bd6d49e1e50fdc79ec8bbdf15c2f1e74b3a15cce818e7e4c792b77ce7b754d08

Sharing

Copy URL Twitter E-mail

General

Target

bd6d49e1e50fdc79ec8bbdf15c2f1e74b3a15cce818e7e4c792b77ce7b754d08
Size

305KB
MD5

0c004791e89b42c7fdb45cdc31c049b8
SHA1

c3b048a2082f167bff8d9ef856af26db977d0705
SHA256

bd6d49e1e50fdc79ec8bbdf15c2f1e74b3a15cce818e7e4c792b77ce7b754d08
SHA512

8532b872dce41d9cc1b3e183e4781e8b0d7af9e3eefebad63671170194af47eb6a5af002cf603500105c2a0259e4d406fbe1d0cde3caad8681799d09efb1e5fb
SSDEEP

6144:/QgPMjj2UoEA4fE9vbppgXOJz1BfsR/5CEIHK3gSpKum+c+7:4gEjj274clmeJYdK0gOm+c+7

Score

N/A

Malware Config

Signatures

Files

bd6d49e1e50fdc79ec8bbdf15c2f1e74b3a15cce818e7e4c792b77ce7b754d08
.exe windows x86

b736b6d3131b3b0e6ead1cd42193410a

Code Sign

41:2e:2c:6c:5f:ec:9f:63:b0:ff:45:d0:dc:1e:d1:d8
Certificate

Issuer

CN=jhjkkkkkkkkkkkkkkkkkkkkkkkkkkkk 1rc3z5z31 MnC33iLdtdz893n3JmcblKLwGmdH35ILJvH5sg ja boLirqj5 AGLCBEMCtxp 27wq9Ar8 puIihEId36xL9a48f1 ndqmLfawiG1MygMMgaxjjc3Fop4guiCxebMD2tGdC cEk2s4weDyaJDL7cKajACfABn75Kaz9cHtyL 5A9gkBBGuxbIadFAn5wClox39zsAJHbqudKs73vvtxkJFbBbgwhFH9LEdkaJ9D64KI9hozbt2GmjpKehtu2saE i1hbub5di7d4CyxMAhm7zm67BndmMf2ml5gqHl3CA3GfgBra6I49syE6 zs3K59vAps137D2njLwF4IdufpsGJevbv 5gdLr4jxeyAuxD2w6fyBt24l2CwKBCGHpgbMvGovkkHpG2oDuFdz2891E2bE3pfenjboqAn8Ia2vsJxJs5G6s4nG2o4cideIah9na5mcJDl1HuDfH4zzJlAmJ jGd7lqA38p MIAFhwo3 udb98v49cgImFugGvCx765M3uvMpApK cJAub4en8pjK5Au3lebmnr4i2gxi f sJi9Jpfor4dp15CsI4xLFp27D3olmLdJHFBudmKxzrc2sMu5ed184zkz5oCJChyIzebeq5dfyapayFthyArnr9jEJMGb5J6kCz8CHlnbiipy3uti9jq927lzi2kBmb4BnxIoyKnm4KK8MIajs3r7sncDMtHiGju8DHkm55AhKaxL949cv1662ukjhusdnibtph3auiis3132tBHBFpGI3blu3d1cMBo7Gnr 