1e99e3ef6027ed7a0f49f67796042a0ff2b303c120bf8720901387d9a71542fe | Triage

Submit
Reports

Overview

overview

Static

static

1e99e3ef60...fe.exe

windows7-x64

1e99e3ef60...fe.exe

windows10-2004-x64

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

1e99e3ef6027ed7a0f49f67796042a0ff2b303c120bf8720901387d9a71542fe.exe

Resource

win7-20220812-en

formbook r16 rat spyware stealer trojan

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

1e99e3ef6027ed7a0f49f67796042a0ff2b303c120bf8720901387d9a71542fe.exe

Resource

win10v2004-20221111-en

formbook r16 rat spyware stealer trojan

windows10-2004-x64

6 signatures

150 seconds

General

Target

1e99e3ef6027ed7a0f49f67796042a0ff2b303c120bf8720901387d9a71542fe
Size

526KB
MD5

53b73e4b80ef2f787b81ef94a9e8a0a9
SHA1

59a4562f2eba9df1e56541fe4f0240e77a8f57ce
SHA256

1e99e3ef6027ed7a0f49f67796042a0ff2b303c120bf8720901387d9a71542fe
SHA512

6afb8a02eaf4f1d52ae63c0a766ad6c7799014aa78c2292ef965978410d6b211ef4abe69dfaa72d2d2d990d7162770996ea3f29540a92b3b29b73887bc9d3b1e
SSDEEP

12288:XCT/rgEZ+h8gzlj4kayHe5uvPBD0j1XFumjhUErq1/Uo2IOpgE/oRegM:g/rgZhflj4jy/vPij1XFu4iEm1/UvIOb

Score

N/A

Malware Config

Signatures

Files

1e99e3ef6027ed7a0f49f67796042a0ff2b303c120bf8720901387d9a71542fe
.exe windows x86

9f6213f0d176c502d651a14e9a51f926

Code Sign

01
Certificate

Issuer

CN=Emploa cards checker,O=Drafter cards,C=CE

Not Before

16-01-2019 08:54

Not After

15-01-2022 08:54

Subject

CN=Emploa cards checker,O=Drafter cards,C=CE

37:00:28:b9:ae:ba:04:c5:00:28:fd:8c:5a:e0:91:77:48:14:f0:72:49:ed:a2:05:c4:8d:af:12:d5:5c:9b:14
Signer

Actual PE Digest

37:00:28:b9:ae:ba:04:c5:00:28:fd:8c:5a:e0:91:77:48:14:f0:72:49:ed:a2:05:c4:8d:af:12:d5:5c:9b:14

Digest Algorithm

sha256

PE Digest Matches

true

Signature Validations

Trusted

false

Verification

Signing Certificate

CN=Emploa cards checker,O=Drafter cards,C=CE

28-11-2022 11:52
Valid: false

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

ord586
ord698
MethCallEngine
ord517
ord526
EVENT_SINK_AddRef
DllFunctionCall
ord671
EVENT_SINK_Release
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord609
ProcCallEngine
ord646
ord685
ord100
ord616
ord618
ord650

Sections

.text
Size: 504KB - Virtual size: 502KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

© 2018-2024

Terms | Privacy