3575521d5b351f587479066829cd799967824a443f8b04531f70edd7d1a2ffc2

Sharing

Copy URL Twitter E-mail

General

Target

3575521d5b351f587479066829cd799967824a443f8b04531f70edd7d1a2ffc2
Size

44KB
MD5

27111ccdea18185f6a3445bacb5aa9ef
SHA1

177ebf4e335b899287ed7b6e5dabc82ecac512c3
SHA256

3575521d5b351f587479066829cd799967824a443f8b04531f70edd7d1a2ffc2
SHA512

2918231ff012c647d956345fa9755767bfef9f65a5453182513c06e416cc9f9253098542aca3efe7c9e73dffa700fd22eb155eb60dfab90f25a3e441051d86cc
SSDEEP

768:KzbnHtvgXT30XpU6URhEVzMNd0gthJD0OphpKpSpnv4CkDZ:K3HJg4ZPCEEtD06vQ

Score

N/A

Malware Config

Signatures

Files

3575521d5b351f587479066829cd799967824a443f8b04531f70edd7d1a2ffc2
.exe windows x86

aba3d42531a2a732fc90b309c6cd5706

Code Sign

48:a8:43:d4:ca:72:fa:88:4a:e0:47:5b:2b:d2:d3:42
Certificate

Issuer

CN=rzvsqzsjsrmx4sl5pxp5zwk8mzotsrkwj6yntx59o4v5hlopyvrqx6rzoornilqoxk9rjyqjzphjuwv7yt49wy69h8t47j9qoinxjo4758iqnprsui7xyj8v8nivuxz7nrtp55nzv5o8sz6kokn9rzztsh6z7lh7um6o9q4k8suw5hx8i8vjykixiqz8sx6tl4v7x67szwz4rklhz74v6voh84yo8995hzliq88pyp9r55ruk46ywitxp7hsw5z969mlkizmt9w76ukvhvhijtswpw9yitllqwsomr6ywj9m7xyrhvu97tu87ojzon9wmj67rhvpvwy8xnhnzr8l8r449ri54isw6mr96zy6yzuink5qw979vs6oq5x4pxwqz7rjii55m5okmhri9pmlvwlw5u58lvimksmriri9qyjnuo4wk86ljwz979zl9lluotqtl6nhmpkktkurou75z8mwl5y7zt5wq6vtmq9zzi477v86tjxvr974i8jh9sy8qwylqwp74qul6qhpz7upv4558xuhtyi7onyxljkpmmio9jop8tlyhlviiq46xw497s54yi76yyl9nijp7ynv77t5t7zjiutyikozouxr6n8t9pn5oxzu6ottrot44qstpwyr5qn5muryh6qo4zwy7xnvz8mtp8tiprvkrljjkw87uoys7xlxr88tprpqx5n6vq444polix9hkkj5hpytn8uyhxpi9p6wrunz69wjjojs5vjhuh59ylvzr59yhwm7jpi9ljr7sojl9w74xojnnhpmlqih8v6s6rt8tq4vm47wsjpzu6sjjvyw5juom8895z9wjqsonlw6sw8yn76zwzlwy9xn4kom8tiwxqzlskrpwt6pzzt9xn96kqyn9rr8lns7mrzrwvzm977u69wltthhp7kku5s9pzjkmqjjqzjj8zvirxyk44z4tpvlwmmkkh9qu7lvpmnhry94i6qpxjp8v75q4jlpmtpqsr8h8yh4xp8wqlrwtnwlui5k88rsk4tnyijyxpssn66s7p4so6kqmsxqs6zroz94o77hyry5qp6m9qt6nn8pqjvxk5umixsk4wqnoyilqwx99y6plx77xp98lt75y8zlh5j6w9jnmnzxh5n8i7rhx ys5jrworq5kq ys5jrworq5kq

