939bb412cc1aaeca5a77d589d8e83b88e75890c64f3070c118ff871671601600

Sharing

Copy URL Twitter E-mail

General

Target

939bb412cc1aaeca5a77d589d8e83b88e75890c64f3070c118ff871671601600
Size

169KB
MD5

f5cc18a1d3b2ee240d226cf9cfaa4500
SHA1

407d54f7ab880b15d6f56333a9f19b0a12222d7b
SHA256

939bb412cc1aaeca5a77d589d8e83b88e75890c64f3070c118ff871671601600
SHA512

9a2211fea152f7fef1fa40232bf8bfbcd420816ca8c39c593ef0a755b82f70b1b06df66ffa56f6072c68dc63dd586bee8997a0b30b404c3bfe202674aec3b26d
SSDEEP

3072:8LbjKmmfcRygt+sX4LdVZtJ6rrRczBpb6K3yGHw6rI2Z+yAV4iP1ry:8LPK/fcRVnIHZtSrRc9cMk6k7ry

Score

N/A

Malware Config

Signatures

Files

939bb412cc1aaeca5a77d589d8e83b88e75890c64f3070c118ff871671601600
.exe windows x86

5138b605466ce8aa0e875e1dbaaf4ce6

Code Sign

71:b4:ae:04:57:56:6c:98:45:20:c8:31:92:a1:1b:eb
Certificate

Issuer

CN=E52K

Not Before

27/06/2012, 05:30

Not After

31/12/2039, 23:59

Subject

CN=E52K

Extended Key Usages

ExtKeyUsageCodeSigning

f8:f6:7d:ce:66:e0:61:81:30:fa:9c:72:1c:d3:27:19:fd:49:3c:5b
Signer

Actual PE Digest

f8:f6:7d:ce:66:e0:61:81:30:fa:9c:72:1c:d3:27:19:fd:49:3c:5b

Digest Algorithm

sha1

PE Digest Matches

false

Signature Validations

Trusted

false

Verification

Signing Certificate

CN=E52K

01/12/2022, 14:35
Valid: false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ReadFile
LoadLibraryA
GetProcAddress
GetWindowsDirectoryW
lstrcatW
CreateFileW
GetCommProperties
SetHandleCount
SetThreadExecutionState
IsBadWritePtr
EraseTape
GetConsoleAliasExesW
IsBadReadPtr
GetDiskFreeSpaceW
CreateJobObjectW
lstrcpyA
UnlockFile
SetConsoleActiveScreenBuffer
ScrollConsoleScreenBufferW
GlobalMemoryStatus
SetHandleInformation
BuildCommDCBAndTimeoutsW
SizeofResource
Module32FirstW
SetConsoleCursorInfo
HeapFree
GetHandleInformation
PurgeComm
CreateMutexA
GetPrivateProfileStructW
LockFile
LCMapStringA
SetCalendarInfoW
CancelDeviceWakeupRequest
MoveFileWithProgressW
WritePrivateProfileSectionW
GlobalAddAtomA
BackupRead
GlobalDeleteAtom
AssignProcessToJobObject
GetConsoleAliasesLengthA
FoldStringW
FreeLibraryAndExitThread
GetSystemPowerStatus
GetOEMCP
GetCurrentThread
BuildCommDCBAndTimeoutsA
PeekNamedPipe
IsBadStringPtrA
GenerateConsoleCtrlEvent
GetThreadLocale
GetDriveTypeW
SetFileAttributesW
ReadProcessMemory
EndUpdateResourceA
SetCommBreak
GetTempPathA
ClearCommError
GetComputerNameW
SetConsoleTitleA
WriteProfileStringW
SetFilePointerEx
InterlockedCompareExchange
GlobalGetAtomNameA
lstrlenA
OutputDebugStringA
Heap32First
GetCurrentDirectoryW
GlobalAlloc
GetNumberOfConsoleMouseButtons
ReadConsoleOutputA
OpenProcess
GetSystemInfo
PeekConsoleInputA
SetVolumeMountPointA
GetTempFileNameW
SetProcessWorkingSetSize
GlobalHandle
GetLogicalDriveStringsA
SetDefaultCommConfigA
Process32Next
FindNextVolumeMountPointW
IsDebuggerPresent
AllocConsole
GetConsoleScreenBufferInfo
UnmapViewOfFile
Process32NextW
EnumSystemCodePagesA
GetCommandLineA
GetLogicalDriveStringsW
WritePrivateProfileStructW
GetPrivateProfileStringW
GetVolumePathNameW
FindCloseChangeNotification
CreateEventA
GetConsoleTitleW

