6edb2b15e9cdfc260b36b1c2a265e0cc28692b8742ef83884fef18b9322a5ad5

Sharing

Copy URL

Twitter E-mail

General

Target

6edb2b15e9cdfc260b36b1c2a265e0cc28692b8742ef83884fef18b9322a5ad5
Size

279KB
MD5

0c34bbc566fcd793c1cebba8aa559fa5
SHA1

39df8d92beb7ba5c0f2193abce8b42ffec011833
SHA256

6edb2b15e9cdfc260b36b1c2a265e0cc28692b8742ef83884fef18b9322a5ad5
SHA512

a794a394148a3b166b77fdb74e3332618e64419eddf0f262bfea343d5bea62bbd48a4d629bfe3b63652c6406feab32807b45ee4d2a1128257ab5df9c2a04523d
SSDEEP

6144:WjS8wYB9elMnZmYz6Rtliv5e7yTMKSK+27Rq7c+hYz:q1yRtgv5e7Z/K+2d+hE

Score

N/A

Malware Config

Signatures

Files

6edb2b15e9cdfc260b36b1c2a265e0cc28692b8742ef83884fef18b9322a5ad5
.exe windows x86

58404305f69b721d3a3ae712ac9e2799

Code Sign

2d:99:90:90:a6:e5:ca:65:bc:fa:59:1d:b2:89:8e:7c
Certificate

Issuer

CN=bbbbbbbbbbbbbbbbbbbbbbbbbbbbbb vz1r4nmH86jpHcrKCAHmyhxdDJ7rhGbi8hF1lnh2sgHM43JqzbH3lrjJFx9vnjMGe4BDHq5v5qrB6qqA74 q1e67gI5yADqdfF3zAeHgLHFntpD8dbD7pJsGeajtibfCbhA3vaEjEB849no4zn7lFj4hgIs15dfLgdHsJrMo2jvxDEqa yLiFbjjzLoHxG 9zuBF6f1fs Bdpmkyli3mvr66xGiG4hablooyufspvhyhp9C64cy8fFhlfzwzmv9cmf3qvIL7D26Kkd4bjhHlEM29tj9rdagIv1FHsGyHvprnHbGpqDclIaqFns6veJrB2ywlkhBEjcJw4dukm4wyeL6w2FhsEddCmmaLv8mnG FrauDsdtAuz7otL9oogd4kgpikHgeefz9sjei3Dr9G 9 zhmmEmqLp6xE7Dbdj1Jnv5Jr3uJmo9xc 5hsjIcCrlEMyG66w5AzLkyFi Dy7CfdLFqjejlt7h8EwfMHFBazMliBkya9wB3ijiLrC35B45A8CbJ3rndyMteI2tEm9C3xuGz8dLByzBHanzdfMszGcCk eLC Lx597dCik8LHE2pymEC3Chni9KlrB8BFpCanMHBKfvsGaL1I38n8F7yhfC61yIGxtgCkxmCnfrEbyDpk5hxElE77H4A8pKy8qoClnew6gLa5EC81pBhagwy jh3HkMr5Dy8 yh864js1z3LfetDL8pc1A2MGmfu6crF7ri3byshsg CtJt bed5uDt3b1pImCHxCd95 pmrpn7aKpyMk4lBGe2Bthyrgpy2sGpzCfaCl3AEzqCyhwos1KwA8mz4cucEvbspvuiL7 n9M1EGkL53liEvmbb9avBE6Hkmfq pDstqub2zpvxEJgF6f8 dhlnHnBdIoybKymjBavq8gmcE AdFJudq l7docdi9dGBkg7ofKHpKCu1Isytc22viqsoofmgkAuxgC8xmktj8v3nIcyqusy4gbni4v2kD9n2dccjfzuHK9v3pjH29lhqoo4jevFg7AunxAw2z3K MbCoHGG jw7t57d1r6GEefo7xC1aw8pCAJqyy3alFwfFgiBm73o43672FcDmd9raBL 5kwrqm7xdevgeIC8KC8B2cy7n6Jlbn9vqmdpa8z46F2f44H19welcgevp7n3qiAK5M3 cd2oxKjMiMxkM2odjHGtK9irhLA28K6CMLmlCdzwJKlbhkk9K9E7M21MxGq1cCxhi5iabdl6AKDhH6qab5cn1gGoh nb2sEH JIgJK4dqkK8fp7kLs5ia1hy cldm8Jt2vdM2Gt6i3s6dA9Kcr9mcLKl3Mb51H43qpoIjfI yyILm91pq2vm5FqzFsu3bnj71wmfvjMcshpvxdBA88aGK HEv8l87ozqtr8 i a 3qvCCGyfAe772oBMebr674a7KjpA2xFr xj71pt9JA6gmu5lnk6azK3hMCHibuKFkAv5rA8kvqk6ff7nn8apMo76g5mCn5n4hHfdi8b lgAyw24gf1vKh8nw Ejtqqqs1pksiC9 eh1JLe9o6yHjotIoJl54wLgqcg DFHyf2LMa1iB6wbsneD5n7mtalfkeld6yJK9kKIyCtxewMiKpuyMG7awdxw84p1d2wgj rG1ibC2ws78pvigbumChqIinu2dKB9qC9w2Mhc193G8l588cjvp2kwDIrHD1wfbJ4JeLGtJ9qEeH9dE9c4gwBqn9BFsgtL c2i5Axektimdc 1meEylLaGDocyMvAbszBBBH31rdtwEpMsjChzAch3f8uxGbMlyemIeFeqFwey3ocfv9v9A6AexoEhmuD5fIDymKhk 8eM5uDtmkFAt14l LbyvckvDyMbHzmd4odnjctbyeqaHxDaiJ2i9jzc6Hi 7eK1lvq8xmL1y8zud y9FAwugobmtytvz9cjFtCtGdrkMsJkFca9B8pJKrcE aaaaaaaaaaaaaaaaaaaaaaa