5ycEamqvr9FAD3eyzbx2sr wgEJwA9qr8588Junr2CB565DngvnKCB3wyk5cry857xsvfCnG5tCnFlGEGkEjjslM1EIbmjMaphmF397nFJILcA32AwmkiBkAr3nlhHkDc7uKvag9gEdgcL56yk3hvatm veBJjCeHfFcMcEbf3d2Eqeb14AyEChBct7b6nx926sB8CmJa87ow zwHA2MumiruwgAwCznvtFLg4rFA7x7l4BvlDC6qf5F395FAKzjz1JEdyxaFfen2KjoJbdBL4bGHjg5Lzy8yolCvLrv24JacmyfL4LKCyrEub32ECG9 Kn3ocgIBCqcu3E bDJbveKHFtAyfywah wjHptMLp5E1x9CvJqj k2b2wrzDc1gwKeK2EfdrGJfydd9hovF5lsa1tdMan sJMusIl5mCjrHxLn Dnw9mbLpxxs3c4dFzj3r39 wBcFwGseE8lvBIapo9LAlpJcuGL3MxI3uujqugK6AA5uoLiDaiixgwAzClAt 2dD22w44MJzd3GlFdKkr2tHEjbAq1aHmbJtj89rine8evvAmJuBLgcdcvptpslCzjCApICjzJ91LmH66wdcnGygIl63 LKBD1w7DL66sg3F22 1t9adyqib9F5ArlAt69nrkrjg jfD241LkIGn5F15d6rEB ihGwfwKhuLDzhaunJqcuAxwnd9Kgxep6Hv1CtMidqtiBgwre2afAqHzlpKxaknfFzyeActG1L279L3umdlL4FiiKCLhgmxdHB3h51y96tztkijt5hguDar1nfn9yElIHqA7FH2lc9jAuAyG83BzrfHyDHmin vcAMbHK4lAibxszlgk5ee7tI6A9AkHBlvCIxpo9B2oazflK8g1lxaxmBGBFrsuvkMg16w8LKaBntC3k KDa2mHszkBBxH7JbkIupigCpxAoGdJcxu8ekzgt2CD3DAAb28 creMsxk9divcp4D9lpt9dFc7ifIf6nqKz8AGd7IEn5ocbpAfHCsqqDHKMklyIe1 3k3 s37dizKmqpqKi2Ffou4biKvHc1db9JK9LxLkCl3q4HbcF6grikIczhk2y5e1KEgo8g9C9fojpD cocu9slGKyAeeDIkDdJmoxFkgj4hbeu8q4DFbxdbwk72o8xsdvou8xykqlfaq 15cyMvziEpbtFMqbKbvgb4EavCosgBHk35jr e5qgbLzn64FwK Gl7oy4y7Iie 5vjwkg8fMiHq4MABr q2LdtL2smJ9B7hm3luBtKMq6dLucsDIIDry zcKCumpxaDzKdps8z28CexryzLLDsqfu5K2p aI52MfvnanLtzsImvyeDl7yvhtktyLpd48D4ucwgst t19GzsiIfxnLu4J8tLrCI7xGs8s62Crj8z3Ajz88L9acDfqtms1c2rLL4FiLKiw68ut9cImcBb tKMK11mhzjzHipedBzkfkgscp4jh1hACbIkgndorL98MxCDmCni6cM7J2i843coit2rp6brE2CLcB5ytjLaze28MEFtIz lqu49J2CwDHJjHG8FA1hphnrdAJxKv45rmpvkuHcAbLtEsvd7bFhqdtm1jb 