Static task
static1
Behavioral task
behavioral1
Sample
1e99e3ef6027ed7a0f49f67796042a0ff2b303c120bf8720901387d9a71542fe.exe
Resource
win7-20220812-en
General
-
Target
1e99e3ef6027ed7a0f49f67796042a0ff2b303c120bf8720901387d9a71542fe
-
Size
526KB
-
MD5
53b73e4b80ef2f787b81ef94a9e8a0a9
-
SHA1
59a4562f2eba9df1e56541fe4f0240e77a8f57ce
-
SHA256
1e99e3ef6027ed7a0f49f67796042a0ff2b303c120bf8720901387d9a71542fe
-
SHA512
6afb8a02eaf4f1d52ae63c0a766ad6c7799014aa78c2292ef965978410d6b211ef4abe69dfaa72d2d2d990d7162770996ea3f29540a92b3b29b73887bc9d3b1e
-
SSDEEP
12288:XCT/rgEZ+h8gzlj4kayHe5uvPBD0j1XFumjhUErq1/Uo2IOpgE/oRegM:g/rgZhflj4jy/vPij1XFu4iEm1/UvIOb
Malware Config
Signatures
Files
-
1e99e3ef6027ed7a0f49f67796042a0ff2b303c120bf8720901387d9a71542fe.exe windows x86
9f6213f0d176c502d651a14e9a51f926
Code Sign
01Certificate
IssuerCN=Emploa cards checker,O=Drafter cards,C=CENot Before16-01-2019 08:54Not After15-01-2022 08:54SubjectCN=Emploa cards checker,O=Drafter cards,C=CE37:00:28:b9:ae:ba:04:c5:00:28:fd:8c:5a:e0:91:77:48:14:f0:72:49:ed:a2:05:c4:8d:af:12:d5:5c:9b:14Signer
Actual PE Digest37:00:28:b9:ae:ba:04:c5:00:28:fd:8c:5a:e0:91:77:48:14:f0:72:49:ed:a2:05:c4:8d:af:12:d5:5c:9b:14Digest Algorithmsha256PE Digest MatchestrueSignature Validations
TrustedfalseVerification
Signing CertificateCN=Emploa cards checker,O=Drafter cards,C=CE28-11-2022 11:52 Valid: false
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
msvbvm60
ord586
ord698
MethCallEngine
ord517
ord526
EVENT_SINK_AddRef
DllFunctionCall
ord671
EVENT_SINK_Release
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord609
ProcCallEngine
ord646
ord685
ord100
ord616
ord618
ord650
Sections
.text Size: 504KB - Virtual size: 502KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 16KB - Virtual size: 14KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