c6924a6062c6385f63f3664436a46a2b7ac5e47230b4e52517ff17fd8d714523

Sharing

Copy URL Twitter E-mail

General

Target

c6924a6062c6385f63f3664436a46a2b7ac5e47230b4e52517ff17fd8d714523
Size

55KB
MD5

35741f0d4532f3da39957998e17b6520
SHA1

54e63c195a422fba0186075f5e365f5d1ea77880
SHA256

c6924a6062c6385f63f3664436a46a2b7ac5e47230b4e52517ff17fd8d714523
SHA512

92efe1b4f744a4e74bc409e0be4817002cfbeb7e8cb03c08186800399a5282101118e1891e2017fdda1c7869e9f8e6cc4588725bc126c317de0e6ff91ef46c52
SSDEEP

768:zqCZUJBNwXVjdpNY7/tjatq1vOsbcPJmSZbBpHjUOlssO+wcSDPnGMEau8n7:zrmwXVjOPOXBmSLhNNGDvlExc

Score

N/A

Malware Config

Signatures

Files

c6924a6062c6385f63f3664436a46a2b7ac5e47230b4e52517ff17fd8d714523
.dll windows x86

8946be53441b3ea767587ba1182f91a9

Code Sign

1b:5d:65:19:a1:99:87:a7:49:c4:c9:0a:ec:f1:a3:3b
Certificate

Issuer

CN=NCrG992VieeQ

Not Before

14/03/2012, 06:19

Not After

31/12/2039, 23:59

Subject

CN=NCrG992VieeQ

Extended Key Usages

ExtKeyUsageCodeSigning

48:5f:8f:9b:57:ac:2d:43:82:fb:e5:c7:0e:d5:50:9c:56:d0:16:9e
Signer

Actual PE Digest

48:5f:8f:9b:57:ac:2d:43:82:fb:e5:c7:0e:d5:50:9c:56:d0:16:9e

Digest Algorithm

sha1

PE Digest Matches

true

Signature Validations

Trusted

false

Verification

Signing Certificate

CN=NCrG992VieeQ

01/12/2022, 14:34
Valid: false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
InterlockedCompareExchange
lstrcpyA
lstrlenA
GetWindowsDirectoryA
GetProcAddress
CreateFileA
VirtualAlloc
BeginUpdateResourceA
BuildCommDCBAndTimeoutsA
CancelIo
CreateHardLinkW
CreateJobObjectW
CreateTapePartition
DefineDosDeviceA
DefineDosDeviceW
EnterCriticalSection
EnumDateFormatsExW
EnumResourceLanguagesA
EnumResourceTypesW
EnumSystemLanguageGroupsA
EnumTimeFormatsW
EnumUILanguagesA
FileTimeToSystemTime
FindAtomA
FindClose
FlushInstructionCache
FoldStringA
GetBinaryType
GetCPInfo
GetCPInfoExA
GetCommModemStatus
GetConsoleAliasesA
GetConsoleAliasesLengthA
GetConsoleAliasesW
GetConsoleMode
GetCurrentDirectoryA
GetCurrentDirectoryW
GetDefaultCommConfigW
GetDriveTypeA
GetFileSizeEx
GetLocalTime
GetLocaleInfoA
GetLogicalDriveStringsA
GetModuleFileNameA
GetProcessAffinityMask
GetShortPathNameA
GetShortPathNameW
GetStdHandle
GetStringTypeA
GetStringTypeExA
GetStringTypeExW
GetSystemTimeAsFileTime
GetSystemWindowsDirectoryA
GetTapeStatus
GetTempPathA
GetTempPathW
GetThreadPriorityBoost
GetThreadSelectorEntry
GetTimeZoneInformation
GetUserDefaultLangID
GetVersionExW
GetVolumePathNameW
GlobalMemoryStatusEx
GlobalReAlloc
Heap32Next
HeapCompact
HeapFree
HeapLock
HeapUnlock
InterlockedIncrement
IsBadStringPtrW
IsDBCSLeadByteEx
IsValidLanguageGroup
IsValidLocale
LoadLibraryExW
LoadLibraryW
LoadModule
LocalFileTimeToFileTime
LocalHandle
LocalShrink
MoveFileA
OpenSemaphoreW
OpenWaitableTimerA
ReleaseMutex
ReplaceFileW
SetComputerNameA
SetComputerNameExA
SetComputerNameExW
SetComputerNameW
SetEnvironmentVariableW
SetLastError
SetThreadPriority
Thread32Next
VerLanguageNameA
VerLanguageNameW
VerifyVersionInfoW
VirtualProtect
WaitForMultipleObjects
WriteConsoleOutputW
WritePrivateProfileStringA
WritePrivateProfileStructW
lstrcatA
lstrcmpiW