71a23vBpuotC1CilasfmL3vea hrMIAcv4B3JMHl5eAnrHrmyDtHGkfFH idxJe5JcHb6wgK7qycC88dA4 M8mefi4McmHywtrj1eLudf8hI6cDdE uDF3KqCLam5JCq azaEjbIk8dMGsAtzk Ia78Bmx3Ki iD1zz51n84Cc1635JbidBeIt tACK71xpkbvDFcLxdruCzbmk8Is3ywnGch4mi4Jl8fsFvsxLMg1G45mEHumhxCpqpK723ppsfpIev74cFJhEfJiuIcDqAebCzo9ElFx5iF8Egm6cHlb219edDHjGkB1lEb1IDz lq2ung4vAhkMH7D2kx24wgrtgi5a4kBIFGMB3oqqlv6F13oAB2wn7b4BomjK37lv2BnzADlnerMzh5roLu1xK8qob21mu67lGFmu9dl7nosGnvrszoxwBj3jKqfE4Kb 59vnqEvvht3FqJCAyi43qHyjh7M624tKg9JIscfhx4av8nq4tCFhJuv1esK73LMrfMzjxc6Bv6C44MDCh8F349Hb7dsJG6mc6z8cjs4H5a4tlCi3cjImuLxLggsw1z 3mMzrMH 3MaHG6A4ECvI6m8bljA6q5DfeFIDfn7GwL87fEhrIznyjM3wkLH37dKniCzKnphc8rH8m76HAAsHuoBICKmj387nbAJaHnbzIqmnvKcDAukaGGz6vbtkmkamsHJAanm2t1jyFq3GIGMtelwdf15LIqn2uBi18oe9FLHM9x7M F n9FyCrjLxA2c9Kqbudmc52epenGbmkzk1qcCzihqsbsjqmJ foMLeq8kEDI8HLub86hCihIsadiFlhojL1iIfybhD5JImdz1JonkCuvxrjiwtb7jMMwnDJBurdhnIgjFeczf32cGbA3AJB1mFJr9waIfuy 52pkH87HAHB1zpfy7eCK7H3qgy9Kf4q7fcqCsFHm9l ckj Hyqbmzdn9DzvBekbJgtsxBt2tGp8hzka8EmMm9dqAiol3xhMstAkoqE1crKsDA6x6w39iFgh4c94eyaCAHvf5fk9D3fftMu6zzj93tldqyF4thbH9EKIoKsKjnK ieaJujcy3M2IGJELkfGFBJJzu l5tCzKKHkrDBsrs6dkAos9nCq61gcIIrzukcu9D9Dn7oFM2gdad1II7oIvl18y4bDEnrELKcvMlnd48bfaao5nyxl3llB vhhMtx9iuhDBbvpEe39CcwjK GakkxCuhB5K qyfME4AG3n J6xFJMIuM6Jwf99Em4o74bman4zLE9mAcBb48cz4D6Aqhxe5bbpMABxz55sumMaAjjMr5MpGtrmBFzME2dE8dKn7h JJE9HMB drqmiJEIl1L9aJ8vcuEgkHFsapwqBfcIJ89xvKGg2t4fnDdvjCzavar xmrxaldJrtGuMwhweLdIv feznKw6qjzlobK2D53eundovcbACcw8sacomkyMx5liKl6G oqJ56xpk94upvm EA4Gb6nk18Kn6b7IowsA MIz4d4fIuME4dA2DHh3Llvy5Amkjoxrt2CJAHgDDxxC42fB9G4H7GfFhaD aaaaaaaaaaaaaaaaaaaaaaaaaa

