bcaf4f74465dd6543b43d46497e79d71bac5136b3c9c8ece29cd965563b7b496

Sharing

Copy URL Twitter E-mail

General

Target

bcaf4f74465dd6543b43d46497e79d71bac5136b3c9c8ece29cd965563b7b496
Size

288KB
MD5

e70a95d5191a66aec9278470eace92c0
SHA1

7abe74a861fc3a031ff04ebedf893c0885b2d1db
SHA256

bcaf4f74465dd6543b43d46497e79d71bac5136b3c9c8ece29cd965563b7b496
SHA512

d5ce730a4d2ce123b9ba3370657eb9cac9be07e8f9701ba36e6746e76751fe2d5ec5e40e063c38f5dba5cf3b5237c3d2ad24f9ffa7ead39bac5d64c0c68d30fa
SSDEEP

6144:rXQgPMjj2UoEA4fE9vbppCJz1BfsR/5CEIHK3j/:rAgEjj274clQJYdK0r

Score

N/A

Malware Config

Signatures

Files

bcaf4f74465dd6543b43d46497e79d71bac5136b3c9c8ece29cd965563b7b496
.exe windows x86

601db19cceb9d822e7c42d46e21abb91

Code Sign

2b:3e:ce:43:49:e5:e9:bb:43:b8:1f:91:45:53:d4:b0
Certificate

Issuer

CN=jhjkkkkkkkkkkkkkkkkkkkkkkkkkkkk D6Fe16q4yMwpwCc pDKmCrkt5LukAMDaGED6nGnnaI1fnc3awGGlpJ uEuGMoEgki5JJr ueJLL4AaJduLmifzInbyGbx4lzL395Do pAdnto8n9g2ICirqyFxAvhLqxGdp15LsAnH9hluIjIJrGsKAhru4ueHEhHm3w6r8 DGd2CBqsye m4dMFakcfL2mhycKi6udeaoIpc4h7bHEAzDg89wyBq2q42h33qrjmKisgefhHeGfkCzrq84H696Jjncl2n7EgeppEE n14v94KDba7FJbwHcdrbtaLfGirpjifg52JBsDw47s9gHlI7HaFffIDAvsa1hM8rvuGB1E6eJ qmA4k4 mkhjleICmAgajk8gi3io5BB6Eu fz15f4qBaLbjnF9bi5m7nr6ysmarBMoIotGK6rzp6jB1yAsKCmog3ecbjBvJvd8Hl8gbgswaEKpfhc7s4a8kKKkDCmaCLv71xFh71ckCJs3rftJ4cH9qsfH9FF51DaD1pt7HLoptM4ubtLH8jI2idlqqB8dd1kbq5Fpa928r C3gkx6wBgq9s2gg2Kb1Ja8iMD67hE4Kvg9aGhC1h6bhDEolJGgsIJyc4Eg I3EmjGqjFAmqt12cann7h8GqzL5Ar3es9Hwi4nK4F3salM lCAIhn86ta 6FC9Ecuocpa5Iq6wK2MhmCg2tmIiCGCnx9cIyyfJ2fsnxGjBg97mBdi4umrx1oqm2waHiAMtoCr1GG5txMLyDBimam4Ma2uD5biuFctIcokEgrlAM9jkCC3w6hmflCF6Gf7ouaHfKuI2n3uCbLr6drM7h43mjr5KGjpp7yfm3 bjjgCav4chILhHEbyJ aKz6z4qp6HfI1Ej8Eduro5evuM5r74329g43g5mKGlKqKlexBj2vxMHAB2KDzgBt86axGiKfFn44GDtirjz8rBJCqew6sMcCyff3p7sj4ouKMBApooIxJk8vCJmDD bkLrByHlz1tCnJ a8pyFG9Lm6yM6L2gzocjptm 4stAq43rcGzntd1bxq5hIE6xoz42dJnCiMIz9qpGeMhe5A6wepv 2yhDzsc HEtCaudCFKIeM sBr3csahuw5m4Au4z5keInEBIKDx53mEmt3Gl8BxMulGJDBKMy3otyMhl8Fvd9cbAqxtac2IvG 5wlfhtFAvM32AEKqHp5ig9lpz8Lmhbv2sJc3d1x3iepjArLFxAmfMIb4dH6rIFLsyxeLziuh44tmstmeomnMvcIIw hcIJ7JG8K rHd4rDk Hv5Hbdk4r9tc47mgJkIjKxLM1nbq8sKm2HgpGGqt8rmKK32gB2vl7lr1KAkFlu5h agx1 7xruz8xBwgn9mp1 bB27EDptKu9bnBpdc3rj1yAKdMop7F4f9Ctnra9lz6Icy6KEeg9HJCAkqe KjurMIqwBzx8l5fAeMADnjjw53geeM4yd89KrICEjtpfgrB6ekH ezy7u9lHwyl2dn4M3Bl3zoEra6jdFLaescvvj9KC8hwJjsh3xpqF7Dvrvg62enkD5zaIEspJxap4881wnlyBsDCzpnb5yxDqBuKna9zcLJ263gfD1HA2sx5FanIF3ii5fc39uaHr x2gIMssqx tnmFDmiyDEnIkt1Jw4HJ78fsi3CLwcMC22G1vjB7h2IBh 96CainkiM9Jtp D2hIo6qJpt4J1d25L6jcLbcAGadI2d95Ed1BKFIuzEcy7zLyDewfrJJoMpfMnmpBqku5Fujz9Fmjlag7nu8wnHzdw965qwDvAeIxrxbKMmf1bxru2sFthMDo8fKgMgefMgHJGc11fkq7EFjpqgAGskdw7Kgz24tq1ibmFfgqlqutuJ1bFlIwuxHfEbetrgmIt1ArAx1xh33j8tzrF88v 4calzudBGt9cGnGcJ9ogtHiyG1q5Fi9Fm9cvb4yhHID4m6LpgHmM2igC aaaaaaaaaaaaaaaaaaaaaaaaaa

