895bf80e695a198c46766637c8a5fbe8c37fd3b61cb281a8e

Sharing

Copy URL

Twitter E-mail

General

Target

d52ccc7622d7014895bf80e695a198c46766637c8a5fbe8c37fd3b61cb281a8e
Size

454KB
MD5

9bbc69cd7ea58b96a48245c40d9e34c7
SHA1

1ecacc4eab6eb0eba56d25716ddb72abb04d5d21
SHA256

d52ccc7622d7014895bf80e695a198c46766637c8a5fbe8c37fd3b61cb281a8e
SHA512

62d50a5134170fdbc7bda42ce14b5bf5afbea512dfb6fcd3564ad24754c6ce708ee30baa76e13bf493a26ec795ccc9b61730503ddacf131e0737ce38bf440502
SSDEEP

6144:QsYXLfUky78BO4cBvkeep6lWVEG6YsMo9SDFxu+f6Eo3ulgm35qaX:B+Ls9hvwp6UVh/4903f7Cub5qaX

Score

N/A

Malware Config

Signatures

Files

d52ccc7622d7014895bf80e695a198c46766637c8a5fbe8c37fd3b61cb281a8e
.exe windows x86

b50d00de63a885d6a7d0fabea9f89b2e

Code Sign

38:0d:94:a9:92:24:66:b4:43:b0:8f:3c:24:1e:25:59
Certificate

Issuer

CN=qwepxWYyfj11Mqg8WGOeKXYmrIkvFxM8yfWKoInNRu9lvqDJaEpadDuRuQQTxagzSSresNHsApRpuhIs72WMVBzYIEPwLoO7ETzt9lS4XFE2vQaHSKNkoNQ8ZIHmKlkwOM9oXXcZdSTjwxXCgQclcBjyRGODZGYnV3OaCRmnbIRECizaBmfF7XniwfpRdErZefcgXKs6pQMG5zP51k1q4nQ8N4BScWJvBXMrYS4S5ZJninXQbStX8QYEeUuJYPkOAOZIQ13aZTJVRgENu9rZyUndXw1OH94Bps8qQsMeGmGSugWYXgIsID4XOH2LEcdkTy

Not Before

08-11-2012 17:35

Not After

31-12-2039 23:59

Subject

CN=qwepxWYyfj11Mqg8WGOeKXYmrIkvFxM8yfWKoInNRu9lvqDJaEpadDuRuQQTxagzSSresNHsApRpuhIs72WMVBzYIEPwLoO7ETzt9lS4XFE2vQaHSKNkoNQ8ZIHmKlkwOM9oXXcZdSTjwxXCgQclcBjyRGODZGYnV3OaCRmnbIRECizaBmfF7XniwfpRdErZefcgXKs6pQMG5zP51k1q4nQ8N4BScWJvBXMrYS4S5ZJninXQbStX8QYEeUuJYPkOAOZIQ13aZTJVRgENu9rZyUndXw1OH94Bps8qQsMeGmGSugWYXgIsID4XOH2LEcdkTy

Extended Key Usages

ExtKeyUsageCodeSigning

18:74:98:cb:1f:ff:3b:70:8b:98:1b:7f:58:8a:1f:63:0d:99:97:dc
Signer

Actual PE Digest

18:74:98:cb:1f:ff:3b:70:8b:98:1b:7f:58:8a:1f:63:0d:99:97:dc

Digest Algorithm

sha1

PE Digest Matches

true

Signature Validations

Trusted

false

Verification

Signing Certificate

CN=qwepxWYyfj11Mqg8WGOeKXYmrIkvFxM8yfWKoInNRu9lvqDJaEpadDuRuQQTxagzSSresNHsApRpuhIs72WMVBzYIEPwLoO7ETzt9lS4XFE2vQaHSKNkoNQ8ZIHmKlkwOM9oXXcZdSTjwxXCgQclcBjyRGODZGYnV3OaCRmnbIRECizaBmfF7XniwfpRdErZefcgXKs6pQMG5zP51k1q4nQ8N4BScWJvBXMrYS4S5ZJninXQbStX8QYEeUuJYPkOAOZIQ13aZTJVRgENu9rZyUndXw1OH94Bps8qQsMeGmGSugWYXgIsID4XOH2LEcdkTy

