ae21a02cc4ecfa55f82430c90891bc85848bfeee1f7413908173d9808adb284b

Sharing

Copy URL Twitter E-mail

General

Target

ae21a02cc4ecfa55f82430c90891bc85848bfeee1f7413908173d9808adb284b
Size

224KB
MD5

717abfafaa6abeb01ce2ef032313db3e
SHA1

6b4af985622d0ba4d0b4ac7fe9a771f71d6cdb12
SHA256

ae21a02cc4ecfa55f82430c90891bc85848bfeee1f7413908173d9808adb284b
SHA512

f0fdfea801907478838fbc6911df2264a011751eecf14ae2fb21c87336437bc979ae5901b2fe739ca8e1e6069e118c978e59b0aaae83ff213e9016ec2e00bc90
SSDEEP

3072:W5842KUE2D/d1V0qgsj0o0rjpLIMPnXsblxZfOB5VtiMUuL+xjGkqydRrlrD:E2KUb5D0qVMjh9PXtB5VKEZm

Score

N/A

Malware Config

Signatures

Files

ae21a02cc4ecfa55f82430c90891bc85848bfeee1f7413908173d9808adb284b
.exe windows x86

d9d13f95e4f51abbb53bb7e3d046d359

Code Sign

76:14:16:b8:26:67:75:70:bf:e9:40:1e:93:4c:4e:f1
Certificate

Issuer

CN=a

Not Before

04/02/2013, 16:41

Not After

31/12/2039, 23:59

Subject

CN=a

Extended Key Usages

ExtKeyUsageCodeSigning

dd:76:be:e2:d3:95:36:75:e7:40:03:24:77:63:05:7d:36:aa:ae:26
Signer

Actual PE Digest

dd:76:be:e2:d3:95:36:75:e7:40:03:24:77:63:05:7d:36:aa:ae:26

Digest Algorithm

sha1

PE Digest Matches

false

Signature Validations

Trusted

false

Verification

Signing Certificate

CN=a

01/12/2022, 14:34
Valid: false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetEnvironmentStrings
GetEnvironmentStringsW
GetEnvironmentVariableA
GetExitCodeProcess
GetFileAttributesA
GetFileSize
GetFileType
GetLastError
GetLocalTime
GetLocaleInfoA
GetModuleFileNameA
GetModuleHandleA
GetOEMCP
GetPrivateProfileStringA
GetProcAddress
GetShortPathNameA
GetStartupInfoA
GetStdHandle
GetStringTypeA
GetStringTypeW
GetSystemDirectoryA
GetSystemInfo
GetSystemTimeAsFileTime
GetTickCount
GetVersionExA
GetWindowsDirectoryA
GlobalAlloc
GlobalFree
HeapAlloc
HeapCreate
GetCurrentThreadId
HeapFree
HeapReAlloc
InterlockedExchange
IsDBCSLeadByte
LCMapStringA
LCMapStringW
LoadLibraryA
MultiByteToWideChar
QueryPerformanceCounter
RtlUnwind
SetEndOfFile
SetFileAttributesA
SetFilePointer
SetHandleCount
SetUnhandledExceptionFilter
TerminateProcess
UnhandledExceptionFilter
VirtualAlloc
VirtualFree
VirtualProtect
VirtualQuery
WaitForSingleObject
WideCharToMultiByte
WriteFile
WritePrivateProfileStringA
lstrcmpA
lstrcmpiA
lstrcpynA
lstrlenA
GetCurrentProcess
GetCurrentProcessId
GetCommandLineA
GetCPInfo
GetACP
FreeLibrary
FreeEnvironmentStringsW
FreeEnvironmentStringsA
FindNextFileA
FindFirstFileA
FindClose
ExpandEnvironmentStringsA
ExitProcess
DeleteFileA
CreateProcessA
CreateFileA
CreateDirectoryExA
CreateDirectoryA
CopyFileA
CloseHandle
ReadFile
HeapDestroy
VirtualAllocEx

gdi32

GetStockObject

advapi32

RegQueryValueExA
RegQueryInfoKeyA
RegOpenKeyExA
RegOpenKeyA
RegEnumValueA
RegEnumKeyA
RegDeleteValueA
RegDeleteKeyA
RegCreateKeyExA
RegCreateKeyA
RegCloseKey
OpenProcessToken
LookupPrivilegeValueA
GetTokenInformation
FreeSid
EqualSid
AllocateAndInitializeSid
AdjustTokenPrivileges
RegOpenKeyW
RegSetValueExA

ole32

CoUninitialize
CoInitialize
CoCreateInstance

shlwapi

PathRemoveFileSpecA
wnsprintfA
StrStrIA
StrCatBuffA

Sections

.text
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 33KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata6
Size: 512B - Virtual size: 100B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata5
Size: 512B - Virtual size: 100B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata4
Size: 512B - Virtual size: 100B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata3
Size: 512B - Virtual size: 100B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata2
Size: 166KB - Virtual size: 166KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 133KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d9d13f95e4f51abbb53bb7e3d046d359

Code Sign

76:14:16:b8:26:67:75:70:bf:e9:40:1e:93:4c:4e:f1Certificate

Extended Key Usages

dd:76:be:e2:d3:95:36:75:e7:40:03:24:77:63:05:7d:36:aa:ae:26Signer

Signature Validations

Verification

01/12/2022, 14:34 Valid: false

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

gdi32

advapi32

ole32

shlwapi

Sections

.text Size: 14KB - Virtual size: 13KB

.data Size: 33KB - Virtual size: 33KB

.rdata6 Size: 512B - Virtual size: 100B

.rdata5 Size: 512B - Virtual size: 100B

.rdata4 Size: 512B - Virtual size: 100B

.rdata3 Size: 512B - Virtual size: 100B

.rdata2 Size: 166KB - Virtual size: 166KB

.rsrc Size: 1024B - Virtual size: 133KB

76:14:16:b8:26:67:75:70:bf:e9:40:1e:93:4c:4e:f1
Certificate

dd:76:be:e2:d3:95:36:75:e7:40:03:24:77:63:05:7d:36:aa:ae:26
Signer

01/12/2022, 14:34
Valid: false

.text
Size: 14KB - Virtual size: 13KB

.data
Size: 33KB - Virtual size: 33KB

.rdata6
Size: 512B - Virtual size: 100B

.rdata5
Size: 512B - Virtual size: 100B

.rdata4
Size: 512B - Virtual size: 100B

.rdata3
Size: 512B - Virtual size: 100B

.rdata2
Size: 166KB - Virtual size: 166KB

.rsrc
Size: 1024B - Virtual size: 133KB