6f569e9d2fd013d0e87fc3a1a6b3da50b64f6983e1a9446b92e43dbf541bf778

Sharing

Copy URL Twitter E-mail

General

Target

6f569e9d2fd013d0e87fc3a1a6b3da50b64f6983e1a9446b92e43dbf541bf778
Size

6.2MB
MD5

d85f5e7893c37ff9874833cc6fb5802e
SHA1

24dfca8d70e51de77a27a310b42dbe2072479149
SHA256

6f569e9d2fd013d0e87fc3a1a6b3da50b64f6983e1a9446b92e43dbf541bf778
SHA512

101ec728731c6401a57605e1d87cbe91ca7a539ae21ec2b271a4a17a38f692d2b07563bfb72079081aac4ceb15978ce72de11fcc6a3c0598cef9a4712309e55d
SSDEEP

196608:+uU0CuZHlIuluz5KA5W7/ZTtc+AlufFd:+IrZHvluz0A5MBBcluT

Score

N/A

Malware Config

Signatures

Files

6f569e9d2fd013d0e87fc3a1a6b3da50b64f6983e1a9446b92e43dbf541bf778
.exe windows x86

f20145218f8ed6aecc62233c748b3dfb

Code Sign

66:6f:df:6b:5a:1f:db:bc:4d:0f:4d:c2:0c:0f:e0:c8
Certificate

Issuer

CN=Colorful iGame Z390-X RNG Edition V25

Not Before

28/11/2022, 13:27

Not After

29/11/2032, 13:27

Subject

CN=Colorful iGame Z390-X RNG Edition V25

90:39:7f:9a:d2:4a:3a:13:f2:bd:91:5f:08:38:a9:43
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

11/05/2022, 00:00

Not After

10/08/2033, 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #3,O=Sectigo Limited,ST=Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02/05/2019, 00:00

Not After

18/01/2038, 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

13:ab:db:94:e3:b7:29:20:cc:e0:de:b7:e0:19:61:46:b7:e0:76:4b:6c:f9:52:a0:83:0b:47:ba:2e:58:31:cf
Signer

Actual PE Digest

13:ab:db:94:e3:b7:29:20:cc:e0:de:b7:e0:19:61:46:b7:e0:76:4b:6c:f9:52:a0:83:0b:47:ba:2e:58:31:cf

Digest Algorithm

sha256

PE Digest Matches

true

Signature Validations

Trusted

false

Verification

Signing Certificate

CN=Colorful iGame Z390-X RNG Edition V25

28/11/2022, 11:52
Valid: false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

WriteFile
GetSystemTimeAsFileTime
LocalAlloc
LocalFree
GetModuleFileNameW
ExitProcess
LoadLibraryA
GetModuleHandleA
GetProcAddress

user32

CharUpperBuffW

Sections

.text
Size: - Virtual size: 2.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 2.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 401KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: - Virtual size: 988B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

././././
Size: - Virtual size: 93KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.symtab
Size: - Virtual size: 4B

IMAGE_SCN_MEM_READ

././././
Size: - Virtual size: 2.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

././././
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

././././
Size: 6.0MB - Virtual size: 6.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 168KB - Virtual size: 168KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f20145218f8ed6aecc62233c748b3dfb

Code Sign

66:6f:df:6b:5a:1f:db:bc:4d:0f:4d:c2:0c:0f:e0:c8Certificate

90:39:7f:9a:d2:4a:3a:13:f2:bd:91:5f:08:38:a9:43Certificate

Extended Key Usages

Key Usages

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9Certificate

Extended Key Usages

Key Usages

13:ab:db:94:e3:b7:29:20:cc:e0:de:b7:e0:19:61:46:b7:e0:76:4b:6c:f9:52:a0:83:0b:47:ba:2e:58:31:cfSigner

Signature Validations

Verification

28/11/2022, 11:52 Valid: false

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

Sections

.text Size: - Virtual size: 2.3MB

.rdata Size: - Virtual size: 2.0MB

.data Size: - Virtual size: 401KB

.idata Size: - Virtual size: 988B

././././ Size: - Virtual size: 93KB

.symtab Size: - Virtual size: 4B

././././ Size: - Virtual size: 2.5MB

././././ Size: 1024B - Virtual size: 1000B

././././ Size: 6.0MB - Virtual size: 6.0MB

.reloc Size: 2KB - Virtual size: 1KB

.rsrc Size: 168KB - Virtual size: 168KB

66:6f:df:6b:5a:1f:db:bc:4d:0f:4d:c2:0c:0f:e0:c8
Certificate

90:39:7f:9a:d2:4a:3a:13:f2:bd:91:5f:08:38:a9:43
Certificate

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

13:ab:db:94:e3:b7:29:20:cc:e0:de:b7:e0:19:61:46:b7:e0:76:4b:6c:f9:52:a0:83:0b:47:ba:2e:58:31:cf
Signer

28/11/2022, 11:52
Valid: false

.text
Size: - Virtual size: 2.3MB

.rdata
Size: - Virtual size: 2.0MB

.data
Size: - Virtual size: 401KB

.idata
Size: - Virtual size: 988B

././././
Size: - Virtual size: 93KB

.symtab
Size: - Virtual size: 4B

././././
Size: - Virtual size: 2.5MB

././././
Size: 1024B - Virtual size: 1000B

././././
Size: 6.0MB - Virtual size: 6.0MB

.reloc
Size: 2KB - Virtual size: 1KB

.rsrc
Size: 168KB - Virtual size: 168KB