Not Before

10/01/2013, 17:48

Not After

31/12/2039, 23:59

Subject

CN=jhjkkkkkkkkkkkkkkkkkkkkkkkkkkkk 1rc3z5z31 MnC33iLdtdz893n3JmcblKLwGmdH35ILJvH5sg ja boLirqj5 AGLCBEMCtxp 27wq9Ar8 puIihEId36xL9a48f1 ndqmLfawiG1MygMMgaxjjc3Fop4guiCxebMD2tGdC cEk2s4weDyaJDL7cKajACfABn75Kaz9cHtyL 5A9gkBBGuxbIadFAn5wClox39zsAJHbqudKs73vvtxkJFbBbgwhFH9LEdkaJ9D64KI9hozbt2GmjpKehtu2saE i1hbub5di7d4CyxMAhm7zm67BndmMf2ml5gqHl3CA3GfgBra6I49syE6 zs3K59vAps137D2njLwF4IdufpsGJevbv 5gdLr4jxeyAuxD2w6fyBt24l2CwKBCGHpgbMvGovkkHpG2oDuFdz2891E2bE3pfenjboqAn8Ia2vsJxJs5G6s4nG2o4cideIah9na5mcJDl1HuDfH4zzJlAmJ jGd7lqA38p MIAFhwo3 udb98v49cgImFugGvCx765M3uvMpApK cJAub4en8pjK5Au3lebmnr4i2gxi f sJi9Jpfor4dp15CsI4xLFp27D3olmLdJHFBudmKxzrc2sMu5ed184zkz5oCJChyIzebeq5dfyapayFthyArnr9jEJMGb5J6kCz8CHlnbiipy3uti9jq927lzi2kBmb4BnxIoyKnm4KK8MIajs3r7sncDMtHiGju8DHkm55AhKaxL949cv1662ukjhusdnibtph3auiis3132tBHBFpGI3blu3d1cMBo7Gnr 5ycEamqvr9FAD3eyzbx2sr wgEJwA9qr8588Junr2CB565DngvnKCB3wyk5cry857xsvfCnG5tCnFlGEGkEjjslM1EIbmjMaphmF397nFJILcA32AwmkiBkAr3nlhHkDc7uKvag9gEdgcL56yk3hvatm veBJjCeHfFcMcEbf3d2Eqeb14AyEChBct7b6nx926sB8CmJa87ow zwHA2MumiruwgAwCznvtFLg4rFA7x7l4BvlDC6qf5F395FAKzjz1JEdyxaFfen2KjoJbdBL4bGHjg5Lzy8yolCvLrv24JacmyfL4LKCyrEub32ECG9 Kn3ocgIBCqcu3E bDJbveKHFtAyfywah wjHptMLp5E1x9CvJqj k2b2wrzDc1gwKeK2EfdrGJfydd9hovF5lsa1tdMan sJMusIl5mCjrHxLn Dnw9mbLpxxs3c4dFzj3r39 wBcFwGseE8lvBIapo9LAlpJcuGL3MxI3uujqugK6AA5uoLiDaiixgwAzClAt 2dD22w44MJzd3GlFdKkr2tHEjbAq1aHmbJtj89rine8evvAmJuBLgcdcvptpslCzjCApICjzJ91LmH66wdcnGygIl63 LKBD1w7DL66sg3F22 1t9adyqib9F5ArlAt69nrkrjg jfD241LkIGn5F15d6rEB ihGwfwKhuLDzhaunJqcuAxwnd9Kgxep6Hv1CtMidqtiBgwre2afAqHzlpKxaknfFzyeActG1L279L3umdlL4FiiKCLhgmxdHB3h51y96tztkijt5hguDar1nfn9yElIHqA7FH2lc9jAuAyG83BzrfHyDHmin vcAMbHK4lAibxszlgk5ee7tI6A9AkHBlvCIxpo9B2oazflK8g1lxaxmBGBFrsuvkMg16w8LKaBntC3k KDa2mHszkBBxH7JbkIupigCpxAoGdJcxu8ekzgt2CD3DAAb28 creMsxk9divcp4D9lpt9dFc7ifIf6nqKz8AGd7IEn5ocbpAfHCsqqDHKMklyIe1 3k3 s37dizKmqpqKi2Ffou4biKvHc1db9JK9LxLkCl3q4HbcF6grikIczhk2y5e1KEgo8g9C9fojpD cocu9slGKyAeeDIkDdJmoxFkgj4hbeu8q4DFbxdbwk72o8xsdvou8xykqlfaq 