303ef0a3edb981f14b06a165d9412507129c33279d580f19b3a5c13bb9959a58

Sharing

Copy URL Twitter E-mail

General

Target

303ef0a3edb981f14b06a165d9412507129c33279d580f19b3a5c13bb9959a58
Size

315KB
MD5

0d547a14012a7cdc68355a38503c943d
SHA1

acc1a31f447562dbdacec7d65e32ea04ac4bbda7
SHA256

303ef0a3edb981f14b06a165d9412507129c33279d580f19b3a5c13bb9959a58
SHA512

faadf91b0012bcea6fe62e2197ab6e316b6329b8bf59062faab7347d4e8ec0e1c0e628c8185f2e5605b6c9064fa54e6390806a769f108409a3f31d0021f56682
SSDEEP

6144:RD7cT4nzQPSqzXXfydn3nozW5TFYkI4uLZMGLv+xxxxxxxxxxxxxxxxngxxxxxxs:dwT4zQPRH6dn34y3IbnLGxxxxxxxxxx5

Score

N/A

Malware Config

Signatures

Files

303ef0a3edb981f14b06a165d9412507129c33279d580f19b3a5c13bb9959a58
.exe windows x86

d5c789d4e602030ee7b0f0ab6b74258f

Code Sign

01:64:9b:a0:74:6d:08:53:b3:3d:20:74:9e:05:b0:30
Certificate

Issuer

CN=CrZvMFNeGbO2FBAdLGSwKOYytbbzrF

Not Before

02/05/2012, 06:07

Not After

31/12/2039, 23:59

Subject

CN=CrZvMFNeGbO2FBAdLGSwKOYytbbzrF

Extended Key Usages

ExtKeyUsageCodeSigning

a2:4b:be:ae:f1:ab:e4:ca:10:a1:a9:d2:34:3c:38:ec:61:0c:69:ed
Signer

Actual PE Digest

a2:4b:be:ae:f1:ab:e4:ca:10:a1:a9:d2:34:3c:38:ec:61:0c:69:ed

Digest Algorithm

sha1

PE Digest Matches

false

Signature Validations

Trusted

false

Verification

Signing Certificate

CN=CrZvMFNeGbO2FBAdLGSwKOYytbbzrF

24/11/2022, 14:54
Valid: false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAllocEx
GetWindowsDirectoryW
lstrcatW
CreateFileW

user32

InvalidateRect
GetDC
ReleaseDC
BeginPaint
LoadCursorA
SetCursor
ShowCursor
EndPaint
PostQuitMessage
DefWindowProcA

gdi32

SetPixel
LineTo

advapi32

RegOpenKeyA

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.z2
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 996B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.z3
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ

.z
Size: 307KB - Virtual size: 307KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 968B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 168B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d5c789d4e602030ee7b0f0ab6b74258f

Code Sign

01:64:9b:a0:74:6d:08:53:b3:3d:20:74:9e:05:b0:30Certificate

Extended Key Usages

a2:4b:be:ae:f1:ab:e4:ca:10:a1:a9:d2:34:3c:38:ec:61:0c:69:edSigner

Signature Validations

Verification

24/11/2022, 14:54 Valid: false

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

Sections

.text Size: 2KB - Virtual size: 2KB

.z2 Size: 512B - Virtual size: 4B

.data Size: 1024B - Virtual size: 996B

.z3 Size: 512B - Virtual size: 4B

.z Size: 307KB - Virtual size: 307KB

.rsrc Size: 1024B - Virtual size: 968B

.reloc Size: 512B - Virtual size: 168B

01:64:9b:a0:74:6d:08:53:b3:3d:20:74:9e:05:b0:30
Certificate

a2:4b:be:ae:f1:ab:e4:ca:10:a1:a9:d2:34:3c:38:ec:61:0c:69:ed
Signer

24/11/2022, 14:54
Valid: false

.text
Size: 2KB - Virtual size: 2KB

.z2
Size: 512B - Virtual size: 4B

.data
Size: 1024B - Virtual size: 996B

.z3
Size: 512B - Virtual size: 4B

.z
Size: 307KB - Virtual size: 307KB

.rsrc
Size: 1024B - Virtual size: 968B

.reloc
Size: 512B - Virtual size: 168B