ca6280ed93d6c3e0f5dce6d39edd9303e63385f16084b5c8ec37eea456157702

Sharing

Copy URL Twitter E-mail

General

Target

ca6280ed93d6c3e0f5dce6d39edd9303e63385f16084b5c8ec37eea456157702
Size

18KB
MD5

344791ee32b7e7e147e18ab8ae6717e3
SHA1

3a1cf591fa6f37203acb5806dff27425dcf81ee5
SHA256

ca6280ed93d6c3e0f5dce6d39edd9303e63385f16084b5c8ec37eea456157702
SHA512

4c39ff780e9e781c12ec6f4809c7a4a1d08f80abc12f052c1dc914b72ba3e4d3b8dc866da401a394fdccbf14c8c683d3aea8541459c00903e44c43dfb8a0902b
SSDEEP

384:UpG4WrQLdSFaugFIKEfervAdn6S8TeIQH:UpyrQLdSFafI9eEdn2eIQH

Score

N/A

Malware Config

Signatures

Files

ca6280ed93d6c3e0f5dce6d39edd9303e63385f16084b5c8ec37eea456157702
.exe windows x86

b4f1c4b437733e1ed2d4a638b747a49d

Code Sign

47:5a:de:f4:0a:d5:5d:b1:4a:8f:f3:53:bd:17:64:43
Certificate

Issuer

CN=551212512

Not Before

12/02/2012, 09:34

Not After

31/12/2039, 23:59

Subject

CN=551212512

Extended Key Usages

ExtKeyUsageCodeSigning

49:f6:dd:a0:73:f4:2e:c7:4d:85:00:69:99:31:48:df:d5:1a:95:ae
Signer

Actual PE Digest

49:f6:dd:a0:73:f4:2e:c7:4d:85:00:69:99:31:48:df:d5:1a:95:ae

Digest Algorithm

sha1

PE Digest Matches

true

Signature Validations

Trusted

false

Verification

Signing Certificate

CN=551212512

01/12/2022, 14:34
Valid: false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
GetModuleHandleA

msvcrt

memset

user32

LoadBitmapA

advapi32

RegOpenKeyExA

shlwapi

UrlGetLocationA
UrlUnescapeA
UrlIsNoHistoryW
AssocCreate
AssocQueryStringA
GetMenuPosFromID
PathAddBackslashA
PathAddBackslashW
PathAddExtensionW
PathAppendA
PathBuildRootW
PathCombineA
PathCommonPrefixW
PathFindExtensionW
PathFindFileNameW
PathFindOnPathA
PathGetArgsA
PathGetCharTypeA
PathGetCharTypeW
PathIsContentTypeW
PathIsDirectoryW
PathIsFileSpecA
PathIsFileSpecW
PathIsPrefixW
PathIsRelativeA
PathIsRelativeW
PathIsUNCA
PathIsUNCServerA
PathIsUNCServerShareA
PathMakePrettyA
PathMatchSpecA
PathRemoveArgsA
PathRemoveBackslashW
PathRemoveBlanksW
PathRemoveExtensionW
PathRemoveFileSpecW
PathSearchAndQualifyW
PathSetDlgItemPathA
PathSetDlgItemPathW
PathStripPathA
PathUnquoteSpacesW
SHAutoComplete
SHCreateShellPalette
SHCreateStreamOnFileA
SHDeleteEmptyKeyW
SHDeleteValueW
SHGetThreadRef
SHGetValueA
SHOpenRegStreamA
SHQueryValueExA
SHQueryValueExW
SHRegCreateUSKeyA
SHRegEnumUSKeyA
SHRegGetUSValueW
SHRegOpenUSKeyW
SHRegQueryInfoUSKeyA
SHRegQueryUSValueA
SHRegQueryUSValueW
SHRegSetUSValueA
SHRegWriteUSValueA
SHStrDupA
StrCSpnIA
StrCatBuffW
StrChrA
StrCmpIW
StrCmpNIA
StrCmpNW
StrFormatByteSize64A
StrIsIntlEqualA
StrPBrkA
StrRChrW
StrRStrIA
StrRStrIW
StrRetToBufA
StrRetToStrA
StrRetToStrW
StrSpnA
StrStrA
StrStrIA
StrStrIW
StrStrW
StrToIntW
UrlCompareW
UrlCreateFromPathW

version

VerQueryValueW
VerQueryValueA
GetFileVersionInfoA
GetFileVersionInfoSizeA
GetFileVersionInfoSizeW
GetFileVersionInfoW
VerFindFileA
VerFindFileW
VerInstallFileA
VerInstallFileW

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text1
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text2
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 88B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b4f1c4b437733e1ed2d4a638b747a49d

Code Sign

47:5a:de:f4:0a:d5:5d:b1:4a:8f:f3:53:bd:17:64:43Certificate

Extended Key Usages

49:f6:dd:a0:73:f4:2e:c7:4d:85:00:69:99:31:48:df:d5:1a:95:aeSigner

Signature Validations

Verification

01/12/2022, 14:34 Valid: false

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

msvcrt

user32

advapi32

shlwapi

version

Sections

.text Size: 4KB - Virtual size: 4KB

.text1 Size: 1024B - Virtual size: 1000B

.text2 Size: 8KB - Virtual size: 8KB

.data Size: 512B - Virtual size: 88B

.rsrc Size: 2KB - Virtual size: 1KB

47:5a:de:f4:0a:d5:5d:b1:4a:8f:f3:53:bd:17:64:43
Certificate

49:f6:dd:a0:73:f4:2e:c7:4d:85:00:69:99:31:48:df:d5:1a:95:ae
Signer

01/12/2022, 14:34
Valid: false

.text
Size: 4KB - Virtual size: 4KB

.text1
Size: 1024B - Virtual size: 1000B

.text2
Size: 8KB - Virtual size: 8KB

.data
Size: 512B - Virtual size: 88B

.rsrc
Size: 2KB - Virtual size: 1KB