c94d6193bef2d0bbf8b26bb38c687173063d0a09ca078d2b5f43111e11f81626

Sharing

Copy URL

Twitter E-mail

General

Target

c94d6193bef2d0bbf8b26bb38c687173063d0a09ca078d2b5f43111e11f81626
Size

72KB
MD5

64c48cc95ae447425d3ce27880b73264
SHA1

2e49b4042d7c3994fcb855d96a0baaa4844ad034
SHA256

c94d6193bef2d0bbf8b26bb38c687173063d0a09ca078d2b5f43111e11f81626
SHA512

52a231e9c305289745028bf3460128f84b632d07c45cc18149770bd99eb3a82c403bbdc3aa7ba80fbbc9d92acd15c718ba77c2e88f5557a582ae4ea21c2b2005
SSDEEP

1536:x/9vFBbWXDbX1phklCV6xRxGR5PpNRLhGjcI92GFVh3dr:59tBazbFpGSOcNRNGtfr

Score

N/A

Malware Config

Signatures

Files

c94d6193bef2d0bbf8b26bb38c687173063d0a09ca078d2b5f43111e11f81626
.exe windows x86

fbce3773a1f8ae211a8c4b2d666c7a7b

Code Sign

38:06:65:05:5d:a1:a8:bf:46:d4:2d:ba:b2:18:b6:5a
Certificate

Issuer

CN=234g634gh3

Not Before

26-02-2012 06:07

Not After

31-12-2039 23:59

Subject

CN=234g634gh3

Extended Key Usages

ExtKeyUsageCodeSigning

a8:7d:95:28:45:85:4b:5f:c8:ee:52:74:b1:4a:7e:39:25:70:10:23
Signer

Actual PE Digest

a8:7d:95:28:45:85:4b:5f:c8:ee:52:74:b1:4a:7e:39:25:70:10:23

Digest Algorithm

sha1

PE Digest Matches

false

Signature Validations

Trusted

false

Verification

Signing Certificate

CN=234g634gh3

01-12-2022 14:34
Valid: false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAlloc
GetWindowsDirectoryA
lstrlenA
lstrcpyA
CreateFileA
GetProcAddress
LoadLibraryA
InterlockedCompareExchange

user32

DragObject
DrawCaption
DrawIcon
DrawTextExA
EditWndProc
EndTask
EnumDisplayMonitors
EnumDisplaySettingsA
EnumDisplaySettingsExW
EnumDisplaySettingsW
ExcludeUpdateRgn
FillRect
FindWindowA
GetActiveWindow
GetAncestor
GetAsyncKeyState
GetClassInfoExA
GetClipboardSequenceNumber
GetDoubleClickTime
GetFocus
GetGUIThreadInfo
GetKBCodePage
GetMenuContextHelpId
GetMenuDefaultItem
GetMenuItemID
GetMenuItemInfoW
GetMenuItemRect
GetMenuStringW
GetMonitorInfoA
GetScrollInfo
GetWindow
GetWindowInfo
GetWindowModuleFileName
GetWindowModuleFileNameW
GetWindowThreadProcessId
InSendMessage
InsertMenuA
InternalGetWindowText
IsCharAlphaNumericW
IsIconic
IsMenu
IsWindow
IsWindowEnabled
IsZoomed
LoadBitmapW
LoadCursorFromFileA
MessageBoxIndirectA
MessageBoxIndirectW
ModifyMenuA
MonitorFromWindow
OemKeyScan
OpenDesktopA
PackDDElParam
PeekMessageA
PostMessageW
RegisterClassExA
RegisterDeviceNotificationA
RemovePropA
ScreenToClient
SendMessageW
SetClassLongA
SetCursorPos
SetDlgItemInt
SetMenuItemInfoW
SetWindowTextW
SwapMouseButton
SystemParametersInfoW
UnpackDDElParam
UserHandleGrantAccess
VkKeyScanA
WinHelpW
wsprintfW
wvsprintfW
DispatchMessageA
DialogBoxIndirectParamW
DialogBoxIndirectParamA
DestroyMenu
DefFrameProcA
DdeSetQualityOfService
DdeQueryStringW
DdeKeepStringHandle
CreateWindowStationW
CreateWindowStationA
CreateDialogParamW
CreateCaret
CopyImage
CopyAcceleratorTableW
ChildWindowFromPointEx
CheckDlgButton
CharUpperBuffW
CharToOemBuffA
CharNextW
CallMsgFilter
AttachThreadInput

