c6d742203f5b7e5b9f1112a21d5b427e5c48e07e16b042e25650fd6495e0ab03

Sharing

Copy URL Twitter E-mail

General

Target

c6d742203f5b7e5b9f1112a21d5b427e5c48e07e16b042e25650fd6495e0ab03
Size

150KB
MD5

5b4ee9d4c368f04533044568db2705f5
SHA1

5c2ee2cb88e45760a7e366e3537557a51e1f6456
SHA256

c6d742203f5b7e5b9f1112a21d5b427e5c48e07e16b042e25650fd6495e0ab03
SHA512

71b5e2bd037cd39e2c831ada5ad1df34014f28eca44e859169da729254714c1dadb4896ffbfbacb452d1b7ae2f1d5de032aa7ae0be8300f90db4fe652bbc4016
SSDEEP

3072:YEsWXgbebo9ySYLHXOpULn0waRwUuj+fvacOVNpkl0:YE3XgsnO+L0PHaVNpkl0

Score

N/A

Malware Config

Signatures

Files

c6d742203f5b7e5b9f1112a21d5b427e5c48e07e16b042e25650fd6495e0ab03
.exe windows x86

9b6e0695e1473c8ee9fd7be9cc3cb2a3

Code Sign

5e:3e:7f:be:33:99:9a:7e:b2:42:e0:c5:73:b1:a4:ad
Certificate

Issuer

CN=11495241195584149473579422884538747644267492481797242633432131322829462838864744465326458884695286777678664452353234864354842728946851575688741717386483856

Not Before

17/01/2013, 17:02

Not After

31/12/2039, 23:59

Subject

CN=11495241195584149473579422884538747644267492481797242633432131322829462838864744465326458884695286777678664452353234864354842728946851575688741717386483856

Extended Key Usages

ExtKeyUsageCodeSigning

24:19:8f:5f:03:fc:dd:4f:6a:be:07:7a:cc:fe:42:80:d9:02:f5:92
Signer

Actual PE Digest

24:19:8f:5f:03:fc:dd:4f:6a:be:07:7a:cc:fe:42:80:d9:02:f5:92

Digest Algorithm

sha1

PE Digest Matches

true

Signature Validations

Trusted

false

Verification

Signing Certificate

CN=11495241195584149473579422884538747644267492481797242633432131322829462838864744465326458884695286777678664452353234864354842728946851575688741717386483856

01/12/2022, 14:34
Valid: false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ReadFile
ExitProcess
VirtualAllocEx
SetUnhandledExceptionFilter
GetCommandLineW
GetModuleHandleW
WideCharToMultiByte
VirtualAlloc
VirtualFree
GetTempFileNameA
GetWindowsDirectoryA
FileTimeToSystemTime
ExpandEnvironmentStringsA
SearchPathA
GetTempPathA
GetFileAttributesA
CopyFileA
CreateFileA
DeleteFileA
CompareFileTime
CompareStringA
GetLocaleInfoW
FormatMessageA
GetSystemTime
IsBadStringPtrA
IsBadStringPtrW
IsBadWritePtr
ResumeThread
TerminateThread
WaitForMultipleObjects
GetSystemDefaultLCID
lstrcpyW
SetLastError
FlushInstructionCache
lstrcmpiA
lstrcmpA
SetFilePointer
MoveFileExW
SetErrorMode
CreateFileMappingA
CreateMutexA
DuplicateHandle
CreateProcessW
ReleaseMutex
GlobalLock
GlobalUnlock
VirtualQuery
GetSystemInfo
GetVersion
VirtualProtect
FindClose
MoveFileW
LocalAlloc
IsDBCSLeadByteEx
GlobalAlloc
SetThreadLocale
CreateFileMappingW
OpenFileMappingW
MapViewOfFile
UnmapViewOfFile
LocalFree
OpenEventW
SetEvent
ResetEvent
DeleteFileW
CompareStringW
WriteFile
lstrcpynW
lstrcmpW
lstrlenW
lstrcmpiW
CreateFileW
GetLastError
GetFileSize
MultiByteToWideChar
LoadLibraryW
GetProcAddress
FreeLibrary
GetTickCount
lstrlenA
LeaveCriticalSection
EnterCriticalSection
GetCurrentThreadId
Sleep
CreateEventW
CreateThread
InterlockedDecrement
InterlockedIncrement
WaitForSingleObject
CloseHandle
DeleteCriticalSection
InitializeCriticalSection
GetCurrentThread
FindResourceA
InterlockedExchange
GetACP
GetLocaleInfoA
GetThreadLocale
RaiseException
GetVersionExW