15cyMvziEpbtFMqbKbvgb4EavCosgBHk35jr e5qgbLzn64FwK Gl7oy4y7Iie 5vjwkg8fMiHq4MABr q2LdtL2smJ9B7hm3luBtKMq6dLucsDIIDry zcKCumpxaDzKdps8z28CexryzLLDsqfu5K2p aI52MfvnanLtzsImvyeDl7yvhtktyLpd48D4ucwgst t19GzsiIfxnLu4J8tLrCI7xGs8s62Crj8z3Ajz88L9acDfqtms1c2rLL4FiLKiw68ut9cImcBb tKMK11mhzjzHipedBzkfkgscp4jh1hACbIkgndorL98MxCDmCni6cM7J2i843coit2rp6brE2CLcB5ytjLaze28MEFtIz lqu49J2CwDHJjHG8FA1hphnrdAJxKv45rmpvkuHcAbLtEsvd7bFhqdtm1jb 71a23vBpuotC1CilasfmL3vea hrMIAcv4B3JMHl5eAnrHrmyDtHGkfFH idxJe5JcHb6wgK7qycC88dA4 M8mefi4McmHywtrj1eLudf8hI6cDdE uDF3KqCLam5JCq azaEjbIk8dMGsAtzk Ia78Bmx3Ki iD1zz51n84Cc1635JbidBeIt tACK71xpkbvDFcLxdruCzbmk8Is3ywnGch4mi4Jl8fsFvsxLMg1G45mEHumhxCpqpK723ppsfpIev74cFJhEfJiuIcDqAebCzo9ElFx5iF8Egm6cHlb219edDHjGkB1lEb1IDz lq2ung4vAhkMH7D2kx24wgrtgi5a4kBIFGMB3oqqlv6F13oAB2wn7b4BomjK37lv2BnzADlnerMzh5roLu1xK8qob21mu67lGFmu9dl7nosGnvrszoxwBj3jKqfE4Kb 59vnqEvvht3FqJCAyi43qHyjh7M624tKg9JIscfhx4av8nq4tCFhJuv1esK73LMrfMzjxc6Bv6C44MDCh8F349Hb7dsJG6mc6z8cjs4H5a4tlCi3cjImuLxLggsw1z 3mMzrMH 3MaHG6A4ECvI6m8bljA6q5DfeFIDfn7GwL87fEhrIznyjM3wkLH37dKniCzKnphc8rH8m76HAAsHuoBICKmj387nbAJaHnbzIqmnvKcDAukaGGz6vbtkmkamsHJAanm2t1jyFq3GIGMtelwdf15LIqn2uBi18oe9FLHM9x7M F n9FyCrjLxA2c9Kqbudmc52epenGbmkzk1qcCzihqsbsjqmJ foMLeq8kEDI8HLub86hCihIsadiFlhojL1iIfybhD5JImdz1JonkCuvxrjiwtb7jMMwnDJBurdhnIgjFeczf32cGbA3AJB1mFJr9waIfuy 52pkH87HAHB1zpfy7eCK7H3qgy9Kf4q7fcqCsFHm9l ckj Hyqbmzdn9DzvBekbJgtsxBt2tGp8hzka8EmMm9dqAiol3xhMstAkoqE1crKsDA6x6w39iFgh4c94eyaCAHvf5fk9D3fftMu6zzj93tldqyF4thbH9EKIoKsKjnK ieaJujcy3M2IGJELkfGFBJJzu l5tCzKKHkrDBsrs6dkAos9nCq61gcIIrzukcu9D9Dn7oFM2gdad1II7oIvl18y4bDEnrELKcvMlnd48bfaao5nyxl3llB vhhMtx9iuhDBbvpEe39CcwjK GakkxCuhB5K qyfME4AG3n J6xFJMIuM6Jwf99Em4o74bman4zLE9mAcBb48cz4D6Aqhxe5bbpMABxz55sumMaAjjMr5MpGtrmBFzME2dE8dKn7h JJE9HMB drqmiJEIl1L9aJ8vcuEgkHFsapwqBfcIJ89xvKGg2t4fnDdvjCzavar xmrxaldJrtGuMwhweLdIv feznKw6qjzlobK2D53eundovcbACcw8sacomkyMx5liKl6G oqJ56xpk94upvm EA4Gb6nk18Kn6b7IowsA MIz4d4fIuME4dA2DHh3Llvy5Amkjoxrt2CJAHgDDxxC42fB9G4H7GfFhaD aaaaaaaaaaaaaaaaaaaaaaaaaa

