55e5a53e6a253024a8b48d080a23a5eeef193a4172014d651e6f9c81717d09f5

Sharing

Copy URL Twitter E-mail

General

Target

55e5a53e6a253024a8b48d080a23a5eeef193a4172014d651e6f9c81717d09f5
Size

356KB
MD5

ea736e417c7845b5100e571a376ecb3b
SHA1

9bd4b41b83c6134678ac2ceba4922fc4262eaa46
SHA256

55e5a53e6a253024a8b48d080a23a5eeef193a4172014d651e6f9c81717d09f5
SHA512

534fbaabb1fe563a40ca9f6c89df22bf68246884eb202ea4ae7db2bab5d371cbcdd2d5519851b57cbd93287edad2b3cfb58751b66b88c8a71b680bc40e5097a1
SSDEEP

6144:AXXJbyC050AlEVStmUWOGNMrmK+klko4EokttfxDn6FPn7DC:AXXJb0rmUnGRK+klkSo8tePn7DC

Score

N/A

Malware Config

Signatures

Files

55e5a53e6a253024a8b48d080a23a5eeef193a4172014d651e6f9c81717d09f5
.exe windows x86

f726b6b0fadc07e630b512d337a5534f

Code Sign

3c:a2:ac:cf:ba:9b:d4:8f:48:09:8c:05:ae:26:8d:9d
Certificate

Issuer

CN=bbbbbbbbbbbbbbbbbbbbbbbbbbbbbb zpGj8cc28il7tGJpL3Bn2AGpLw4a9Agv7mouGDpzi3exC2nKkHJA5Hekjjb4sGsAFcfuECsC57nmli4u3Kvk1fc LIvom3nMsaAiMH j7EGg3tevl2llDhJ6mbFtBDjpnu2GL4kv1wB1GvqwL1c7fkny7aiw1cL1h5CazHfJkeGhldrBm 67ocd5upipnpArpK3szodIlhILM2zska45qL8hwx3dHhii9FacdGksGl1k796g5ovmtCHKrbbgv6mkJ9bqsjMfaFrvFHL5Jz32 FI9p2bigutwnM1HEuq8j4EwqKdnk8qCEcpGk7Mhr3v96jp5Jhyv7gqtepbjlAMxoDg85Lop5E4y4Ec8s3mzleh5lJlssC5xIcBi9hhj5ryjtwp3cv7DxgyCMm21AFqG2nagqJ93iIlHJ85bILma1axFBokiacbdrxggMab1nAjx9dsegIL4nvdai2H42y4A1j91Fidyf7n8LpIcc5fEhklEJh5GusEFxzDz k9cKM J2ctzfHw9qhAbI6HGoGq4AbGLeK gm4jyMbarJfge5eqAih2jzi zbHA5elBL8HDtuKBAqj82wH7nHrHnd4ytj 7KzLvcLAMu943ek1exMwnnuv3q5sbpnBojCcmgd77ioDqg9g8bL 27ofApxG57u Awav3od4ebrrAFbwmhE8J5h6Ea5twbLFu1Kg Gjeag7gx151L16o55FCCK7r7ruLmdagJvGiyu8cfBbKu i5CvpHHvHgnGuryunxnJ6ud3zaerMA3LC9zeABF5kkiaAIGBwmDzkK7hJMEvr2Gr25BJsDEqlbk3qLweJ1v8xu3tqL2vi2cAjzvz9Jpolfg4rxAfAzbfvM3sELya6ts c2pAo1nJdL2ucH8r4qoHnrBIfc heouAhHdDI6awqkc5Ei1gEiInrB854nnebalLjArfyAoHltbgnEexvouGgLpIpBasfClsys6teFnc6iIdgHupfLn1ooMMM8BDhxl9cdq8KzzwfkIKoKemgvFv61wDKjlwhsxzxfClvGLzCjlwEeb9zduMfeJelzeAjr6ggGk6fzbrzFJ5IL4IGlhHFEJsyGEp3FA5K9AA75vHEIa I 1FxnhhfhxMd1IdABlGzau8KGtCFjqsqeano6ucrdKMKE6mp1a1hliFMyy2uyAuHm3AIBEfhagnAcpsMkpeBEGLIkAvL8IMsMl33hjjlblxB4dj oF9JomMdr1z65vzC4rJloluz7FcMFKC2E8uIjbjK982klG9nI96vA1idMMiLlKx9unM2b eh4skgw4zglxutd7ge5eHakKJ3h3axvEzyJmGxmMlExo9aHbmK9LJbn9M79FEFb 3Jer6M6ltKegACFLChHFH4KJI9nD12v971cfze7yFnLu2L3 muurdJBjeyz2eesLu4mrlFsE7A4LKsEww3M25KqaqdA6g714C19poJGintaaxyojx4HHvilC738Lie85MHK7LBotpzAhz1AJ97IljDhErq6HwG4K2ubxsrDnBwFvlnMyActDs AsbDxfahdtnM2jpt4vFDKqzkF93mjoju z352D6 K9j768wlHzdlh7exijrG8D9dEpg3BzLcgy74LlkGJKl5h7wFF458DB9yD9f41jrmxoqj9zCJaiuMgbFBDrg5aeBjyynCFkLfK3fJ37hAvvMyEErqMIJBoeop x4sipAbz7jyEfdn4M2xyyBpr2qshvu5qprD2 ufhFc8mDdhEIevILAfLyaF7ld3lzg51MweJmvzhby62lAMuw5DEFEAraMor4A2kejrFMueszv9mGcKF 6fb5KAt8517Jqxjw6Lcan9ptDJr6 n4E9u8CGBt2o fCpu5G965j5DGhl1roFd3n3AJgpD1tcJBqr3k1LAAqqawBjwFw 4mMBDIvoczo9G69ungdFo3h4dd2Ilq9Mo2n3KGqg aaaaaaaaaaaaaaaaaaaaaaa

