cf1544b4da889d1f0f9a3f2e9e7c482099c60559b5b069e2982a59f9a5299301

Sharing

Copy URL Twitter E-mail

General

Target

cf1544b4da889d1f0f9a3f2e9e7c482099c60559b5b069e2982a59f9a5299301
Size

173KB
MD5

aa557808c2c74210d1f7c0d1aae00c82
SHA1

705ee5783426879dafffbd3652e7f38cda899c81
SHA256

cf1544b4da889d1f0f9a3f2e9e7c482099c60559b5b069e2982a59f9a5299301
SHA512

acead5122d618f621aeb13ec2304dcd31add524f7f5dfc2a1045a906b9dc73c1444fab85ea7489b89bc5a01982f314ceac75e4f12803294f82dddef86c99bc34
SSDEEP

3072:Fa0fBVJXIEwmBsuwgvpgnCDYYieG4SvIxmI38MMCQstFZEW5zBnFYfnLuMY:IG+ssQve+IeG4SvI3MYFZEWnn4SMY

Score

N/A

Malware Config

Signatures

Files

cf1544b4da889d1f0f9a3f2e9e7c482099c60559b5b069e2982a59f9a5299301
.exe windows x86

ca5205d29d2e0fa326b0238a3aaed518

Code Sign

2f:6d:1b:0d:3e:bb:b8:8b:4a:0f:b2:46:69:8a:ad:c2
Certificate

Issuer

CN=Application Compatibility UI

Not Before

31/12/2008, 16:00

Not After

31/12/2014, 16:00

Subject

CN=Application Compatibility UI

Extended Key Usages

ExtKeyUsageCodeSigning

d7:29:48:30:33:c4:fe:6d:2f:97:91:58:ca:68:49:79:03:89:4e:a2
Signer

Actual PE Digest

d7:29:48:30:33:c4:fe:6d:2f:97:91:58:ca:68:49:79:03:89:4e:a2

Digest Algorithm

sha1

PE Digest Matches

true

Signature Validations

Trusted

false

Verification

Signing Certificate

CN=Application Compatibility UI

01/12/2022, 14:34
Valid: false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

DeleteCriticalSection
GetModuleHandleA
GetProcAddress
VirtualProtect

user32

GetKeyboardType
MessageBoxA

advapi32

RegQueryValueExA

Sections

0
Size: - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

)
Size: - Virtual size: 164B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

%
Size: - Virtual size: 1KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

!
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

5
Size: - Virtual size: 8B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

)
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

6
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

#
Size: 512B - Virtual size: 124KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

*
Size: - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

9
Size: 169KB - Virtual size: 169KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

#
Size: 512B - Virtual size: 80B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ca5205d29d2e0fa326b0238a3aaed518

Code Sign

2f:6d:1b:0d:3e:bb:b8:8b:4a:0f:b2:46:69:8a:ad:c2Certificate

Extended Key Usages

d7:29:48:30:33:c4:fe:6d:2f:97:91:58:ca:68:49:79:03:89:4e:a2Signer

Signature Validations

Verification

01/12/2022, 14:34 Valid: false

Headers

File Characteristics

Imports

kernel32

user32

advapi32

Sections

0 Size: - Virtual size: 15KB

) Size: - Virtual size: 164B

% Size: - Virtual size: 1KB

! Size: - Virtual size: 1KB

5 Size: - Virtual size: 8B

) Size: 512B - Virtual size: 24B

6 Size: - Virtual size: 1KB

# Size: 512B - Virtual size: 124KB

* Size: - Virtual size: 16KB

9 Size: 169KB - Virtual size: 169KB

# Size: 512B - Virtual size: 80B

2f:6d:1b:0d:3e:bb:b8:8b:4a:0f:b2:46:69:8a:ad:c2
Certificate

d7:29:48:30:33:c4:fe:6d:2f:97:91:58:ca:68:49:79:03:89:4e:a2
Signer

01/12/2022, 14:34
Valid: false

0
Size: - Virtual size: 15KB

)
Size: - Virtual size: 164B

%
Size: - Virtual size: 1KB

!
Size: - Virtual size: 1KB

5
Size: - Virtual size: 8B

)
Size: 512B - Virtual size: 24B

6
Size: - Virtual size: 1KB

#
Size: 512B - Virtual size: 124KB

*
Size: - Virtual size: 16KB

9
Size: 169KB - Virtual size: 169KB

#
Size: 512B - Virtual size: 80B