user32

LoadIconA
LoadCursorA
RegisterClassExA
CreateWindowExA
ShowWindow
UpdateWindow
GetMessageA
TranslateMessage
DispatchMessageA
BeginPaint
GetClientRect
EndPaint
PostQuitMessage
DefWindowProcA
LoadCursorW
SetCursor
DialogBoxParamW
GetForegroundWindow
SetForegroundWindow
EndDialog
GetWindowTextW
SetWindowTextW
SetFocus
SetTimer
GetDlgItem
SendMessageW
GetWindowRect
MapDialogRect
PostMessageW
KillTimer
MessageBoxA
MessageBoxW
CharLowerW

gdi32

GetStockObject
CreateEnhMetaFileA
Rectangle
MoveToEx
LineTo
CloseEnhMetaFile
PlayEnhMetaFile
DeleteEnhMetaFile

advapi32

RegOpenKeyExA
RegQueryValueExW
RegOpenKeyExW
RegCloseKey
RegSetValueExW
RegEnumValueW
RegDeleteKeyW
GetUserNameW
RegDeleteValueW

ole32

CoUninitialize
CoInitializeEx
CoCreateInstance

Sections

.text
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 111KB - Virtual size: 110KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data7
Size: 512B - Virtual size: 100B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data6
Size: 512B - Virtual size: 100B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data5
Size: 512B - Virtual size: 100B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data4
Size: 512B - Virtual size: 100B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data3
Size: 512B - Virtual size: 100B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data2
Size: 512B - Virtual size: 100B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 716B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9b6e0695e1473c8ee9fd7be9cc3cb2a3

Code Sign

5e:3e:7f:be:33:99:9a:7e:b2:42:e0:c5:73:b1:a4:adCertificate

Extended Key Usages

24:19:8f:5f:03:fc:dd:4f:6a:be:07:7a:cc:fe:42:80:d9:02:f5:92Signer

Signature Validations

Verification

01/12/2022, 14:34 Valid: false

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

ole32

Sections

.text Size: 15KB - Virtual size: 14KB

.rdata Size: 111KB - Virtual size: 110KB

.data Size: 14KB - Virtual size: 13KB

.data7 Size: 512B - Virtual size: 100B

.data6 Size: 512B - Virtual size: 100B

.data5 Size: 512B - Virtual size: 100B

.data4 Size: 512B - Virtual size: 100B

.data3 Size: 512B - Virtual size: 100B

.data2 Size: 512B - Virtual size: 100B

.reloc Size: 1024B - Virtual size: 716B

5e:3e:7f:be:33:99:9a:7e:b2:42:e0:c5:73:b1:a4:ad
Certificate

24:19:8f:5f:03:fc:dd:4f:6a:be:07:7a:cc:fe:42:80:d9:02:f5:92
Signer

01/12/2022, 14:34
Valid: false

.text
Size: 15KB - Virtual size: 14KB

.rdata
Size: 111KB - Virtual size: 110KB

.data
Size: 14KB - Virtual size: 13KB

.data7
Size: 512B - Virtual size: 100B

.data6
Size: 512B - Virtual size: 100B

.data5
Size: 512B - Virtual size: 100B

.data4
Size: 512B - Virtual size: 100B

.data3
Size: 512B - Virtual size: 100B

.data2
Size: 512B - Virtual size: 100B

.reloc
Size: 1024B - Virtual size: 716B