Not Before

08/01/2013, 18:21

Not After

31/12/2039, 23:59

Subject

CN=bbbbbbbbbbbbbbbbbbbbbbbbbbbbbb zpGj8cc28il7tGJpL3Bn2AGpLw4a9Agv7mouGDpzi3exC2nKkHJA5Hekjjb4sGsAFcfuECsC57nmli4u3Kvk1fc LIvom3nMsaAiMH j7EGg3tevl2llDhJ6mbFtBDjpnu2GL4kv1wB1GvqwL1c7fkny7aiw1cL1h5CazHfJkeGhldrBm 67ocd5upipnpArpK3szodIlhILM2zska45qL8hwx3dHhii9FacdGksGl1k796g5ovmtCHKrbbgv6mkJ9bqsjMfaFrvFHL5Jz32 FI9p2bigutwnM1HEuq8j4EwqKdnk8qCEcpGk7Mhr3v96jp5Jhyv7gqtepbjlAMxoDg85Lop5E4y4Ec8s3mzleh5lJlssC5xIcBi9hhj5ryjtwp3cv7DxgyCMm21AFqG2nagqJ93iIlHJ85bILma1axFBokiacbdrxggMab1nAjx9dsegIL4nvdai2H42y4A1j91Fidyf7n8LpIcc5fEhklEJh5GusEFxzDz k9cKM J2ctzfHw9qhAbI6HGoGq4AbGLeK gm4jyMbarJfge5eqAih2jzi zbHA5elBL8HDtuKBAqj82wH7nHrHnd4ytj 7KzLvcLAMu943ek1exMwnnuv3q5sbpnBojCcmgd77ioDqg9g8bL 27ofApxG57u Awav3od4ebrrAFbwmhE8J5h6Ea5twbLFu1Kg Gjeag7gx151L16o55FCCK7r7ruLmdagJvGiyu8cfBbKu i5CvpHHvHgnGuryunxnJ6ud3zaerMA3LC9zeABF5kkiaAIGBwmDzkK7hJMEvr2Gr25BJsDEqlbk3qLweJ1v8xu3tqL2vi2cAjzvz9Jpolfg4rxAfAzbfvM3sELya6ts c2pAo1nJdL2ucH8r4qoHnrBIfc heouAhHdDI6awqkc5Ei1gEiInrB854nnebalLjArfyAoHltbgnEexvouGgLpIpBasfClsys6teFnc6iIdgHupfLn1ooMMM8BDhxl9cdq8KzzwfkIKoKemgvFv61wDKjlwhsxzxfClvGLzCjlwEeb9zduMfeJelzeAjr6ggGk6fzbrzFJ5IL4IGlhHFEJsyGEp3FA5K9AA75vHEIa I 1FxnhhfhxMd1IdABlGzau8KGtCFjqsqeano6ucrdKMKE6mp1a1hliFMyy2uyAuHm3AIBEfhagnAcpsMkpeBEGLIkAvL8IMsMl33hjjlblxB4dj oF9JomMdr1z65vzC4rJloluz7FcMFKC2E8uIjbjK982klG9nI96vA1idMMiLlKx9unM2b eh4skgw4zglxutd7ge5eHakKJ3h3axvEzyJmGxmMlExo9aHbmK9LJbn9M79FEFb 3Jer6M6ltKegACFLChHFH4KJI9nD12v971cfze7yFnLu2L3 muurdJBjeyz2eesLu4mrlFsE7A4LKsEww3M25KqaqdA6g714C19poJGintaaxyojx4HHvilC738Lie85MHK7LBotpzAhz1AJ97IljDhErq6HwG4K2ubxsrDnBwFvlnMyActDs AsbDxfahdtnM2jpt4vFDKqzkF93mjoju z352D6 K9j768wlHzdlh7exijrG8D9dEpg3BzLcgy74LlkGJKl5h7wFF458DB9yD9f41jrmxoqj9zCJaiuMgbFBDrg5aeBjyynCFkLfK3fJ37hAvvMyEErqMIJBoeop x4sipAbz7jyEfdn4M2xyyBpr2qshvu5qprD2 ufhFc8mDdhEIevILAfLyaF7ld3lzg51MweJmvzhby62lAMuw5DEFEAraMor4A2kejrFMueszv9mGcKF 6fb5KAt8517Jqxjw6Lcan9ptDJr6 n4E9u8CGBt2o fCpu5G965j5DGhl1roFd3n3AJgpD1tcJBqr3k1LAAqqawBjwFw 4mMBDIvoczo9G69ungdFo3h4dd2Ilq9Mo2n3KGqg aaaaaaaaaaaaaaaaaaaaaaa