Not Before

11/01/2013, 12:30

Not After

31/12/2039, 23:59

Subject

CN=jhjkkkkkkkkkkkkkkkkkkkkkkkkkkkk D6Fe16q4yMwpwCc pDKmCrkt5LukAMDaGED6nGnnaI1fnc3awGGlpJ uEuGMoEgki5JJr ueJLL4AaJduLmifzInbyGbx4lzL395Do pAdnto8n9g2ICirqyFxAvhLqxGdp15LsAnH9hluIjIJrGsKAhru4ueHEhHm3w6r8 DGd2CBqsye m4dMFakcfL2mhycKi6udeaoIpc4h7bHEAzDg89wyBq2q42h33qrjmKisgefhHeGfkCzrq84H696Jjncl2n7EgeppEE n14v94KDba7FJbwHcdrbtaLfGirpjifg52JBsDw47s9gHlI7HaFffIDAvsa1hM8rvuGB1E6eJ qmA4k4 mkhjleICmAgajk8gi3io5BB6Eu fz15f4qBaLbjnF9bi5m7nr6ysmarBMoIotGK6rzp6jB1yAsKCmog3ecbjBvJvd8Hl8gbgswaEKpfhc7s4a8kKKkDCmaCLv71xFh71ckCJs3rftJ4cH9qsfH9FF51DaD1pt7HLoptM4ubtLH8jI2idlqqB8dd1kbq5Fpa928r C3gkx6wBgq9s2gg2Kb1Ja8iMD67hE4Kvg9aGhC1h6bhDEolJGgsIJyc4Eg I3EmjGqjFAmqt12cann7h8GqzL5Ar3es9Hwi4nK4F3salM lCAIhn86ta 6FC9Ecuocpa5Iq6wK2MhmCg2tmIiCGCnx9cIyyfJ2fsnxGjBg97mBdi4umrx1oqm2waHiAMtoCr1GG5txMLyDBimam4Ma2uD5biuFctIcokEgrlAM9jkCC3w6hmflCF6Gf7ouaHfKuI2n3uCbLr6drM7h43mjr5KGjpp7yfm3 bjjgCav4chILhHEbyJ aKz6z4qp6HfI1Ej8Eduro5evuM5r74329g43g5mKGlKqKlexBj2vxMHAB2KDzgBt86axGiKfFn44GDtirjz8rBJCqew6sMcCyff3p7sj4ouKMBApooIxJk8vCJmDD bkLrByHlz1tCnJ a8pyFG9Lm6yM6L2gzocjptm 4stAq43rcGzntd1bxq5hIE6xoz42dJnCiMIz9qpGeMhe5A6wepv 2yhDzsc HEtCaudCFKIeM sBr3csahuw5m4Au4z5keInEBIKDx53mEmt3Gl8BxMulGJDBKMy3otyMhl8Fvd9cbAqxtac2IvG 5wlfhtFAvM32AEKqHp5ig9lpz8Lmhbv2sJc3d1x3iepjArLFxAmfMIb4dH6rIFLsyxeLziuh44tmstmeomnMvcIIw hcIJ7JG8K rHd4rDk Hv5Hbdk4r9tc47mgJkIjKxLM1nbq8sKm2HgpGGqt8rmKK32gB2vl7lr1KAkFlu5h agx1 7xruz8xBwgn9mp1 bB27EDptKu9bnBpdc3rj1yAKdMop7F4f9Ctnra9lz6Icy6KEeg9HJCAkqe KjurMIqwBzx8l5fAeMADnjjw53geeM4yd89KrICEjtpfgrB6ekH ezy7u9lHwyl2dn4M3Bl3zoEra6jdFLaescvvj9KC8hwJjsh3xpqF7Dvrvg62enkD5zaIEspJxap4881wnlyBsDCzpnb5yxDqBuKna9zcLJ263gfD1HA2sx5FanIF3ii5fc39uaHr x2gIMssqx tnmFDmiyDEnIkt1Jw4HJ78fsi3CLwcMC22G1vjB7h2IBh 96CainkiM9Jtp D2hIo6qJpt4J1d25L6jcLbcAGadI2d95Ed1BKFIuzEcy7zLyDewfrJJoMpfMnmpBqku5Fujz9Fmjlag7nu8wnHzdw965qwDvAeIxrxbKMmf1bxru2sFthMDo8fKgMgefMgHJGc11fkq7EFjpqgAGskdw7Kgz24tq1ibmFfgqlqutuJ1bFlIwuxHfEbetrgmIt1ArAx1xh33j8tzrF88v 4calzudBGt9cGnGcJ9ogtHiyG1q5Fi9Fm9cvb4yhHID4m6LpgHmM2igC aaaaaaaaaaaaaaaaaaaaaaaaaa