Extended Key Usages

ExtKeyUsageCodeSigning

a4:33:cb:c6:42:6b:8a:2f:fd:21:1a:02:ae:d4:ad:77:e8:b5:9c:05
Signer

Actual PE Digest

a4:33:cb:c6:42:6b:8a:2f:fd:21:1a:02:ae:d4:ad:77:e8:b5:9c:05

Digest Algorithm

sha1

PE Digest Matches

false

Signature Validations

Trusted

false

Verification

Signing Certificate

CN=jhjkkkkkkkkkkkkkkkkkkkkkkkkkkkk 1rc3z5z31 MnC33iLdtdz893n3JmcblKLwGmdH35ILJvH5sg ja boLirqj5 AGLCBEMCtxp 27wq9Ar8 puIihEId36xL9a48f1 ndqmLfawiG1MygMMgaxjjc3Fop4guiCxebMD2tGdC cEk2s4weDyaJDL7cKajACfABn75Kaz9cHtyL 5A9gkBBGuxbIadFAn5wClox39zsAJHbqudKs73vvtxkJFbBbgwhFH9LEdkaJ9D64KI9hozbt2GmjpKehtu2saE i1hbub5di7d4CyxMAhm7zm67BndmMf2ml5gqHl3CA3GfgBra6I49syE6 zs3K59vAps137D2njLwF4IdufpsGJevbv 5gdLr4jxeyAuxD2w6fyBt24l2CwKBCGHpgbMvGovkkHpG2oDuFdz2891E2bE3pfenjboqAn8Ia2vsJxJs5G6s4nG2o4cideIah9na5mcJDl1HuDfH4zzJlAmJ jGd7lqA38p MIAFhwo3 udb98v49cgImFugGvCx765M3uvMpApK cJAub4en8pjK5Au3lebmnr4i2gxi f sJi9Jpfor4dp15CsI4xLFp27D3olmLdJHFBudmKxzrc2sMu5ed184zkz5oCJChyIzebeq5dfyapayFthyArnr9jEJMGb5J6kCz8CHlnbiipy3uti9jq927lzi2kBmb4BnxIoyKnm4KK8MIajs3r7sncDMtHiGju8DHkm55AhKaxL949cv1662ukjhusdnibtph3auiis3132tBHBFpGI3blu3d1cMBo7Gnr 5ycEamqvr9FAD3eyzbx2sr wgEJwA9qr8588Junr2CB565DngvnKCB3wyk5cry857xsvfCnG5tCnFlGEGkEjjslM1EIbmjMaphmF397nFJILcA32AwmkiBkAr3nlhHkDc7uKvag9gEdgcL56yk3hvatm veBJjCeHfFcMcEbf3d2Eqeb14AyEChBct7b6nx926sB8CmJa87ow zwHA2MumiruwgAwCznvtFLg4rFA7x7l4BvlDC6qf5F395FAKzjz1JEdyxaFfen2KjoJbdBL4bGHjg5Lzy8yolCvLrv24JacmyfL4LKCyrEub32ECG9 Kn3ocgIBCqcu3E bDJbveKHFtAyfywah wjHptMLp5E1x9CvJqj k2b2wrzDc1gwKeK2EfdrGJfydd9hovF5lsa1tdMan sJMusIl5mCjrHxLn Dnw9mbLpxxs3c4dFzj3r39 wBcFwGseE8lvBIapo9LAlpJcuGL3MxI3uujqugK6AA5uoLiDaiixgwAzClAt 2dD22w44MJzd3GlFdKkr2tHEjbAq1aHmbJtj89rine8evvAmJuBLgcdcvptpslCzjCApICjzJ91LmH66wdcnGygIl63 LKBD1w7DL66sg3F22 1t9adyqib9F5ArlAt69nrkrjg jfD241LkIGn5F15d6rEB ihGwfwKhuLDzhaunJqcuAxwnd9Kgxep6Hv1CtMidqtiBgwre2afAqHzlpKxaknfFzyeActG1L279L3umdlL4FiiKCLhgmxdHB3h51y96tztkijt5hguDar1nfn9yElIHqA7FH2lc9jAuAyG83BzrfHyDHmin vcAMbHK4lAibxszlgk5ee7tI6A9AkHBlvCIxpo9B2oazflK8g1lxaxmBGBFrsuvkMg16w8LKaBntC3k KDa2mHszkBBxH7JbkIupigCpxAoGdJcxu8ekzgt2CD3DAAb28 creMsxk9divcp4D9lpt9dFc7ifIf6nqKz8AGd7IEn5ocbpAfHCsqqDHKMklyIe1 