89e49bcfff7b4fa7e283965356e99aa31c6e4d3624632cf26584a1d9e302314c

Sharing

Copy URL

Twitter E-mail

General

Target

89e49bcfff7b4fa7e283965356e99aa31c6e4d3624632cf26584a1d9e302314c
Size

53KB
MD5

30389a009602076491134ae8080311a7
SHA1

836d30144be56b6e5d06e4d079cfe660ce7b96c8
SHA256

89e49bcfff7b4fa7e283965356e99aa31c6e4d3624632cf26584a1d9e302314c
SHA512

c723c33d2d835b159b7285e611f69947ed46d6d6796380df8bf67c39f155e12c9098a168790674bf10f5cee12644b45496b39e80d0c6fd88cd9e4c82b697a6ba
SSDEEP

768:cSPAZN1mYr2j0pVo4z9Ge2bT20jpyKDxgssO+wcSDPnGMEa:cSoZNh2j0pld2bT2s0KDxOGDvlE

Score

N/A

Malware Config

Signatures

Files

89e49bcfff7b4fa7e283965356e99aa31c6e4d3624632cf26584a1d9e302314c
.dll windows x86

aed144a91278b2cf065ff10733cd03e2

Code Sign

51:23:09:d5:d0:a2:b9:8c:42:fb:c1:82:e7:8e:4e:92
Certificate

Issuer

CN=w466666345uy inc

Not Before

28/01/2012, 07:40

Not After

31/12/2039, 23:59

Subject

CN=w466666345uy inc

Extended Key Usages

ExtKeyUsageCodeSigning

a7:d7:ca:55:67:cf:fd:f5:aa:dc:33:29:ce:1a:b5:31:d9:f8:03:b9
Signer

Actual PE Digest

a7:d7:ca:55:67:cf:fd:f5:aa:dc:33:29:ce:1a:b5:31:d9:f8:03:b9

Digest Algorithm

sha1

PE Digest Matches

true

Signature Validations

Trusted

false

Verification

Signing Certificate

CN=w466666345uy inc

28/11/2022, 11:52
Valid: false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetWindowsDirectoryW
LoadLibraryA
GetProcessHeap
GetProcAddress
GetSystemInfo
AddConsoleAliasA
BackupRead
BuildCommDCBAndTimeoutsW
CreateDirectoryA
CreateEventW
CreateJobObjectA
CreateRemoteThread
CreateWaitableTimerW
DebugBreak
DeleteTimerQueue
DeleteTimerQueueTimer
DosDateTimeToFileTime
EnumResourceLanguagesA
EnumResourceNamesA
EnumSystemCodePagesW
EnumTimeFormatsA
EnumTimeFormatsW
ExitProcess
ExitThread
FatalAppExitA
FileTimeToSystemTime
FindFirstFileW
FindFirstVolumeMountPointA
FindNextFileA
FindNextVolumeMountPointW
FindNextVolumeW
FlushViewOfFile
FoldStringW
GetCalendarInfoA
GetComputerNameW
GetConsoleAliasExesA
GetConsoleAliasExesLengthA
GetDiskFreeSpaceExW
GetDiskFreeSpaceW
GetEnvironmentStringsW
GetExitCodeProcess
GetFileAttributesExW
GetNumberOfConsoleInputEvents
GetPrivateProfileIntW
GetPrivateProfileSectionNamesA
GetProfileIntA
GetQueuedCompletionStatus
GetShortPathNameW
GetThreadSelectorEntry
lstrcatW
GetVolumeInformationW
GlobalFix
GlobalUnlock
HeapFree
InterlockedCompareExchange
IsBadStringPtrW
IsValidLanguageGroup
LCMapStringA
LocalFlags
LocalSize
MoveFileA
MoveFileW
OpenJobObjectA
Process32Next
ProcessIdToSessionId
QueryInformationJobObject
ReadConsoleInputW
ReadConsoleOutputAttribute
ReadFile
ReplaceFile
SetCalendarInfoA
SetCommBreak
SetCommState
SetConsoleCursor
SetEvent
SetMailslotInfo
SetProcessAffinityMask
SetVolumeLabelA
SetVolumeLabelW
SuspendThread
TerminateJobObject
TerminateThread
TransactNamedPipe
TryEnterCriticalSection
UnlockFileEx
VerSetConditionMask
VirtualFreeEx
WaitForMultipleObjectsEx
WaitForSingleObject
WaitNamedPipeA
WriteConsoleW
WriteProcessMemory
_hwrite
_llseek
_lwrite
lstrcat
lstrcatA
lstrcmpi
GetVersion
CreateFileW