Extended Key Usages

ExtKeyUsageCodeSigning

d2:97:19:a2:8e:e8:1f:97:4e:67:c1:ad:b9:8d:38:5b:7f:02:ae:54
Signer

Actual PE Digest

d2:97:19:a2:8e:e8:1f:97:4e:67:c1:ad:b9:8d:38:5b:7f:02:ae:54

Digest Algorithm

sha1

PE Digest Matches

false

Signature Validations

Trusted

false

Verification

Signing Certificate

CN=jhjkkkkkkkkkkkkkkkkkkkkkkkkkkkk D6Fe16q4yMwpwCc pDKmCrkt5LukAMDaGED6nGnnaI1fnc3awGGlpJ uEuGMoEgki5JJr ueJLL4AaJduLmifzInbyGbx4lzL395Do pAdnto8n9g2ICirqyFxAvhLqxGdp15LsAnH9hluIjIJrGsKAhru4ueHEhHm3w6r8 DGd2CBqsye m4dMFakcfL2mhycKi6udeaoIpc4h7bHEAzDg89wyBq2q42h33qrjmKisgefhHeGfkCzrq84H696Jjncl2n7EgeppEE n14v94KDba7FJbwHcdrbtaLfGirpjifg52JBsDw47s9gHlI7HaFffIDAvsa1hM8rvuGB1E6eJ qmA4k4 mkhjleICmAgajk8gi3io5BB6Eu fz15f4qBaLbjnF9bi5m7nr6ysmarBMoIotGK6rzp6jB1yAsKCmog3ecbjBvJvd8Hl8gbgswaEKpfhc7s4a8kKKkDCmaCLv71xFh71ckCJs3rftJ4cH9qsfH9FF51DaD1pt7HLoptM4ubtLH8jI2idlqqB8dd1kbq5Fpa928r C3gkx6wBgq9s2gg2Kb1Ja8iMD67hE4Kvg9aGhC1h6bhDEolJGgsIJyc4Eg I3EmjGqjFAmqt12cann7h8GqzL5Ar3es9Hwi4nK4F3salM lCAIhn86ta 6FC9Ecuocpa5Iq6wK2MhmCg2tmIiCGCnx9cIyyfJ2fsnxGjBg97mBdi4umrx1oqm2waHiAMtoCr1GG5txMLyDBimam4Ma2uD5biuFctIcokEgrlAM9jkCC3w6hmflCF6Gf7ouaHfKuI2n3uCbLr6drM7h43mjr5KGjpp7yfm3 bjjgCav4chILhHEbyJ aKz6z4qp6HfI1Ej8Eduro5evuM5r74329g43g5mKGlKqKlexBj2vxMHAB2KDzgBt86axGiKfFn44GDtirjz8rBJCqew6sMcCyff3p7sj4ouKMBApooIxJk8vCJmDD bkLrByHlz1tCnJ a8pyFG9Lm6yM6L2gzocjptm 4stAq43rcGzntd1bxq5hIE6xoz42dJnCiMIz9qpGeMhe5A6wepv 2yhDzsc HEtCaudCFKIeM sBr3csahuw5m4Au4z5keInEBIKDx53mEmt3Gl8BxMulGJDBKMy3otyMhl8Fvd9cbAqxtac2IvG 5wlfhtFAvM32AEKqHp5ig9lpz8Lmhbv2sJc3d1x3iepjArLFxAmfMIb4dH6rIFLsyxeLziuh44tmstmeomnMvcIIw hcIJ7JG8K rHd4rDk Hv5Hbdk4r9tc47mgJkIjKxLM1nbq8sKm2HgpGGqt8rmKK32gB2vl7lr1KAkFlu5h agx1 7xruz8xBwgn9mp1 bB27EDptKu9bnBpdc3rj1yAKdMop7F4f9Ctnra9lz6Icy6KEeg9HJCAkqe KjurMIqwBzx8l5fAeMADnjjw53geeM4yd89KrICEjtpfgrB6ekH ezy7u9lHwyl2dn4M3Bl3zoEra6jdFLaescvvj9KC8hwJjsh3xpqF7Dvrvg62enkD5zaIEspJxap4881wnlyBsDCzpnb5yxDqBuKna9zcLJ263gfD1HA2sx5FanIF3ii5fc39uaHr x2gIMssqx tnmFDmiyDEnIkt1Jw4HJ78fsi3CLwcMC22G1vjB7h2IBh 96CainkiM9Jtp D2hIo6qJpt4J1d25L6jcLbcAGadI2d95Ed1BKFIuzEcy7zLyDewfrJJoMpfMnmpBqku5Fujz9Fmjlag7nu8wnHzdw965qwDvAeIxrxbKMmf1bxru2sFthMDo8fKgMgefMgHJGc11fkq7EFjpqgAGskdw7Kgz24tq1ibmFfgqlqutuJ1bFlIwuxHfEbetrgmIt1ArAx1xh33j8tzrF88v 4calzudBGt9cGnGcJ9ogtHiyG1q5Fi9Fm9cvb4yhHID4m6LpgHmM2igC aaaaaaaaaaaaaaaaaaaaaaaaaa