3k3 s37dizKmqpqKi2Ffou4biKvHc1db9JK9LxLkCl3q4HbcF6grikIczhk2y5e1KEgo8g9C9fojpD cocu9slGKyAeeDIkDdJmoxFkgj4hbeu8q4DFbxdbwk72o8xsdvou8xykqlfaq 15cyMvziEpbtFMqbKbvgb4EavCosgBHk35jr e5qgbLzn64FwK Gl7oy4y7Iie 5vjwkg8fMiHq4MABr q2LdtL2smJ9B7hm3luBtKMq6dLucsDIIDry zcKCumpxaDzKdps8z28CexryzLLDsqfu5K2p aI52MfvnanLtzsImvyeDl7yvhtktyLpd48D4ucwgst t19GzsiIfxnLu4J8tLrCI7xGs8s62Crj8z3Ajz88L9acDfqtms1c2rLL4FiLKiw68ut9cImcBb tKMK11mhzjzHipedBzkfkgscp4jh1hACbIkgndorL98MxCDmCni6cM7J2i843coit2rp6brE2CLcB5ytjLaze28MEFtIz lqu49J2CwDHJjHG8FA1hphnrdAJxKv45rmpvkuHcAbLtEsvd7bFhqdtm1jb 71a23vBpuotC1CilasfmL3vea hrMIAcv4B3JMHl5eAnrHrmyDtHGkfFH idxJe5JcHb6wgK7qycC88dA4 M8mefi4McmHywtrj1eLudf8hI6cDdE uDF3KqCLam5JCq azaEjbIk8dMGsAtzk Ia78Bmx3Ki iD1zz51n84Cc1635JbidBeIt tACK71xpkbvDFcLxdruCzbmk8Is3ywnGch4mi4Jl8fsFvsxLMg1G45mEHumhxCpqpK723ppsfpIev74cFJhEfJiuIcDqAebCzo9ElFx5iF8Egm6cHlb219edDHjGkB1lEb1IDz lq2ung4vAhkMH7D2kx24wgrtgi5a4kBIFGMB3oqqlv6F13oAB2wn7b4BomjK37lv2BnzADlnerMzh5roLu1xK8qob21mu67lGFmu9dl7nosGnvrszoxwBj3jKqfE4Kb 59vnqEvvht3FqJCAyi43qHyjh7M624tKg9JIscfhx4av8nq4tCFhJuv1esK73LMrfMzjxc6Bv6C44MDCh8F349Hb7dsJG6mc6z8cjs4H5a4tlCi3cjImuLxLggsw1z 3mMzrMH 3MaHG6A4ECvI6m8bljA6q5DfeFIDfn7GwL87fEhrIznyjM3wkLH37dKniCzKnphc8rH8m76HAAsHuoBICKmj387nbAJaHnbzIqmnvKcDAukaGGz6vbtkmkamsHJAanm2t1jyFq3GIGMtelwdf15LIqn2uBi18oe9FLHM9x7M F n9FyCrjLxA2c9Kqbudmc52epenGbmkzk1qcCzihqsbsjqmJ foMLeq8kEDI8HLub86hCihIsadiFlhojL1iIfybhD5JImdz1JonkCuvxrjiwtb7jMMwnDJBurdhnIgjFeczf32cGbA3AJB1mFJr9waIfuy 52pkH87HAHB1zpfy7eCK7H3qgy9Kf4q7fcqCsFHm9l ckj Hyqbmzdn9DzvBekbJgtsxBt2tGp8hzka8EmMm9dqAiol3xhMstAkoqE1crKsDA6x6w39iFgh4c94eyaCAHvf5fk9D3fftMu6zzj93tldqyF4thbH9EKIoKsKjnK ieaJujcy3M2IGJELkfGFBJJzu l5tCzKKHkrDBsrs6dkAos9nCq61gcIIrzukcu9D9Dn7oFM2gdad1II7oIvl18y4bDEnrELKcvMlnd48bfaao5nyxl3llB vhhMtx9iuhDBbvpEe39CcwjK GakkxCuhB5K qyfME4AG3n J6xFJMIuM6Jwf99Em4o74bman4zLE9mAcBb48cz4D6Aqhxe5bbpMABxz55sumMaAjjMr5MpGtrmBFzME2dE8dKn7h JJE9HMB drqmiJEIl1L9aJ8vcuEgkHFsapwqBfcIJ89xvKGg2t4fnDdvjCzavar xmrxaldJrtGuMwhweLdIv feznKw6qjzlobK2D53eundovcbACcw8sacomkyMx5liKl6G oqJ56xpk94upvm EA4Gb6nk18Kn6b7IowsA MIz4d4fIuME4dA2DHh3Llvy5Amkjoxrt2CJAHgDDxxC42fB9G4H7GfFhaD aaaaaaaaaaaaaaaaaaaaaaaaaa

