SecuriteInfo[.]com[.]FileRepMalware[.]3448[.]20129[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

SecuriteInfo.com.FileRepMalware.3448.20129.exe
Size

496KB
MD5

e17346c3b108758d0f48edea05141f5c
SHA1

b3f0fa611677173542200fd0a224b7c2e3044334
SHA256

b7e92d265fdd0270af89a0fa97f59a8e41bc318ef4800ec263e42ca60a79b8b9
SHA512

8f35d50cb3ae6b82621de6265316e3d071193bb94176170ba240161eb6e8e5c06f240d6359da9b3fda8000101f33a3faf3aa05d985bf51dde82be2d79fa32779
SSDEEP

12288:Ng934fhIU1ZR0UR0UR0UR0UR0UR01R03R0UR0UR0MeR05R0X:69OVVVVVEKVVZGMs

Score

N/A

Malware Config

Signatures

Files

SecuriteInfo.com.FileRepMalware.3448.20129.exe
.exe windows x64

Code Sign

0a:19:e8:5f:85:39:32:8a:70:be:16:77:31:0f:39:fd
Certificate

Issuer

CN=COMODO RSA Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

22-02-2018 00:00

Not After

22-02-2019 23:59

Subject

CN=Capricorn Identity Services Pvt. Ltd.,O=Capricorn Identity Services Pvt. Ltd.,POSTALCODE=110092,STREET=Laxmi Nagar District Center\,+STREET=G-5\, Vikas Deep Building\, Plot-18\,,L=Delhi,C=IN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

2e:7c:87:cc:0e:93:4a:52:fe:94:fd:1c:b7:cd:34:af
Certificate

Issuer

CN=COMODO RSA Certification Authority,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

09-05-2013 00:00

Not After

08-05-2028 23:59

Subject

CN=COMODO RSA Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

16:88:f0:39:25:5e:63:8e:69:14:39:07:e6:33:0b
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

31-12-2015 00:00

Not After

09-07-2019 18:40

Subject

CN=COMODO SHA-1 Time Stamping Signer,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

93:4d:3d:ac:ba:4c:0a:00:96:31:75:4f:ce:4c:a0:5f:18:a0:95:a4:f0:cf:84:de:47:b6:03:b3:72:c4:31:61
Signer

Actual PE Digest

93:4d:3d:ac:ba:4c:0a:00:96:31:75:4f:ce:4c:a0:5f:18:a0:95:a4:f0:cf:84:de:47:b6:03:b3:72:c4:31:61

Digest Algorithm

sha256

PE Digest Matches

true

Signature Validations

Trusted

true

Verification

Signing Certificate

CN=Capricorn Identity Services Pvt. Ltd.,O=Capricorn Identity Services Pvt. Ltd.,POSTALCODE=110092,STREET=Laxmi Nagar District Center\,+STREET=G-5\, Vikas Deep Building\, Plot-18\,,L=Delhi,C=IN

04-07-2018 12:19
Valid: true

Chain 1

CN=Capricorn Identity Services Pvt. Ltd.,O=Capricorn Identity Services Pvt. Ltd.,POSTALCODE=110092,STREET=Laxmi Nagar District Center\,+STREET=G-5\, Vikas Deep Building\, Plot-18\,,L=Delhi,C=IN

CN=COMODO RSA Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

CN=COMODO RSA Certification Authority,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

*4Fx%8P
Size: 128KB - Virtual size: 128KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 337KB - Virtual size: 337KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Code Sign

0a:19:e8:5f:85:39:32:8a:70:be:16:77:31:0f:39:fdCertificate

Extended Key Usages

Key Usages

2e:7c:87:cc:0e:93:4a:52:fe:94:fd:1c:b7:cd:34:afCertificate

Extended Key Usages

Key Usages

16:88:f0:39:25:5e:63:8e:69:14:39:07:e6:33:0bCertificate

Extended Key Usages

Key Usages

93:4d:3d:ac:ba:4c:0a:00:96:31:75:4f:ce:4c:a0:5f:18:a0:95:a4:f0:cf:84:de:47:b6:03:b3:72:c4:31:61Signer

Signature Validations

Verification

04-07-2018 12:19 Valid: true

Chain 1

Headers

DLL Characteristics

File Characteristics

Sections

*4Fx%8P Size: 128KB - Virtual size: 128KB

.text Size: 337KB - Virtual size: 337KB

.rsrc Size: 24KB - Virtual size: 23KB

0a:19:e8:5f:85:39:32:8a:70:be:16:77:31:0f:39:fd
Certificate

2e:7c:87:cc:0e:93:4a:52:fe:94:fd:1c:b7:cd:34:af
Certificate

16:88:f0:39:25:5e:63:8e:69:14:39:07:e6:33:0b
Certificate

93:4d:3d:ac:ba:4c:0a:00:96:31:75:4f:ce:4c:a0:5f:18:a0:95:a4:f0:cf:84:de:47:b6:03:b3:72:c4:31:61
Signer

04-07-2018 12:19
Valid: true

*4Fx%8P
Size: 128KB - Virtual size: 128KB

.text
Size: 337KB - Virtual size: 337KB

.rsrc
Size: 24KB - Virtual size: 23KB