Not Before

03/12/2012, 15:08

Not After

31/12/2039, 23:59

Subject

CN=rzvsqzsjsrmx4sl5pxp5zwk8mzotsrkwj6yntx59o4v5hlopyvrqx6rzoornilqoxk9rjyqjzphjuwv7yt49wy69h8t47j9qoinxjo4758iqnprsui7xyj8v8nivuxz7nrtp55nzv5o8sz6kokn9rzztsh6z7lh7um6o9q4k8suw5hx8i8vjykixiqz8sx6tl4v7x67szwz4rklhz74v6voh84yo8995hzliq88pyp9r55ruk46ywitxp7hsw5z969mlkizmt9w76ukvhvhijtswpw9yitllqwsomr6ywj9m7xyrhvu97tu87ojzon9wmj67rhvpvwy8xnhnzr8l8r449ri54isw6mr96zy6yzuink5qw979vs6oq5x4pxwqz7rjii55m5okmhri9pmlvwlw5u58lvimksmriri9qyjnuo4wk86ljwz979zl9lluotqtl6nhmpkktkurou75z8mwl5y7zt5wq6vtmq9zzi477v86tjxvr974i8jh9sy8qwylqwp74qul6qhpz7upv4558xuhtyi7onyxljkpmmio9jop8tlyhlviiq46xw497s54yi76yyl9nijp7ynv77t5t7zjiutyikozouxr6n8t9pn5oxzu6ottrot44qstpwyr5qn5muryh6qo4zwy7xnvz8mtp8tiprvkrljjkw87uoys7xlxr88tprpqx5n6vq444polix9hkkj5hpytn8uyhxpi9p6wrunz69wjjojs5vjhuh59ylvzr59yhwm7jpi9ljr7sojl9w74xojnnhpmlqih8v6s6rt8tq4vm47wsjpzu6sjjvyw5juom8895z9wjqsonlw6sw8yn76zwzlwy9xn4kom8tiwxqzlskrpwt6pzzt9xn96kqyn9rr8lns7mrzrwvzm977u69wltthhp7kku5s9pzjkmqjjqzjj8zvirxyk44z4tpvlwmmkkh9qu7lvpmnhry94i6qpxjp8v75q4jlpmtpqsr8h8yh4xp8wqlrwtnwlui5k88rsk4tnyijyxpssn66s7p4so6kqmsxqs6zroz94o77hyry5qp6m9qt6nn8pqjvxk5umixsk4wqnoyilqwx99y6plx77xp98lt75y8zlh5j6w9jnmnzxh5n8i7rhx ys5jrworq5kq ys5jrworq5kq

Extended Key Usages

ExtKeyUsageCodeSigning

ab:9c:bf:2e:f5:79:e0:ee:ed:3b:71:b8:b3:35:0c:61:6c:e3:99:02
Signer

Actual PE Digest

ab:9c:bf:2e:f5:79:e0:ee:ed:3b:71:b8:b3:35:0c:61:6c:e3:99:02

Digest Algorithm

sha1

PE Digest Matches

true

Signature Validations

Trusted

false

Verification

Signing Certificate

CN=rzvsqzsjsrmx4sl5pxp5zwk8mzotsrkwj6yntx59o4v5hlopyvrqx6rzoornilqoxk9rjyqjzphjuwv7yt49wy69h8t47j9qoinxjo4758iqnprsui7xyj8v8nivuxz7nrtp55nzv5o8sz6kokn9rzztsh6z7lh7um6o9q4k8suw5hx8i8vjykixiqz8sx6tl4v7x67szwz4rklhz74v6voh84yo8995hzliq88pyp9r55ruk46ywitxp7hsw5z969mlkizmt9w76ukvhvhijtswpw9yitllqwsomr6ywj9m7xyrhvu97tu87ojzon9wmj67rhvpvwy8xnhnzr8l8r449ri54isw6mr96zy6yzuink5qw979vs6oq5x4pxwqz7rjii55m5okmhri9pmlvwlw5u58lvimksmriri9qyjnuo4wk86ljwz979zl9lluotqtl6nhmpkktkurou75z8mwl5y7zt5wq6vtmq9zzi477v86tjxvr974i8jh9sy8qwylqwp74qul6qhpz7upv4558xuhtyi7onyxljkpmmio9jop8tlyhlviiq46xw497s54yi76yyl9nijp7ynv77t5t7zjiutyikozouxr6n8t9pn5oxzu6ottrot44qstpwyr5qn5muryh6qo4zwy7xnvz8mtp8tiprvkrljjkw87uoys7xlxr88tprpqx5n6vq444polix9hkkj5hpytn8uyhxpi9p6wrunz69wjjojs5vjhuh59ylvzr59yhwm7jpi9ljr7sojl9w74xojnnhpmlqih8v6s6rt8tq4vm47wsjpzu6sjjvyw5juom8895z9wjqsonlw6sw8yn76zwzlwy9xn4kom8tiwxqzlskrpwt6pzzt9xn96kqyn9rr8lns7mrzrwvzm977u69wltthhp7kku5s9pzjkmqjjqzjj8zvirxyk44z4tpvlwmmkkh9qu7lvpmnhry94i6qpxjp8v75q4jlpmtpqsr8h8yh4xp8wqlrwtnwlui5k88rsk4tnyijyxpssn66s7p4so6kqmsxqs6zroz94o77hyry5qp6m9qt6nn8pqjvxk5umixsk4wqnoyilqwx99y6plx77xp98lt75y8zlh5j6w9jnmnzxh5n8i7rhx ys5jrworq5kq ys5jrworq5kq