user32

OpenClipboard
OpenIcon
RemovePropW
ScreenToClient
ScrollWindowEx
SendIMEMessageExA
SendMessageW
SetActiveWindow
SetCaretPos
SetClipboardViewer
SetDebugErrorLevel
SetDlgItemTextW
SetWindowLongW
SetWindowsHookExA
ShowCaret
SwitchDesktop
SystemParametersInfoA
ToAscii
TrackPopupMenuEx
UnloadKeyboardLayout
UnregisterClassA
VkKeyScanExA
WindowFromPoint
wsprintfA
wvsprintfA
OemToCharBuffA
OemKeyScan
MessageBoxW
MessageBoxExW
MapWindowPoints
MapVirtualKeyA
LoadIconW
LoadBitmapA
IsZoomed
IsWindowUnicode
IsWindow
IsDialogMessage
IMPGetIMEW
GetWindowThreadProcessId
GetWindowTextW
GetWindowTextLengthW
GetWindowRect
GetWindowDC
GetWindowContextHelpId
GetThreadDesktop
GetPriorityClipboardFormat
GetMouseMovePointsEx
GetMessagePos
GetMenuStringA
GetMenuInfo
GetMenuDefaultItem
GetLastInputInfo
GetKeyboardLayoutNameW
GetKeyboardLayout
GetKeyState
GetDlgItemTextW
GetClipCursor
GetClassNameW
GetClassInfoExA
GetAncestor
EnumDisplaySettingsA
EnumDisplayDevicesW
EnumDisplayDevicesA
EnumDesktopsW
EnableWindow
EmptyClipboard
DrawTextW
DrawTextExW
DrawStateA
DragObject
DlgDirSelectComboBoxExW
DialogBoxIndirectParamW
DefWindowProcW
DefFrameProcW
DdePostAdvise
DdeImpersonateClient
DdeEnableCallback
DdeConnectList
DdeAccessData
CreateIconIndirect
CreateDialogParamA
CreateDesktopW
CreateCursor
CountClipboardFormats
CopyRect
CopyAcceleratorTableA
CheckRadioButton
CharUpperBuffA
ChangeMenuW
ChangeDisplaySettingsA
CascadeWindows
EndPaint

shell32

SHBrowseForFolderA
Shell_NotifyIconW
Shell_NotifyIcon
ShellExecuteW
ShellAboutA
SHQueryRecycleBinA
SHPathPrepareForWriteW
SHInvokePrinterCommandW
SHInvokePrinterCommandA
SHGetSpecialFolderPathW
SHGetSpecialFolderLocation
SHGetSettings
CheckEscapesW
CommandLineToArgvW
DoEnvironmentSubstA
DragAcceptFiles
DragFinish
DragQueryFile
DragQueryFileA
DragQueryPoint
DuplicateIcon
ExtractAssociatedIconA
ExtractAssociatedIconExA
ExtractIconExA
ExtractIconExW
FindExecutableA
SHGetPathFromIDListW
FindExecutableW
SHAddToRecentDocs
SHAppBarMessage
SHBindToParent
SHBrowseForFolder
WOWShellExecute
SHBrowseForFolderW
SHChangeNotify
SHCreateDirectoryExA
SHCreateDirectoryExW
SHEmptyRecycleBinW
SHFileOperation
SHFreeNameMappings
SHGetDataFromIDListW
SHGetDesktopFolder
SHGetDiskFreeSpaceExW
SHGetFileInfo
SHGetFileInfoW
SHGetFolderPathA
SHGetFolderPathW
SHGetIconOverlayIndexA
SHGetIconOverlayIndexW
SHGetInstanceExplorer
SHGetMalloc
SHGetPathFromIDList
SHGetPathFromIDListA

shlwapi

StrChrIA
StrChrIW
StrCmpNIA
StrCmpNIW
StrCmpNW
StrRChrA
StrRChrIW
StrRChrW
StrRStrIA
StrRStrIW
StrStrIA
StrStrIW

Sections

.text
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text1
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 944B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8946be53441b3ea767587ba1182f91a9

Code Sign

1b:5d:65:19:a1:99:87:a7:49:c4:c9:0a:ec:f1:a3:3bCertificate

Extended Key Usages

48:5f:8f:9b:57:ac:2d:43:82:fb:e5:c7:0e:d5:50:9c:56:d0:16:9eSigner

Signature Validations

Verification

01/12/2022, 14:34 Valid: false

Headers

File Characteristics

Imports

kernel32

user32

shell32

shlwapi

Sections

.text Size: 12KB - Virtual size: 11KB

.text1 Size: 20KB - Virtual size: 19KB

.data Size: 1024B - Virtual size: 944B

.rsrc Size: 18KB - Virtual size: 18KB

.reloc Size: 2KB - Virtual size: 1KB

1b:5d:65:19:a1:99:87:a7:49:c4:c9:0a:ec:f1:a3:3b
Certificate

48:5f:8f:9b:57:ac:2d:43:82:fb:e5:c7:0e:d5:50:9c:56:d0:16:9e
Signer

01/12/2022, 14:34
Valid: false

.text
Size: 12KB - Virtual size: 11KB

.text1
Size: 20KB - Virtual size: 19KB

.data
Size: 1024B - Virtual size: 944B

.rsrc
Size: 18KB - Virtual size: 18KB

.reloc
Size: 2KB - Virtual size: 1KB