5d68b6338539ac3cfd3fd871b22847c4a221a9d830ca00d67bba6d7e065f025d

Sharing

Copy URL Twitter E-mail

General

Target

5d68b6338539ac3cfd3fd871b22847c4a221a9d830ca00d67bba6d7e065f025d
Size

325KB
MD5

ed75ebd5d91473d082dfaead8b69a2d2
SHA1

b2bd7534e0fb7fd5c5375d4291d42f3343a3f7d5
SHA256

5d68b6338539ac3cfd3fd871b22847c4a221a9d830ca00d67bba6d7e065f025d
SHA512

dda9fb444d34011b0ff6108a30d6bb055b6fc53dda74b5a2419eeaeb3d133d3a42d228fb61cce1dd560d70001757455bbe5193bbebc13246bd1778412c6b9907
SSDEEP

6144:1e3NlYQGajjevClrRM2k1Pt+LCJ8kOp4x1mMwO9eGGxMbaCw3ovUXF:83XtRjj8E+2kT+LBXpDMjefxOaCw3oGF

Score

N/A

Malware Config

Signatures

Files

5d68b6338539ac3cfd3fd871b22847c4a221a9d830ca00d67bba6d7e065f025d
.exe windows x86

1857747c043cb479846bd5be2b04d87f

Code Sign

51:31:82:28:1b:07:33:b8:4a:75:e4:e4:b9:cb:7e:f6
Certificate

Issuer

CN=99818423945557345441449878765547442456928866767918827368261976484851898342761913594992196975363836497319382637632569255628795451453624967647616715124687429

Not Before

23/01/2013, 18:13

Not After

31/12/2039, 23:59

Subject

CN=99818423945557345441449878765547442456928866767918827368261976484851898342761913594992196975363836497319382637632569255628795451453624967647616715124687429

Extended Key Usages

ExtKeyUsageCodeSigning

7c:ea:5e:a8:c7:70:ad:21:f6:95:69:65:44:c2:96:91:68:20:5e:fb
Signer

Actual PE Digest

7c:ea:5e:a8:c7:70:ad:21:f6:95:69:65:44:c2:96:91:68:20:5e:fb

Digest Algorithm

sha1

PE Digest Matches

true

Signature Validations

Trusted

false

Verification

Signing Certificate

CN=99818423945557345441449878765547442456928866767918827368261976484851898342761913594992196975363836497319382637632569255628795451453624967647616715124687429

01/12/2022, 14:34
Valid: false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAlloc
GetProcAddress
LoadLibraryExA

user32

PostQuitMessage
DefWindowProcA
LoadIconA
LoadCursorA
GetClientRect

gdi32

DeleteEnhMetaFile
CloseEnhMetaFile
LineTo
CreateEnhMetaFileA
Rectangle
MoveToEx
PlayEnhMetaFile

Sections

.text
Size: 315KB - Virtual size: 314KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata2
Size: 512B - Virtual size: 100B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1857747c043cb479846bd5be2b04d87f

Code Sign

51:31:82:28:1b:07:33:b8:4a:75:e4:e4:b9:cb:7e:f6Certificate

Extended Key Usages

7c:ea:5e:a8:c7:70:ad:21:f6:95:69:65:44:c2:96:91:68:20:5e:fbSigner

Signature Validations

Verification

01/12/2022, 14:34 Valid: false

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

Sections

.text Size: 315KB - Virtual size: 314KB

.data Size: 1KB - Virtual size: 1KB

.rdata2 Size: 512B - Virtual size: 100B

.rsrc Size: 2KB - Virtual size: 2KB

51:31:82:28:1b:07:33:b8:4a:75:e4:e4:b9:cb:7e:f6
Certificate

7c:ea:5e:a8:c7:70:ad:21:f6:95:69:65:44:c2:96:91:68:20:5e:fb
Signer

01/12/2022, 14:34
Valid: false

.text
Size: 315KB - Virtual size: 314KB

.data
Size: 1KB - Virtual size: 1KB

.rdata2
Size: 512B - Virtual size: 100B

.rsrc
Size: 2KB - Virtual size: 2KB