01/12/2022, 14:34
Valid: false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetDiskFreeSpaceA
GetFileSize
GetLastError
GetLocalTime
GetLocaleInfoA
GetOEMCP
GetSystemTime
HeapAlloc
HeapFree
HeapReAlloc
InterlockedExchange
LoadLibraryA
RtlUnwind
GetCPInfo
SetFilePointer
SystemTimeToFileTime
TlsSetValue
VirtualAlloc
VirtualFree
VirtualQuery
WriteFile
lstrcmpA
lstrcmpiA
lstrlenA
ReadFile
CloseHandle
GetACP
FindNextFileA
FindFirstFileA
FindClose
DeleteFileA
CreateFileA
CreateDirectoryA
SetEndOfFile

user32

GetParent
GetWindowRect
IsDialogMessageA
IsDlgButtonChecked
LoadStringA
MessageBoxA
OffsetRect
PeekMessageA
SendMessageA
SetDlgItemTextA
SetFocus
SetForegroundWindow
SetWindowPos
ShowWindow
SystemParametersInfoA
TranslateMessage
GetDlgItem
GetDesktopWindow
EndDialog
DispatchMessageA
DialogBoxParamA
DestroyWindow
CreateDialogParamA
CheckDlgButton
CharPrevA

advapi32

RegEnumKeyExA
RegOpenKeyA
RegOpenKeyExA
RegOverridePredefKey
RegQueryInfoKeyA
RegQueryValueExA
RegSetValueExA
RegCloseKey

Sections

.text
Size: 267KB - Virtual size: 267KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 360B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data4
Size: 512B - Virtual size: 100B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data3
Size: 512B - Virtual size: 100B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data2
Size: 512B - Virtual size: 100B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

601db19cceb9d822e7c42d46e21abb91

Code Sign

2b:3e:ce:43:49:e5:e9:bb:43:b8:1f:91:45:53:d4:b0Certificate

Extended Key Usages

d2:97:19:a2:8e:e8:1f:97:4e:67:c1:ad:b9:8d:38:5b:7f:02:ae:54Signer

Signature Validations

Verification

01/12/2022, 14:34 Valid: false

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

Sections

.text Size: 267KB - Virtual size: 267KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 512B - Virtual size: 360B

.data4 Size: 512B - Virtual size: 100B

.data3 Size: 512B - Virtual size: 100B

.data2 Size: 512B - Virtual size: 100B

.rsrc Size: 3KB - Virtual size: 2KB

2b:3e:ce:43:49:e5:e9:bb:43:b8:1f:91:45:53:d4:b0
Certificate

d2:97:19:a2:8e:e8:1f:97:4e:67:c1:ad:b9:8d:38:5b:7f:02:ae:54
Signer

01/12/2022, 14:34
Valid: false

.text
Size: 267KB - Virtual size: 267KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 512B - Virtual size: 360B

.data4
Size: 512B - Virtual size: 100B

.data3
Size: 512B - Virtual size: 100B

.data2
Size: 512B - Virtual size: 100B

.rsrc
Size: 3KB - Virtual size: 2KB