Not Before

09-01-2013 06:29

Not After

31-12-2039 23:59

Subject

CN=bbbbbbbbbbbbbbbbbbbbbbbbbbbbbb vz1r4nmH86jpHcrKCAHmyhxdDJ7rhGbi8hF1lnh2sgHM43JqzbH3lrjJFx9vnjMGe4BDHq5v5qrB6qqA74 q1e67gI5yADqdfF3zAeHgLHFntpD8dbD7pJsGeajtibfCbhA3vaEjEB849no4zn7lFj4hgIs15dfLgdHsJrMo2jvxDEqa yLiFbjjzLoHxG 9zuBF6f1fs Bdpmkyli3mvr66xGiG4hablooyufspvhyhp9C64cy8fFhlfzwzmv9cmf3qvIL7D26Kkd4bjhHlEM29tj9rdagIv1FHsGyHvprnHbGpqDclIaqFns6veJrB2ywlkhBEjcJw4dukm4wyeL6w2FhsEddCmmaLv8mnG FrauDsdtAuz7otL9oogd4kgpikHgeefz9sjei3Dr9G 9 zhmmEmqLp6xE7Dbdj1Jnv5Jr3uJmo9xc 5hsjIcCrlEMyG66w5AzLkyFi Dy7CfdLFqjejlt7h8EwfMHFBazMliBkya9wB3ijiLrC35B45A8CbJ3rndyMteI2tEm9C3xuGz8dLByzBHanzdfMszGcCk eLC Lx597dCik8LHE2pymEC3Chni9KlrB8BFpCanMHBKfvsGaL1I38n8F7yhfC61yIGxtgCkxmCnfrEbyDpk5hxElE77H4A8pKy8qoClnew6gLa5EC81pBhagwy jh3HkMr5Dy8 yh864js1z3LfetDL8pc1A2MGmfu6crF7ri3byshsg CtJt bed5uDt3b1pImCHxCd95 pmrpn7aKpyMk4lBGe2Bthyrgpy2sGpzCfaCl3AEzqCyhwos1KwA8mz4cucEvbspvuiL7 n9M1EGkL53liEvmbb9avBE6Hkmfq pDstqub2zpvxEJgF6f8 dhlnHnBdIoybKymjBavq8gmcE AdFJudq l7docdi9dGBkg7ofKHpKCu1Isytc22viqsoofmgkAuxgC8xmktj8v3nIcyqusy4gbni4v2kD9n2dccjfzuHK9v3pjH29lhqoo4jevFg7AunxAw2z3K MbCoHGG jw7t57d1r6GEefo7xC1aw8pCAJqyy3alFwfFgiBm73o43672FcDmd9raBL 5kwrqm7xdevgeIC8KC8B2cy7n6Jlbn9vqmdpa8z46F2f44H19welcgevp7n3qiAK5M3 cd2oxKjMiMxkM2odjHGtK9irhLA28K6CMLmlCdzwJKlbhkk9K9E7M21MxGq1cCxhi5iabdl6AKDhH6qab5cn1gGoh nb2sEH JIgJK4dqkK8fp7kLs5ia1hy cldm8Jt2vdM2Gt6i3s6dA9Kcr9mcLKl3Mb51H43qpoIjfI yyILm91pq2vm5FqzFsu3bnj71wmfvjMcshpvxdBA88aGK HEv8l87ozqtr8 i a 3qvCCGyfAe772oBMebr674a7KjpA2xFr xj71pt9JA6gmu5lnk6azK3hMCHibuKFkAv5rA8kvqk6ff7nn8apMo76g5mCn5n4hHfdi8b lgAyw24gf1vKh8nw Ejtqqqs1pksiC9 eh1JLe9o6yHjotIoJl54wLgqcg DFHyf2LMa1iB6wbsneD5n7mtalfkeld6yJK9kKIyCtxewMiKpuyMG7awdxw84p1d2wgj rG1ibC2ws78pvigbumChqIinu2dKB9qC9w2Mhc193G8l588cjvp2kwDIrHD1wfbJ4JeLGtJ9qEeH9dE9c4gwBqn9BFsgtL c2i5Axektimdc 1meEylLaGDocyMvAbszBBBH31rdtwEpMsjChzAch3f8uxGbMlyemIeFeqFwey3ocfv9v9A6AexoEhmuD5fIDymKhk 8eM5uDtmkFAt14l LbyvckvDyMbHzmd4odnjctbyeqaHxDaiJ2i9jzc6Hi 7eK1lvq8xmL1y8zud y9FAwugobmtytvz9cjFtCtGdrkMsJkFca9B8pJKrcE aaaaaaaaaaaaaaaaaaaaaaa