24/11/2022, 14:54
Valid: false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetWindowsDirectoryW
ExitProcess
CreateFileW
ReadFile
VirtualAlloc
GetVersionExA
UnhandledExceptionFilter
CloseHandle
ReleaseMutex
GetFileAttributesA
GetLastError
FreeLibrary
GetProcAddress
LoadLibraryA
lstrlenW
WaitForSingleObject
CreateMutexA
GetModuleHandleA
GetStartupInfoA
SetErrorMode
GetCommandLineW
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
lstrcpynA
SetUnhandledExceptionFilter
lstrlenA
GetEnvironmentVariableA
GetModuleFileNameA
lstrcpyW
SetCurrentDirectoryW
GetFullPathNameW
HeapFree
HeapAlloc
GetProcessHeap
lstrcatW
GetSystemDirectoryW
GetFileAttributesW
GetSystemInfo
GetVersionExW
GetCurrentDirectoryW
lstrcmpW
FileTimeToSystemTime
FileTimeToLocalFileTime
GetFileAttributesExW
GetDateFormatW
CompareStringW
CompareFileTime
SystemTimeToFileTime
DeleteFileW
LocalFree
FormatMessageW
WriteFile
GetTimeFormatW
GetFileSize
SetEndOfFile
SetFilePointer
MulDiv
CreateThread
FlushFileBuffers
FindClose
FindNextFileW
GetShortPathNameW
FindFirstFileW

user32

GetWindowThreadProcessId
SetForegroundWindow
SendMessageTimeoutA
LoadStringA
MessageBoxA
SetFocus
CreateWindowExW
MoveWindow
GetClientRect
GetWindowRect
wsprintfW
GetDlgItem
EndDialog
DestroyWindow
SetWindowLongW
EndPaint
GetSysColor
GetParent
BeginPaint
GetWindowLongW
DefWindowProcW
RegisterClassW
LoadCursorW
LoadStringW
MessageBoxW
PostMessageW
ShowWindow
WinHelpW
ChildWindowFromPoint
ScreenToClient
DestroyIcon
DialogBoxParamW
LoadIconW
FindWindowW
CharUpperBuffW
CharLowerBuffW
IsDlgButtonChecked
GetDlgItemTextW
CheckRadioButton
InvalidateRect
SetDlgItemTextW
EnableWindow
SendMessageW
SetClassLongW
CheckDlgButton

gdi32

GetStockObject
SetTextAlign
SelectObject
SetTextColor
SetBkColor
GetTextExtentPoint32W
ExtTextOutW

msvcrt

memcpy
_vsnprintf
_XcptFilter
_exit
_cexit
wcsstr
_wcsnicmp
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
_c_exit
_wcsicmp
wcschr
_mbsrchr
_mbslen
__lconv_init
setlocale
_mbsinc
_strnicmp
_stricmp
strtoul
_ftol
strncpy
strchr
strrchr
_mbschr
isleadbyte
memmove
towlower
atoi
isspace
free
wcsncpy
strncmp

advapi32

RegOpenKeyExW
RegOpenKeyExA
RegCloseKey
RegQueryValueExA

shlwapi

SHGetValueA
StrCmpIW
SHSetValueA
StrStrIA
PathRemoveFileSpecA

Sections

.text
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 904B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

aba3d42531a2a732fc90b309c6cd5706

Code Sign

48:a8:43:d4:ca:72:fa:88:4a:e0:47:5b:2b:d2:d3:42Certificate

Extended Key Usages

ab:9c:bf:2e:f5:79:e0:ee:ed:3b:71:b8:b3:35:0c:61:6c:e3:99:02Signer

Signature Validations

Verification

24/11/2022, 14:54 Valid: false

Headers

File Characteristics

Imports

kernel32

user32

gdi32

msvcrt

advapi32

shlwapi

Sections

.text Size: 22KB - Virtual size: 21KB

.data Size: 5KB - Virtual size: 5KB

.rsrc Size: 7KB - Virtual size: 6KB

.reloc Size: 1024B - Virtual size: 904B

48:a8:43:d4:ca:72:fa:88:4a:e0:47:5b:2b:d2:d3:42
Certificate

ab:9c:bf:2e:f5:79:e0:ee:ed:3b:71:b8:b3:35:0c:61:6c:e3:99:02
Signer

24/11/2022, 14:54
Valid: false

.text
Size: 22KB - Virtual size: 21KB

.data
Size: 5KB - Virtual size: 5KB

.rsrc
Size: 7KB - Virtual size: 6KB

.reloc
Size: 1024B - Virtual size: 904B