Extended Key Usages

ExtKeyUsageCodeSigning

9e:46:20:2e:37:bc:43:10:e8:6b:39:62:b0:c3:7d:82:0c:92:c1:ba
Signer

Actual PE Digest

9e:46:20:2e:37:bc:43:10:e8:6b:39:62:b0:c3:7d:82:0c:92:c1:ba

Digest Algorithm

sha1

PE Digest Matches

false

Signature Validations

Trusted

false

Verification

Signing Certificate

CN=bbbbbbbbbbbbbbbbbbbbbbbbbbbbbb zpGj8cc28il7tGJpL3Bn2AGpLw4a9Agv7mouGDpzi3exC2nKkHJA5Hekjjb4sGsAFcfuECsC57nmli4u3Kvk1fc LIvom3nMsaAiMH j7EGg3tevl2llDhJ6mbFtBDjpnu2GL4kv1wB1GvqwL1c7fkny7aiw1cL1h5CazHfJkeGhldrBm 67ocd5upipnpArpK3szodIlhILM2zska45qL8hwx3dHhii9FacdGksGl1k796g5ovmtCHKrbbgv6mkJ9bqsjMfaFrvFHL5Jz32 FI9p2bigutwnM1HEuq8j4EwqKdnk8qCEcpGk7Mhr3v96jp5Jhyv7gqtepbjlAMxoDg85Lop5E4y4Ec8s3mzleh5lJlssC5xIcBi9hhj5ryjtwp3cv7DxgyCMm21AFqG2nagqJ93iIlHJ85bILma1axFBokiacbdrxggMab1nAjx9dsegIL4nvdai2H42y4A1j91Fidyf7n8LpIcc5fEhklEJh5GusEFxzDz k9cKM J2ctzfHw9qhAbI6HGoGq4AbGLeK gm4jyMbarJfge5eqAih2jzi zbHA5elBL8HDtuKBAqj82wH7nHrHnd4ytj 7KzLvcLAMu943ek1exMwnnuv3q5sbpnBojCcmgd77ioDqg9g8bL 27ofApxG57u Awav3od4ebrrAFbwmhE8J5h6Ea5twbLFu1Kg Gjeag7gx151L16o55FCCK7r7ruLmdagJvGiyu8cfBbKu i5CvpHHvHgnGuryunxnJ6ud3zaerMA3LC9zeABF5kkiaAIGBwmDzkK7hJMEvr2Gr25BJsDEqlbk3qLweJ1v8xu3tqL2vi2cAjzvz9Jpolfg4rxAfAzbfvM3sELya6ts c2pAo1nJdL2ucH8r4qoHnrBIfc heouAhHdDI6awqkc5Ei1gEiInrB854nnebalLjArfyAoHltbgnEexvouGgLpIpBasfClsys6teFnc6iIdgHupfLn1ooMMM8BDhxl9cdq8KzzwfkIKoKemgvFv61wDKjlwhsxzxfClvGLzCjlwEeb9zduMfeJelzeAjr6ggGk6fzbrzFJ5IL4IGlhHFEJsyGEp3FA5K9AA75vHEIa I 1FxnhhfhxMd1IdABlGzau8KGtCFjqsqeano6ucrdKMKE6mp1a1hliFMyy2uyAuHm3AIBEfhagnAcpsMkpeBEGLIkAvL8IMsMl33hjjlblxB4dj oF9JomMdr1z65vzC4rJloluz7FcMFKC2E8uIjbjK982klG9nI96vA1idMMiLlKx9unM2b eh4skgw4zglxutd7ge5eHakKJ3h3axvEzyJmGxmMlExo9aHbmK9LJbn9M79FEFb 3Jer6M6ltKegACFLChHFH4KJI9nD12v971cfze7yFnLu2L3 muurdJBjeyz2eesLu4mrlFsE7A4LKsEww3M25KqaqdA6g714C19poJGintaaxyojx4HHvilC738Lie85MHK7LBotpzAhz1AJ97IljDhErq6HwG4K2ubxsrDnBwFvlnMyActDs AsbDxfahdtnM2jpt4vFDKqzkF93mjoju z352D6 K9j768wlHzdlh7exijrG8D9dEpg3BzLcgy74LlkGJKl5h7wFF458DB9yD9f41jrmxoqj9zCJaiuMgbFBDrg5aeBjyynCFkLfK3fJ37hAvvMyEErqMIJBoeop x4sipAbz7jyEfdn4M2xyyBpr2qshvu5qprD2 ufhFc8mDdhEIevILAfLyaF7ld3lzg51MweJmvzhby62lAMuw5DEFEAraMor4A2kejrFMueszv9mGcKF 6fb5KAt8517Jqxjw6Lcan9ptDJr6 n4E9u8CGBt2o fCpu5G965j5DGhl1roFd3n3AJgpD1tcJBqr3k1LAAqqawBjwFw 4mMBDIvoczo9G69ungdFo3h4dd2Ilq9Mo2n3KGqg aaaaaaaaaaaaaaaaaaaaaaa

