c442e5ca7f5b7997b0b44206cb0d89e8e090c096e6c324195d950567c12a2fee

Sharing

Copy URL

Twitter E-mail

General

Target

c442e5ca7f5b7997b0b44206cb0d89e8e090c096e6c324195d950567c12a2fee
Size

285KB
MD5

5a8878fcda35af358bef603953056800
SHA1

b3559b3eda46658056501c4fac892cb97cb97c47
SHA256

c442e5ca7f5b7997b0b44206cb0d89e8e090c096e6c324195d950567c12a2fee
SHA512

d92e88e995af7d282ec76297f22a0ef5f653ee120370e46d02a0a641f835b66d63e225ffd90ed31d20a1f65e1f3d30aed6c2dace878804426a4c248f0de4f07b
SSDEEP

3072:5uCxpSpxdrtyRk5eqV7rQyK88qmTbuJZT8unE7Pt9atVr5wfcfImaetvEiYxZwd9:5DiNrtyR8rq8aeLVnE7PbavRcpZvD9o

Score

N/A

Malware Config

Signatures

Files

c442e5ca7f5b7997b0b44206cb0d89e8e090c096e6c324195d950567c12a2fee
.exe windows x86

2d9f9dc159f8bcc692f23ecd45dc3b4e

Code Sign

7c:ed:f3:be:ea:46:8d:b2:44:9d:fd:5a:6d:29:4d:8e
Certificate

Issuer

CN=14527315717411392566623576816413966692124999737792658814863137562572395631753654774747394454759993464814217265772991364424451636158411615217592725787975156

Not Before

19/01/2013, 06:22

Not After

31/12/2039, 23:59

Subject

CN=14527315717411392566623576816413966692124999737792658814863137562572395631753654774747394454759993464814217265772991364424451636158411615217592725787975156

Extended Key Usages

ExtKeyUsageCodeSigning

18:d5:8e:55:ca:cd:64:38:81:6e:65:c1:bc:cd:a2:69:53:ab:f4:bd
Signer

Actual PE Digest

18:d5:8e:55:ca:cd:64:38:81:6e:65:c1:bc:cd:a2:69:53:ab:f4:bd

Digest Algorithm

sha1

PE Digest Matches

false

Signature Validations

Trusted

false

Verification

Signing Certificate

CN=14527315717411392566623576816413966692124999737792658814863137562572395631753654774747394454759993464814217265772991364424451636158411615217592725787975156

01/12/2022, 14:34
Valid: false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
ReadFile
VirtualAlloc

user32

MessageBeep
MessageBoxW
PostMessageW
PostQuitMessage
RegisterClassW
ReleaseCapture
ReleaseDC
SendMessageW
SetCapture
LoadStringW
SetDlgItemInt
SetTimer
SetWindowPos
SetWindowTextW
ShowCursor
ShowWindow
SystemParametersInfoW
TranslateAcceleratorW
TranslateMessage
UpdateWindow
WinHelpW
wsprintfW
LoadIconW
LoadCursorW
LoadBitmapW
LoadAcceleratorsW
KillTimer
IsIconic
InvalidateRect
GetWindowRect
GetWindowDC
GetSystemMetrics
GetSysColor
GetMessageW
GetMenu
GetDlgItemInt
GetDlgItem
GetDesktopWindow
GetDC
GetClientRect
FlashWindow
EndPaint
EndDialog
EnableMenuItem
DrawMenuBar
DispatchMessageW
DialogBoxParamW
DefWindowProcW
CreateWindowExW
BeginPaint
SetCursor

gdi32

CreateCompatibleDC
CreateCompatibleBitmap
CombineRgn
TextOutW
StretchBlt
SetTextColor
SetRectRgn
SetPixel
SetBkColor
SelectObject
PatBlt
MoveToEx
LineTo
GetTextMetricsW
GetTextExtentPoint32W
GetStockObject
GetPixel
GetDeviceCaps
DeleteObject
DeleteDC
CreateSolidBrush
CreateRectRgn
CreatePen
CreateICW
CreateFontIndirectW
BitBlt

advapi32

RegOpenKeyA

Sections

.text
Size: 270KB - Virtual size: 269KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 532B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ata7
Size: 512B - Virtual size: 100B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ata6
Size: 512B - Virtual size: 100B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ata5
Size: 512B - Virtual size: 100B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ata4
Size: 512B - Virtual size: 100B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ata3
Size: 512B - Virtual size: 100B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ata2
Size: 512B - Virtual size: 100B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2d9f9dc159f8bcc692f23ecd45dc3b4e

Code Sign

7c:ed:f3:be:ea:46:8d:b2:44:9d:fd:5a:6d:29:4d:8eCertificate

Extended Key Usages

18:d5:8e:55:ca:cd:64:38:81:6e:65:c1:bc:cd:a2:69:53:ab:f4:bdSigner

Signature Validations

Verification

01/12/2022, 14:34 Valid: false

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

Sections

.text Size: 270KB - Virtual size: 269KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 512B - Virtual size: 532B

.ata7 Size: 512B - Virtual size: 100B

.ata6 Size: 512B - Virtual size: 100B

.ata5 Size: 512B - Virtual size: 100B

.ata4 Size: 512B - Virtual size: 100B

.ata3 Size: 512B - Virtual size: 100B

.ata2 Size: 512B - Virtual size: 100B

.rsrc Size: 3KB - Virtual size: 2KB

7c:ed:f3:be:ea:46:8d:b2:44:9d:fd:5a:6d:29:4d:8e
Certificate

18:d5:8e:55:ca:cd:64:38:81:6e:65:c1:bc:cd:a2:69:53:ab:f4:bd
Signer

01/12/2022, 14:34
Valid: false

.text
Size: 270KB - Virtual size: 269KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 512B - Virtual size: 532B

.ata7
Size: 512B - Virtual size: 100B

.ata6
Size: 512B - Virtual size: 100B

.ata5
Size: 512B - Virtual size: 100B

.ata4
Size: 512B - Virtual size: 100B

.ata3
Size: 512B - Virtual size: 100B

.ata2
Size: 512B - Virtual size: 100B

.rsrc
Size: 3KB - Virtual size: 2KB