Extended Key Usages

ExtKeyUsageCodeSigning

12:02:8a:76:65:6d:23:76:ff:f8:41:b4:bb:73:79:45:01:61:9b:36
Signer

Actual PE Digest

12:02:8a:76:65:6d:23:76:ff:f8:41:b4:bb:73:79:45:01:61:9b:36

Digest Algorithm

sha1

PE Digest Matches

false

Signature Validations

Trusted

false

Verification

Signing Certificate

CN=bbbbbbbbbbbbbbbbbbbbbbbbbbbbbb vz1r4nmH86jpHcrKCAHmyhxdDJ7rhGbi8hF1lnh2sgHM43JqzbH3lrjJFx9vnjMGe4BDHq5v5qrB6qqA74 q1e67gI5yADqdfF3zAeHgLHFntpD8dbD7pJsGeajtibfCbhA3vaEjEB849no4zn7lFj4hgIs15dfLgdHsJrMo2jvxDEqa yLiFbjjzLoHxG 9zuBF6f1fs Bdpmkyli3mvr66xGiG4hablooyufspvhyhp9C64cy8fFhlfzwzmv9cmf3qvIL7D26Kkd4bjhHlEM29tj9rdagIv1FHsGyHvprnHbGpqDclIaqFns6veJrB2ywlkhBEjcJw4dukm4wyeL6w2FhsEddCmmaLv8mnG FrauDsdtAuz7otL9oogd4kgpikHgeefz9sjei3Dr9G 9 zhmmEmqLp6xE7Dbdj1Jnv5Jr3uJmo9xc 5hsjIcCrlEMyG66w5AzLkyFi Dy7CfdLFqjejlt7h8EwfMHFBazMliBkya9wB3ijiLrC35B45A8CbJ3rndyMteI2tEm9C3xuGz8dLByzBHanzdfMszGcCk eLC Lx597dCik8LHE2pymEC3Chni9KlrB8BFpCanMHBKfvsGaL1I38n8F7yhfC61yIGxtgCkxmCnfrEbyDpk5hxElE77H4A8pKy8qoClnew6gLa5EC81pBhagwy jh3HkMr5Dy8 yh864js1z3LfetDL8pc1A2MGmfu6crF7ri3byshsg CtJt bed5uDt3b1pImCHxCd95 pmrpn7aKpyMk4lBGe2Bthyrgpy2sGpzCfaCl3AEzqCyhwos1KwA8mz4cucEvbspvuiL7 n9M1EGkL53liEvmbb9avBE6Hkmfq pDstqub2zpvxEJgF6f8 dhlnHnBdIoybKymjBavq8gmcE AdFJudq l7docdi9dGBkg7ofKHpKCu1Isytc22viqsoofmgkAuxgC8xmktj8v3nIcyqusy4gbni4v2kD9n2dccjfzuHK9v3pjH29lhqoo4jevFg7AunxAw2z3K MbCoHGG jw7t57d1r6GEefo7xC1aw8pCAJqyy3alFwfFgiBm73o43672FcDmd9raBL 5kwrqm7xdevgeIC8KC8B2cy7n6Jlbn9vqmdpa8z46F2f44H19welcgevp7n3qiAK5M3 cd2oxKjMiMxkM2odjHGtK9irhLA28K6CMLmlCdzwJKlbhkk9K9E7M21MxGq1cCxhi5iabdl6AKDhH6qab5cn1gGoh nb2sEH JIgJK4dqkK8fp7kLs5ia1hy cldm8Jt2vdM2Gt6i3s6dA9Kcr9mcLKl3Mb51H43qpoIjfI yyILm91pq2vm5FqzFsu3bnj71wmfvjMcshpvxdBA88aGK HEv8l87ozqtr8 i a 3qvCCGyfAe772oBMebr674a7KjpA2xFr xj71pt9JA6gmu5lnk6azK3hMCHibuKFkAv5rA8kvqk6ff7nn8apMo76g5mCn5n4hHfdi8b lgAyw24gf1vKh8nw Ejtqqqs1pksiC9 eh1JLe9o6yHjotIoJl54wLgqcg DFHyf2LMa1iB6wbsneD5n7mtalfkeld6yJK9kKIyCtxewMiKpuyMG7awdxw84p1d2wgj rG1ibC2ws78pvigbumChqIinu2dKB9qC9w2Mhc193G8l588cjvp2kwDIrHD1wfbJ4JeLGtJ9qEeH9dE9c4gwBqn9BFsgtL c2i5Axektimdc 1meEylLaGDocyMvAbszBBBH31rdtwEpMsjChzAch3f8uxGbMlyemIeFeqFwey3ocfv9v9A6AexoEhmuD5fIDymKhk 8eM5uDtmkFAt14l LbyvckvDyMbHzmd4odnjctbyeqaHxDaiJ2i9jzc6Hi 7eK1lvq8xmL1y8zud y9FAwugobmtytvz9cjFtCtGdrkMsJkFca9B8pJKrcE aaaaaaaaaaaaaaaaaaaaaaa

