882df878eb4334c09f84edee0ff7d34d87477e7b51d98973fdc1cc6c7e39fab6

Sharing

Copy URL Twitter E-mail

General

Target

882df878eb4334c09f84edee0ff7d34d87477e7b51d98973fdc1cc6c7e39fab6
Size

321KB
MD5

2eb76aca39c69317b85363bf717d98ea
SHA1

dc86324f65cebfdabb2e0e53f2f2cd8f8e065d4c
SHA256

882df878eb4334c09f84edee0ff7d34d87477e7b51d98973fdc1cc6c7e39fab6
SHA512

aa04d287fb44dff22cf480f5c12bbe2dda7f374556909a65e4042fce4be6c31cf36acb95c6bb4104b6de5897a342038e05208200af427873de10111cc7765370
SSDEEP

6144:kMoglb8bGq+ueVxmAvEUkUCAocZJb0dT/mVhRHOqFEGcWSAy:k5Gqam0E2C8b0detEGZSj

Score

N/A

Malware Config

Signatures

Files

882df878eb4334c09f84edee0ff7d34d87477e7b51d98973fdc1cc6c7e39fab6
.exe windows x86

55904a9d93ef1744035f5cb61bd03e3a

Code Sign

75:94:49:e1:66:f5:9f:8c:4c:3e:3b:82:27:cc:5a:11
Certificate

Issuer

CN=253322

Not Before

05/02/2012, 19:33

Not After

31/12/2039, 23:59

Subject

CN=253322

Extended Key Usages

ExtKeyUsageCodeSigning

9c:c6:8a:13:fc:28:a4:72:d0:26:ab:6b:48:4d:6d:36:b5:28:a9:13
Signer

Actual PE Digest

9c:c6:8a:13:fc:28:a4:72:d0:26:ab:6b:48:4d:6d:36:b5:28:a9:13

Digest Algorithm

sha1

PE Digest Matches

false

Signature Validations

Trusted

false

Verification

Signing Certificate

CN=253322

01/12/2022, 14:34
Valid: false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAlloc
GetThreadLocale
GetWindowsDirectoryA
lstrlenA
lstrcpyA
CreateFileA
VerSetConditionMask
ClearCommError
GetTimeFormatW
CompareStringA
LoadLibraryExA
UpdateResourceA
SetConsoleCursorInfo
GetSystemInfo
FlushConsoleInputBuffer
GetTempPathW
FindResourceExA
GlobalFindAtomW
GlobalAlloc
SystemTimeToFileTime
GetModuleHandleA
WaitForMultipleObjects
DeleteFileW
GetFileInformationByHandle
lstrcat
CreateProcessW
GetPrivateProfileSectionNamesA
GetConsoleAliasExesA
DosDateTimeToFileTime
PostQueuedCompletionStatus
ReadDirectoryChangesW
GetProcessVersion
SetProcessPriorityBoost
GetUserDefaultLCID
Module32NextW
EnumDateFormatsExW
SetProcessAffinityMask
UnregisterWait
lstrcmpA
SetComputerNameExW
GetDriveTypeA
EnumTimeFormatsA
GetTapeParameters
FindCloseChangeNotification
OpenJobObjectW
SetConsoleDisplayMode
EnumSystemLanguageGroupsA
CreateMailslotA
GetConsoleAliasA
GlobalFlags
GlobalAddAtomW
DeleteFiber
MapUserPhysicalPages
GetCurrencyFormatA
SetUnhandledExceptionFilter
EnumCalendarInfoExA
CreateHardLinkW
UnregisterWaitEx
GetSystemTimeAsFileTime
InterlockedExchangeAdd
MoveFileW
GetFileAttributesExA
CompareStringW
DeleteVolumeMountPointA
SetSystemTime
GetBinaryTypeA
ReadFile
GetProfileStringA
GetVolumePathNameW
IsProcessorFeaturePresent
VerifyVersionInfoW
GetSystemWindowsDirectoryW
FreeConsole
CancelTimerQueueTimer
FindFirstChangeNotificationA
LockResource
ProcessIdToSessionId
FileTimeToLocalFileTime
DefineDosDeviceA
EnumResourceLanguagesW
SetLocaleInfoW
GetConsoleWindow
GetConsoleCP
InitializeCriticalSection
GetSystemDefaultLangID
EnumResourceTypesA
FindFirstFileW
RtlFillMemory
OpenSemaphoreA
HeapValidate
UpdateResourceW
CreateRemoteThread
HeapAlloc
FreeUserPhysicalPages
GlobalFix