17-11-2022 13:17
Valid: false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LockResource
GetVersionExW
LoadLibraryW
GetProcAddress
FreeLibrary
InterlockedIncrement
lstrcmpW
lstrcpyW
MulDiv
SetLastError
GetCurrentThreadId
EnterCriticalSection
LeaveCriticalSection
GetCurrentProcess
FlushInstructionCache
FormatMessageW
LocalFree
InterlockedDecrement
lstrlenW
SetFilePointer
DebugBreak
LocalAlloc
GetVolumeInformationW
MapViewOfFileEx
CreateFileMappingW
GetPrivateProfileIntW
GetPrivateProfileStringW
SetEndOfFile
OutputDebugStringW
GetExitCodeThread
ResetEvent
GetVolumeNameForVolumeMountPointW
DeviceIoControl
WaitForMultipleObjects
PostQueuedCompletionStatus
ReadDirectoryChangesW
GetOverlappedResult
GetQueuedCompletionStatus
CreateIoCompletionPort
GetDiskFreeSpaceW
GetFileSizeEx
SetFilePointerEx
VirtualAlloc
VirtualFree
LoadLibraryA
HeapAlloc
GetProcessHeap
HeapFree
GetVersion
HeapDestroy
IsBadWritePtr
WinExec
GetTimeFormatW
GetDateFormatW
SystemTimeToTzSpecificLocalTime
FileTimeToSystemTime
GlobalSize
GetFileAttributesExW
SetFileAttributesW
RemoveDirectoryW
ReadFile
SetThreadExecutionState
GetUserDefaultLCID
IsBadReadPtr
GetThreadLocale
CreateThread
GetSystemTimeAsFileTime
GetCPInfo
CreateFileW
ExitProcess

gdi32

ExcludeClipRect
GetDIBits
GetObjectA
TextOutW
Polygon
CombineRgn
SetRectRgn
CreateRectRgnIndirect
GetClipBox
DPtoLP
GetLayout
CreateRectRgn
StretchBlt
SelectClipRgn
ExtTextOutW
Rectangle
SetViewportOrgEx
SetROP2
GetNearestColor
CreatePen
CreateDCW
GetCurrentObject
RestoreDC
LineTo
LPtoDP
SetWindowOrgEx
SetMapMode
SaveDC
MoveToEx
GetTextMetricsW
GetTextExtentPoint32W
CreateSolidBrush
GetStockObject
GetDeviceCaps
CreateDIBSection
CreateCompatibleBitmap
SetBrushOrgEx
CreateFontIndirectW
SetBkMode
CreateCompatibleDC
BitBlt
CreateBitmap
CreatePatternBrush
SelectObject
PatBlt
DeleteDC
DeleteObject
GetObjectW
SetBkColor
SetTextColor

msvcrt

_ftol
realloc
malloc
free
wcscmp
_purecall
memmove
wcsstr
_wcsicmp
_snwprintf
wcsrchr
_wfullpath
iswspace
_wtoi
ceil
wcscat
wcsncpy
_wfopen
fclose
fgetc
fread
ftell
fseek
isprint
strncpy
tolower
_vsnwprintf
iswctype
_wtol
isdigit
wcsncmp
_strnicmp
vswprintf
iswdigit
wcsncat
_wcsnicmp
swprintf
wcscpy
wcslen
_endthreadex
calloc
_beginthreadex
srand
time
qsort
wcschr
_wcsrev
sprintf
wcspbrk
rand
_stricmp
ctime
swscanf
_c_exit
_exit
__CxxFrameHandler
_XcptFilter
_cexit
exit
_controlfp
_onexit
__dllonexit
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln

advapi32

RegOpenKeyW

Sections

.text
Size: 444KB - Virtual size: 443KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 496B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 924B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b50d00de63a885d6a7d0fabea9f89b2e

Code Sign

38:0d:94:a9:92:24:66:b4:43:b0:8f:3c:24:1e:25:59Certificate

Extended Key Usages

18:74:98:cb:1f:ff:3b:70:8b:98:1b:7f:58:8a:1f:63:0d:99:97:dcSigner

Signature Validations

Verification

17-11-2022 13:17 Valid: false

Headers

File Characteristics

Imports

kernel32

gdi32

msvcrt

advapi32

Sections

.text Size: 444KB - Virtual size: 443KB

.data Size: 5KB - Virtual size: 5KB

.rsrc Size: 512B - Virtual size: 496B

.reloc Size: 1024B - Virtual size: 924B

38:0d:94:a9:92:24:66:b4:43:b0:8f:3c:24:1e:25:59
Certificate

18:74:98:cb:1f:ff:3b:70:8b:98:1b:7f:58:8a:1f:63:0d:99:97:dc
Signer

17-11-2022 13:17
Valid: false

.text
Size: 444KB - Virtual size: 443KB

.data
Size: 5KB - Virtual size: 5KB

.rsrc
Size: 512B - Virtual size: 496B

.reloc
Size: 1024B - Virtual size: 924B