ca78c65a19484c0fd3300423ca325801e874dae5b92300b2259ffd08b67ebd47

Sharing

Copy URL

Twitter E-mail

General

Target

ca78c65a19484c0fd3300423ca325801e874dae5b92300b2259ffd08b67ebd47
Size

325KB
MD5

d77131bce087f96924e281ef510c19b4
SHA1

91b40074f5efcc3f570067752703ea9d2998fb7b
SHA256

ca78c65a19484c0fd3300423ca325801e874dae5b92300b2259ffd08b67ebd47
SHA512

9fc3ec0849afc3c88b917c9fc4eb392c259c4b667cb212f5c7f2b73f8d1fafc283365ecdaf8bda4d865a5a1579ef2f0cca9b8a700d7f3d04b9fa3c51602947e8
SSDEEP

6144:be3NlYQGajfevbl/RM2k1Pt+LCJ8kOp4x1mMwO9eGGxMbaCw3ovUxY:q3XtRjf85i2kT+LBXpDMjefxOaCw3oIY

Score

N/A

Malware Config

Signatures

Files

ca78c65a19484c0fd3300423ca325801e874dae5b92300b2259ffd08b67ebd47
.exe windows x86

1857747c043cb479846bd5be2b04d87f

Code Sign

51:31:82:28:1b:07:33:b8:4a:75:e4:e4:b9:cb:7e:f6
Certificate

Issuer

CN=99818423945557345441449878765547442456928866767918827368261976484851898342761913594992196975363836497319382637632569255628795451453624967647616715124687429

Not Before

23/01/2013, 18:13

Not After

31/12/2039, 23:59

Subject

CN=99818423945557345441449878765547442456928866767918827368261976484851898342761913594992196975363836497319382637632569255628795451453624967647616715124687429

Extended Key Usages

ExtKeyUsageCodeSigning

02:5a:6b:7c:b2:f5:c6:5f:ff:d9:0e:07:1b:c1:71:fb:a9:08:5a:d4
Signer

Actual PE Digest

02:5a:6b:7c:b2:f5:c6:5f:ff:d9:0e:07:1b:c1:71:fb:a9:08:5a:d4

Digest Algorithm

sha1

PE Digest Matches

true

Signature Validations

Trusted

false

Verification

Signing Certificate

CN=99818423945557345441449878765547442456928866767918827368261976484851898342761913594992196975363836497319382637632569255628795451453624967647616715124687429

01/12/2022, 14:34
Valid: false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAlloc
GetProcAddress
LoadLibraryExA

user32

PostQuitMessage
DefWindowProcA
LoadIconA
LoadCursorA
GetClientRect

gdi32

DeleteEnhMetaFile
CloseEnhMetaFile
LineTo
CreateEnhMetaFileA
Rectangle
MoveToEx
PlayEnhMetaFile

Sections

.text
Size: 315KB - Virtual size: 314KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata2
Size: 512B - Virtual size: 100B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1857747c043cb479846bd5be2b04d87f

Code Sign

51:31:82:28:1b:07:33:b8:4a:75:e4:e4:b9:cb:7e:f6Certificate

Extended Key Usages

02:5a:6b:7c:b2:f5:c6:5f:ff:d9:0e:07:1b:c1:71:fb:a9:08:5a:d4Signer

Signature Validations

Verification

01/12/2022, 14:34 Valid: false

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

Sections

.text Size: 315KB - Virtual size: 314KB

.data Size: 1KB - Virtual size: 1KB

.rdata2 Size: 512B - Virtual size: 100B

.rsrc Size: 2KB - Virtual size: 2KB

51:31:82:28:1b:07:33:b8:4a:75:e4:e4:b9:cb:7e:f6
Certificate

02:5a:6b:7c:b2:f5:c6:5f:ff:d9:0e:07:1b:c1:71:fb:a9:08:5a:d4
Signer

01/12/2022, 14:34
Valid: false

.text
Size: 315KB - Virtual size: 314KB

.data
Size: 1KB - Virtual size: 1KB

.rdata2
Size: 512B - Virtual size: 100B

.rsrc
Size: 2KB - Virtual size: 2KB