General

Malware Config

Signatures

Files

• 2497c8d6afda40002e0c177faa936b73c5ebf2c6e4f4bac482f67a7946e6218a

  .exe windows x86

  865328ec6e8c931f31b423bc1dffe934

  
  

  Code Sign

  39:39:a5:9b:f5:ee:04:b3:47:74:47:3c:47:bc:a7:eb

  Certificate

  Issuer

  CN=valuable В©inc.

  Not Before

  26-11-2022 10:26

  Not After

  26-11-2023 10:46

  Subject

  CN=valuable В©inc.

  Extended Key Usages

  ExtKeyUsageCodeSigning

  Key Usages

  KeyUsageDigitalSignature

  30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9

  Certificate

  Issuer

  CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

  Not Before

  02-05-2019 00:00

  Not After

  18-01-2038 23:59

  Subject

  CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

  Extended Key Usages

  ExtKeyUsageTimeStamping

  Key Usages

  KeyUsageDigitalSignature

  KeyUsageCertSign

  KeyUsageCRLSign

  90:39:7f:9a:d2:4a:3a:13:f2:bd:91:5f:08:38:a9:43

  Certificate

  Issuer

  CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

  Not Before

  11-05-2022 00:00

  Not After

  10-08-2033 23:59

  Subject

  CN=Sectigo RSA Time Stamping Signer #3,O=Sectigo Limited,ST=Manchester,C=GB

  Extended Key Usages

  ExtKeyUsageTimeStamping

  Key Usages

  KeyUsageDigitalSignature

  KeyUsageContentCommitment

  84:a5:ee:a5:f9:cf:b1:7c:52:9b:37:96:9c:9d:de:ba:55:37:15:a5:fd:36:d6:69:15:8c:f5:dd:97:c9:aa:e5

  Signer

  Actual PE Digest

  84:a5:ee:a5:f9:cf:b1:7c:52:9b:37:96:9c:9d:de:ba:55:37:15:a5:fd:36:d6:69:15:8c:f5:dd:97:c9:aa:e5

  Digest Algorithm

  sha256

  PE Digest Matches

  true

  Signature Validations

  Trusted

  false

  Verification

  Signing Certificate

  CN=valuable В©inc.

  24-11-2022 14:54

  Valid: false

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

  IMAGE_DLLCHARACTERISTICS_NX_COMPAT

  IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

  File Characteristics

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_32BIT_MACHINE

  Imports

  kernel32

  VirtualQuery

  HeapAlloc

  InterlockedIncrement

  GetCurrentProcess

  HeapFree

  GetProcessHeap

  WriteFile

  Sleep

  GetProcessHandleCount

  HeapCreate

  CreateFileW

  GetCurrentDirectoryW

  CloseHandle

  GetCurrentProcessId

  LCMapStringW

  LCMapStringA

  GetStartupInfoW

  TerminateProcess

  UnhandledExceptionFilter

  SetUnhandledExceptionFilter

  IsDebuggerPresent

  GetModuleHandleW

  GetProcAddress

  ExitProcess

  GetStdHandle

  GetModuleFileNameA

  GetModuleFileNameW

  FreeEnvironmentStringsW

  GetEnvironmentStringsW

  GetCommandLineW

  SetHandleCount

  GetFileType

  GetStartupInfoA

  DeleteCriticalSection

  TlsGetValue

  TlsAlloc

  TlsSetValue

  TlsFree

  SetLastError

  GetCurrentThreadId

  GetLastError

  InterlockedDecrement

  VirtualFree

  QueryPerformanceCounter

  GetTickCount

  GetSystemTimeAsFileTime

  LeaveCriticalSection

  EnterCriticalSection

  LoadLibraryA

  InitializeCriticalSectionAndSpinCount

  GetCPInfo

  GetACP

  GetOEMCP

  IsValidCodePage

  VirtualAlloc

  HeapReAlloc

  RtlUnwind

  HeapSize

  GetLocaleInfoA

  WideCharToMultiByte

  GetStringTypeA

  MultiByteToWideChar

  GetStringTypeW

  user32

  MessageBoxW

  ole32

  CoGetCurrentProcess

  CoInitialize

  Sections

  .text

  Size: 1.0MB - Virtual size: 1.0MB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 9KB - Virtual size: 8KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 3KB - Virtual size: 6KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 16KB - Virtual size: 15KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .reloc

  Size: 7KB - Virtual size: 7KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_DISCARDABLE

  IMAGE_SCN_MEM_READ