28/11/2022, 11:52
Valid: false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLastError
GetLocalTime
GetLocaleInfoA
GetOEMCP
GetSystemTime
HeapAlloc
HeapFree
HeapReAlloc
InterlockedExchange
LoadLibraryA
RtlUnwind
SetEndOfFile
GetCPInfo
SystemTimeToFileTime
GetFileSize
VirtualAlloc
VirtualFree
VirtualQuery
WriteFile
lstrcmpA
lstrcmpiA
lstrlenA
lstrcatA
GetSystemDirectoryA
ReadFile
GetACP
FindNextFileA
FindFirstFileA
TlsSetValue
GetDiskFreeSpaceA
FindClose
DeleteFileA
CreateFileA
CreateDirectoryA
SetFilePointer
CloseHandle

user32

MessageBoxA
OffsetRect
PeekMessageA
SendMessageA
SetDlgItemTextA
SetFocus
SetForegroundWindow
SetWindowPos
ShowWindow
SystemParametersInfoA
TranslateMessage
LoadCursorA
LoadStringA
IsDlgButtonChecked
IsDialogMessageA
GetWindowRect
GetParent
GetDlgItem
GetDesktopWindow
EndDialog
DispatchMessageA
DialogBoxParamA
DestroyWindow
CheckDlgButton
CharPrevA
CreateDialogParamA

advapi32

RegCloseKey
RegQueryInfoKeyA
RegQueryValueExA
RegSetValueExA
RegOpenKeyExA
RegOpenKeyA
RegEnumKeyExA
RegOverridePredefKey

ole32

CoInitialize
CoGetMalloc
CoCreateInstance
CoTaskMemRealloc
CoUninitialize

shlwapi

wnsprintfA
StrFormatByteSize64A

comctl32

InitCommonControlsEx

msvcrt

memcpy

Sections

.text
Size: 336KB - Virtual size: 335KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 92B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data3
Size: 512B - Virtual size: 100B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data2
Size: 512B - Virtual size: 100B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f726b6b0fadc07e630b512d337a5534f

Code Sign

3c:a2:ac:cf:ba:9b:d4:8f:48:09:8c:05:ae:26:8d:9dCertificate

Extended Key Usages

9e:46:20:2e:37:bc:43:10:e8:6b:39:62:b0:c3:7d:82:0c:92:c1:baSigner

Signature Validations

Verification

28/11/2022, 11:52 Valid: false

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

ole32

shlwapi

comctl32

msvcrt

Sections

.text Size: 336KB - Virtual size: 335KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 512B - Virtual size: 92B

.data3 Size: 512B - Virtual size: 100B

.data2 Size: 512B - Virtual size: 100B

.rsrc Size: 3KB - Virtual size: 2KB

3c:a2:ac:cf:ba:9b:d4:8f:48:09:8c:05:ae:26:8d:9d
Certificate

9e:46:20:2e:37:bc:43:10:e8:6b:39:62:b0:c3:7d:82:0c:92:c1:ba
Signer

28/11/2022, 11:52
Valid: false

.text
Size: 336KB - Virtual size: 335KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 512B - Virtual size: 92B

.data3
Size: 512B - Virtual size: 100B

.data2
Size: 512B - Virtual size: 100B

.rsrc
Size: 3KB - Virtual size: 2KB