comdlg32

ChooseColorA
ChooseFontA
ChooseFontW
CommDlgExtendedError
FindTextA
GetFileTitleA
GetFileTitleW
GetOpenFileNameA
GetOpenFileNameW
ReplaceTextW
ReplaceTextA
PrintDlgW
PrintDlgExW
PrintDlgExA
PrintDlgA
PageSetupDlgW
PageSetupDlgA
GetSaveFileNameW
GetSaveFileNameA
ChooseColorW

ole32

BindMoniker
CLIPFORMAT_UserMarshal
CLIPFORMAT_UserSize
CLSIDFromProgIDEx
CoCancelCall
CoCreateInstance
CoFileTimeToDosDateTime
CoGetCallerTID
CoGetCurrentLogicalThreadId
CoGetInterfaceAndReleaseStream
CoGetObjectContext
CoGetStdMarshalEx
CoInitialize
CoLoadLibrary
CoRegisterPSClsid
CoRegisterSurrogate
CoResumeClassObjects
CoRevertToSelf
CoRevokeMallocSpy
CoTaskMemAlloc
CoTaskMemFree
CoTaskMemRealloc
CoTestCancel
CoTreatAsClass
CoUninitialize
CoUnmarshalInterface
CoWaitForMultipleHandles
CreateItemMoniker
CreateStdProgressIndicator
EnableHookObject
GetConvertStg
GetDocumentBitStg
GetHGlobalFromStream
GetHookInterface
HACCEL_UserMarshal
HBITMAP_UserUnmarshal
HBRUSH_UserSize
HDC_UserUnmarshal
HENHMETAFILE_UserSize
HGLOBAL_UserFree
HMENU_UserMarshal
HMENU_UserUnmarshal
HPALETTE_UserFree
HPALETTE_UserMarshal
HPALETTE_UserSize
HPALETTE_UserUnmarshal
HWND_UserUnmarshal
IsAccelerator
OleConvertIStorageToOLESTREAMEx
OleCreateEx
OleCreateFromData
OleCreateLink
OleCreateLinkEx
OleCreateStaticFromData
OleDraw
OleGetClipboard
OleGetIconOfClass
OleInitialize
OleLockRunning
OleRegEnumFormatEtc
OleRegEnumVerbs
OleRun
OleSetAutoConvert
OleSetClipboard
OleUninitialize
ProgIDFromCLSID
PropVariantCopy
ReadClassStg
ReadFmtUserTypeStg
RevokeDragDrop
SetDocumentBitStg
StgConvertVariantToProperty
StgCreateDocfile
StgCreatePropStg
StgCreateStorageEx
StgOpenAsyncDocfileOnIFillLockBytes
StgOpenStorage
StgOpenStorageOnILockBytes
StgPropertyLengthAsVariant
StringFromCLSID
StringFromIID
WriteClassStm
WriteFmtUserTypeStg

Sections

.text
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 648B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 58KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fbce3773a1f8ae211a8c4b2d666c7a7b

Code Sign

38:06:65:05:5d:a1:a8:bf:46:d4:2d:ba:b2:18:b6:5aCertificate

Extended Key Usages

a8:7d:95:28:45:85:4b:5f:c8:ee:52:74:b1:4a:7e:39:25:70:10:23Signer

Signature Validations

Verification

01-12-2022 14:34 Valid: false

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

comdlg32

ole32

Sections

.text Size: 9KB - Virtual size: 9KB

.data Size: 1024B - Virtual size: 648B

.text Size: 58KB - Virtual size: 57KB

.reloc Size: 2KB - Virtual size: 1KB

38:06:65:05:5d:a1:a8:bf:46:d4:2d:ba:b2:18:b6:5a
Certificate

a8:7d:95:28:45:85:4b:5f:c8:ee:52:74:b1:4a:7e:39:25:70:10:23
Signer

01-12-2022 14:34
Valid: false

.text
Size: 9KB - Virtual size: 9KB

.data
Size: 1024B - Virtual size: 648B

.text
Size: 58KB - Virtual size: 57KB

.reloc
Size: 2KB - Virtual size: 1KB