user32

DlgDirSelectComboBoxExW
DrawTextW
EndDialog
EnumDisplaySettingsA
EnumWindowStationsA
MapVirtualKeyExA
SetWindowPlacement
SwapMouseButton
DdeInitializeW
CallWindowProcA

advapi32

RegOpenKeyExW

ole32

CoCreateInstance
CoCreateObjectInContext
CoFreeUnusedLibraries
CoGetPSClsid
CoGetStdMarshalEx
CoGetTreatAsClass
CoMarshalHresult
CoQueryClientBlanket
CoQueryReleaseObject
CoWaitForMultipleHandles
CreateDataAdviseHolder
CreateFileMoniker
DcomChannelSetHResult
DllGetClassObjectWOW
GetClassFile
GetHGlobalFromStream
GetRunningObjectTable
HACCEL_UserUnmarshal
HBRUSH_UserSize
HBRUSH_UserUnmarshal
HGLOBAL_UserMarshal
HGLOBAL_UserSize
HMENU_UserUnmarshal
HMETAFILE_UserFree
HMETAFILE_UserUnmarshal
CLIPFORMAT_UserMarshal
HWND_UserFree
HWND_UserSize
IIDFromString
IsAccelerator
MonikerCommonPrefixWith
OleConvertIStorageToOLESTREAMEx
OleConvertOLESTREAMToIStorage
OleCreateDefaultHandler
OleCreateEx
OleCreateLinkToFileEx
OleDraw
OleFlushClipboard
OleGetAutoConvert
OleGetIconOfClass
OleInitializeWOW
OleLoad
OleLoadFromStream
OleLockRunning
OleRegEnumFormatEtc
OleRegGetMiscStatus
OleSetClipboard
OleTranslateAccelerator
ProgIDFromCLSID
PropVariantCopy
ReadClassStg
STGMEDIUM_UserFree
STGMEDIUM_UserUnmarshal
StgOpenPropStg
StgOpenStorage
StgPropertyLengthAsVariant
StringFromIID
UtConvertDvtd32toDvtd16
WriteClassStm
WriteFmtUserTypeStg
CLIPFORMAT_UserFree
HPALETTE_UserFree

msvcrt

memset

Sections

.text
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 452B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text2
Size: 1024B - Virtual size: 712B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text2
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

aed144a91278b2cf065ff10733cd03e2

Code Sign

51:23:09:d5:d0:a2:b9:8c:42:fb:c1:82:e7:8e:4e:92Certificate

Extended Key Usages

a7:d7:ca:55:67:cf:fd:f5:aa:dc:33:29:ce:1a:b5:31:d9:f8:03:b9Signer

Signature Validations

Verification

28/11/2022, 11:52 Valid: false

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ole32

msvcrt

Sections

.text Size: 8KB - Virtual size: 8KB

.data Size: 512B - Virtual size: 452B

.text2 Size: 1024B - Virtual size: 712B

.text2 Size: 21KB - Virtual size: 20KB

.rsrc Size: 18KB - Virtual size: 18KB

.reloc Size: 1KB - Virtual size: 1KB

51:23:09:d5:d0:a2:b9:8c:42:fb:c1:82:e7:8e:4e:92
Certificate

a7:d7:ca:55:67:cf:fd:f5:aa:dc:33:29:ce:1a:b5:31:d9:f8:03:b9
Signer

28/11/2022, 11:52
Valid: false

.text
Size: 8KB - Virtual size: 8KB

.data
Size: 512B - Virtual size: 452B

.text2
Size: 1024B - Virtual size: 712B

.text2
Size: 21KB - Virtual size: 20KB

.rsrc
Size: 18KB - Virtual size: 18KB

.reloc
Size: 1KB - Virtual size: 1KB