user32

LoadIconW
ChangeDisplaySettingsA
GetKeyState
DefWindowProcW
GetProcessDefaultLayout
CreateDialogParamA
DlgDirListW
WINNLSGetIMEHotkey
EnumDesktopsW
SendMessageA
EndTask
GetMenuStringW
GetWindowLongA
SetParent
DdeNameService
CharUpperBuffA
SetPropA
DlgDirSelectExA
UnregisterClassA
GetWindowTextLengthA
CharToOemBuffW
ScreenToClient
SetMenuItemBitmaps
GetCursorInfo
DdeUnaccessData
WINNLSGetEnableStatus
IsChild
OpenDesktopA
GetUpdateRect
GetLastActivePopup
VkKeyScanExW
CreateWindowExW
LoadBitmapW
IsClipboardFormatAvailable
OemKeyScan
SetWindowsHookExW
LookupIconIdFromDirectoryEx
DeleteMenu
SetCapture
InSendMessageEx
GetClipboardFormatNameA
VkKeyScanW
LoadMenuIndirectW
CascadeWindows
IsWindowUnicode
DialogBoxIndirectParamW
CreateAcceleratorTableW
DdeUninitialize
ToAscii
IsRectEmpty
GrayStringW
GetAltTabInfoA
SetWindowsHookW
LoadCursorA
ChildWindowFromPointEx
OpenWindowStationW
GetMenuStringA
IMPGetIMEA
EnumWindows
DrawStateW
ShowCursor
GetMenuItemInfoW
DestroyWindow
RegisterShellHookWindow
SetProcessDefaultLayout
DefDlgProcA
InvalidateRect
SendMessageCallbackA
RemoveMenu
PostThreadMessageW
SetWindowWord
SetSystemCursor
IsCharAlphaW
SetUserObjectInformationA
ShowOwnedPopups
GetCursor
EmptyClipboard
CharNextExA
GetClientRect
CharToOemBuffA
TrackPopupMenu
IntersectRect
ValidateRgn
DialogBoxParamW
GetTitleBarInfo
UnhookWindowsHookEx
SetWindowsHookA
GetClipboardData
CreateIconFromResource
GetMenuContextHelpId
SetDeskWallpaper
CharUpperBuffW
ActivateKeyboardLayout

advapi32

RegOpenKeyExW

ole32

CoDisableCallCancellation
CoEnableCallCancellation
OleFlushClipboard
HICON_UserFree
OleLoad
OleMetafilePictFromIconAndLabel
CreateObjrefMoniker
CLIPFORMAT_UserMarshal
OleRegGetUserType
CoGetStdMarshalEx
UtConvertDvtd32toDvtd16
CoReactivateObject
CoGetClassObject
STGMEDIUM_UserSize
HBRUSH_UserMarshal
CoUnloadingWOW
StgGetIFillLockBytesOnILockBytes
CoDeactivateObject
SetDocumentBitStg
OleDraw
CoGetObjectContext
HBITMAP_UserSize
CoAddRefServerProcess
OleCreateLinkEx
CoTreatAsClass
WriteClassStm
DllDebugObjectRPCHook
HWND_UserFree
CreateOleAdviseHolder
WriteOleStg
CoTaskMemAlloc
ReadClassStm
OleConvertIStorageToOLESTREAMEx
SNB_UserSize
StgConvertPropertyToVariant
OleLoadFromStream
ReadClassStg
StgIsStorageILockBytes
CoQueryAuthenticationServices
CoGetCancelObject
StgCreateDocfile
OleBuildVersion
OleCreate
CoMarshalInterface
HDC_UserFree
HPALETTE_UserMarshal
OleGetIconOfFile
CoUninitialize
OleCreateFromFile
WriteClassStg
CoLockObjectExternal
GetHookInterface
WdtpInterfacePointer_UserSize
CoRegisterMallocSpy
CoGetTreatAsClass
PropStgNameToFmtId
HBRUSH_UserUnmarshal
StringFromCLSID
WriteFmtUserTypeStg
HACCEL_UserMarshal
STGMEDIUM_UserFree
GetHGlobalFromStream
HENHMETAFILE_UserUnmarshal
CoRevokeMallocSpy
StgCreatePropSetStg
CoCreateObjectInContext
OleSetClipboard
HBITMAP_UserUnmarshal
HACCEL_UserUnmarshal
OleCreateLinkFromData
UtGetDvtd32Info
CoSetProxyBlanket
CoSwitchCallContext
GetDocumentBitStg
CoRegisterSurrogate
CoGetObject
OleGetIconOfClass
OleUninitialize
CoCancelCall
HDC_UserMarshal
OleRegEnumVerbs

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text3
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text2
Size: 301KB - Virtual size: 301KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

55904a9d93ef1744035f5cb61bd03e3a

Code Sign

75:94:49:e1:66:f5:9f:8c:4c:3e:3b:82:27:cc:5a:11Certificate

Extended Key Usages

9c:c6:8a:13:fc:28:a4:72:d0:26:ab:6b:48:4d:6d:36:b5:28:a9:13Signer

Signature Validations

Verification

01/12/2022, 14:34 Valid: false

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ole32

Sections

.text Size: 3KB - Virtual size: 3KB

.text3 Size: 1KB - Virtual size: 1KB

.text2 Size: 301KB - Virtual size: 301KB

.data Size: 8KB - Virtual size: 7KB

.rsrc Size: 4KB - Virtual size: 3KB

.reloc Size: 1KB - Virtual size: 1KB

75:94:49:e1:66:f5:9f:8c:4c:3e:3b:82:27:cc:5a:11
Certificate

9c:c6:8a:13:fc:28:a4:72:d0:26:ab:6b:48:4d:6d:36:b5:28:a9:13
Signer

01/12/2022, 14:34
Valid: false

.text
Size: 3KB - Virtual size: 3KB

.text3
Size: 1KB - Virtual size: 1KB

.text2
Size: 301KB - Virtual size: 301KB

.data
Size: 8KB - Virtual size: 7KB

.rsrc
Size: 4KB - Virtual size: 3KB

.reloc
Size: 1KB - Virtual size: 1KB