user32

SetClassLongA
PostQuitMessage
DefWindowProcA
CreateWindowExA
ShowWindow
UpdateWindow
GetMessageA
TranslateMessage
DispatchMessageA
LoadIconA
LoadCursorA
RegisterClassExA
CreateDialogParamA
GetWindowTextLengthA
ToAscii
SetWinEventHook
ScrollWindowEx
mouse_event
IsCharLowerW
LoadCursorFromFileW
SetDeskWallpaper
GetClipboardSequenceNumber
OpenIcon
ChangeMenuA
GetKeyboardLayoutList
GetMenuDefaultItem
IsWindowEnabled
UnhookWindowsHook
DrawEdge
FindWindowExW
TrackPopupMenu
MonitorFromRect
IsRectEmpty
DdeQueryStringA
EnumDisplaySettingsW
IMPSetIMEW
GetSystemMenu
ShowCursor
GetWindowPlacement
CreateIconIndirect
GetClipboardViewer
GetUserObjectSecurity
SetWindowsHookW
GetQueueStatus
MessageBoxIndirectA
EnumThreadWindows
GetWindowTextLengthW
LoadMenuIndirectA
CheckDlgButton
GetWindowRect
GetCursor
EnableMenuItem
InvertRect
EnumDesktopsW
WaitMessage
ScrollDC
EnumPropsA
ChangeMenuW
GetForegroundWindow
DdeFreeStringHandle
GetSysColorBrush
AllowSetForegroundWindow
AppendMenuA
CopyImage
GetUserObjectInformationA
FindWindowW
GetKeyboardLayout
OpenDesktopA
CreateDialogIndirectParamW
OemKeyScan
ChildWindowFromPoint
GetCursorInfo
CreateCursor
GetWindowRgn
GetShellWindow
EnumWindows
RegisterDeviceNotificationA
GetMessagePos
SetProcessWindowStation
GetClassLongW
IMPGetIMEW
WaitForInputIdle
ShowOwnedPopups
GetInputState
GetGuiResources
CascadeWindows
RegisterShellHookWindow
GetTitleBarInfo
SetShellWindow
SetSysColors
GetIconInfo
EndDeferWindowPos
LoadStringW
UpdateLayeredWindow
CharLowerBuffW
GetClipboardFormatNameA
ChildWindowFromPointEx
CharPrevExA
GetNextDlgTabItem
SystemParametersInfoA

gdi32

GetStockObject
DeleteObject
CreateSolidBrush

msvcrt

memset

advapi32

RegOpenKeyExW

shell32

DragQueryFile
FindExecutableA
SHFreeNameMappings
DuplicateIcon
ExtractIconExW
SHGetDataFromIDListA
SHGetDesktopFolder
DoEnvironmentSubstW
SHInvokePrinterCommandW
SHLoadInProc
SHGetPathFromIDListA
SHGetDiskFreeSpaceExW
SHQueryRecycleBinW
ShellHookProc
WOWShellExecute
ShellAboutW
SHGetFileInfoA
SHEmptyRecycleBinA
Shell_NotifyIconW
ShellExecuteW
ExtractAssociatedIconExW
SHFileOperationA
SHGetInstanceExplorer
SHGetFolderPathW
SHGetIconOverlayIndexW
SHFormatDrive
SHGetFolderLocation
ShellExecuteExW
SHIsFileAvailableOffline
SHLoadNonloadedIconOverlayIdentifiers
SHCreateDirectoryExW
DragQueryFileW
SHPathPrepareForWriteA
SHGetSpecialFolderPathW
ExtractAssociatedIconExA
SHGetPathFromIDList
SHChangeNotify
SHAddToRecentDocs
SHGetFileInfo
SHGetSpecialFolderLocation
SHBrowseForFolderW
ExtractIconEx
SHBrowseForFolder
ShellExecuteA
ExtractIconExA
SHCreateProcessAsUserW
SHGetIconOverlayIndexA
SHQueryRecycleBinA
Shell_NotifyIcon
ShellExecuteEx
SHAppBarMessage
SHBrowseForFolderA
SHEmptyRecycleBinW

shlwapi

StrCmpNIW
StrRChrIW
StrChrW
StrCmpNA
StrCmpNIA
StrChrIA
StrRChrA
StrRChrIA
StrRChrW
StrStrIA
StrRStrIA
StrChrA

Sections

.text
Size: 155KB - Virtual size: 154KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5138b605466ce8aa0e875e1dbaaf4ce6

Code Sign

71:b4:ae:04:57:56:6c:98:45:20:c8:31:92:a1:1b:ebCertificate

Extended Key Usages

f8:f6:7d:ce:66:e0:61:81:30:fa:9c:72:1c:d3:27:19:fd:49:3c:5bSigner

Signature Validations

Verification

01/12/2022, 14:35 Valid: false

Headers

File Characteristics

Imports

kernel32

user32

gdi32

msvcrt

advapi32

shell32

shlwapi

Sections

.text Size: 155KB - Virtual size: 154KB

.data Size: 8KB - Virtual size: 7KB

.rsrc Size: 3KB - Virtual size: 2KB

.reloc Size: 1KB - Virtual size: 1KB

71:b4:ae:04:57:56:6c:98:45:20:c8:31:92:a1:1b:eb
Certificate

f8:f6:7d:ce:66:e0:61:81:30:fa:9c:72:1c:d3:27:19:fd:49:3c:5b
Signer

01/12/2022, 14:35
Valid: false

.text
Size: 155KB - Virtual size: 154KB

.data
Size: 8KB - Virtual size: 7KB

.rsrc
Size: 3KB - Virtual size: 2KB

.reloc
Size: 1KB - Virtual size: 1KB