28-11-2022 11:52
Valid: false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAllocEx
ExitProcess

gdi32

GetStockObject

advapi32

GetTokenInformation
RegSetValueExW
RegQueryValueExW
RegOpenKeyExW
RegConnectRegistryW
RegCloseKey
RegOpenKeyExA
AdjustTokenPrivileges
LookupAccountSidW
LookupPrivilegeValueW
OpenProcessToken

msvcrt

memcpy
_XcptFilter
__CxxFrameHandler
__p__commode
__p__fmode
__set_app_type
__setusermatherr
__wgetmainargs
__winitenv
_adjust_fdiv
_c_exit
_cexit
_controlfp
_except_handler3
_exit
_initterm
_iob
_wcsicmp
_wcsnicmp
_wgetcwd
_wtol
calloc
exit
fflush
fprintf
free
malloc
realloc
sprintf
strtok
wcschr
wcslen
wcsncmp
wcsncpy
wcsstr
wcstod
wcstok
wcstol

Sections

.text
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text3
Size: 512B - Virtual size: 400B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text2
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 248KB - Virtual size: 248KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

58404305f69b721d3a3ae712ac9e2799

Code Sign

2d:99:90:90:a6:e5:ca:65:bc:fa:59:1d:b2:89:8e:7cCertificate

Extended Key Usages

12:02:8a:76:65:6d:23:76:ff:f8:41:b4:bb:73:79:45:01:61:9b:36Signer

Signature Validations

Verification

28-11-2022 11:52 Valid: false

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

gdi32

advapi32

msvcrt

Sections

.text Size: 8KB - Virtual size: 8KB

.text3 Size: 512B - Virtual size: 400B

.text2 Size: 4KB - Virtual size: 3KB

.rdata Size: 1KB - Virtual size: 1KB

.data Size: 248KB - Virtual size: 248KB

.rsrc Size: 2KB - Virtual size: 2KB

2d:99:90:90:a6:e5:ca:65:bc:fa:59:1d:b2:89:8e:7c
Certificate

12:02:8a:76:65:6d:23:76:ff:f8:41:b4:bb:73:79:45:01:61:9b:36
Signer

28-11-2022 11:52
Valid: false

.text
Size: 8KB - Virtual size: 8KB

.text3
Size: 512B - Virtual size: 400B

.text2
Size: 4KB - Virtual size: 3KB

.rdata
Size: 1KB - Virtual size: 1KB

.data
Size: 248KB - Virtual size: 248KB

.rsrc
Size: 2KB - Virtual size: 2KB