01/12/2022, 14:34
Valid: false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetLastError
SetUnhandledExceptionFilter
SystemTimeToFileTime
TerminateProcess
TlsSetValue
UnhandledExceptionFilter
VirtualAlloc
VirtualFree
VirtualQuery
WaitForMultipleObjects
SetFilePointer
lstrcatW
lstrcmpA
lstrcmpW
lstrcmpiA
lstrcmpiW
lstrcpyW
lstrlenA
lstrlenW
ReadFile
SetEvent
SetEndOfFile
RtlUnwind
QueryPerformanceCounter
OpenEventW
LocalFree
LocalAlloc
LoadLibraryA
InterlockedExchange
HeapReAlloc
HeapFree
HeapAlloc
GetWindowsDirectoryW
GetVersionExW
GetTickCount
GetSystemWindowsDirectoryW
GetSystemTimeAsFileTime
GetSystemTime
GetStartupInfoA
GetProcAddress
GetOEMCP
GetNumberFormatW
GetModuleHandleA
GetLocaleInfoA
GetLocalTime
GetLastError
GetFileSize
GetDiskFreeSpaceA
GetCurrentThreadId
GetCurrentThread
GetCurrentProcessId
GetCurrentProcess
GetCommandLineW
GetCPInfo
GetACP
FindNextFileA
FindFirstFileA
FindClose
ExitProcess
DeleteFileA
CreateThread
CreateMutexW
CreateFileA
CreateEventW
CreateDirectoryA
WriteFile
CloseHandle

user32

IsWindow
KillTimer
LoadCursorW
LoadIconW
LoadImageW
LoadStringA
LoadStringW
MapVirtualKeyExW
MapVirtualKeyW
MessageBoxA
MessageBoxW
MoveWindow
OffsetRect
OpenDesktopW
OpenInputDesktop
OpenWindowStationW
PeekMessageA
PostMessageW
PostQuitMessage
RegisterClassW
RegisterWindowMessageW
ReleaseCapture
ReleaseDC
ScreenToClient
SendInput
SendMessageA
SendMessageW
SetCapture
SetClassLongW
SetCursor
SetDlgItemTextA
SetFocus
SetForegroundWindow
SetProcessWindowStation
SetThreadDesktop
SetTimer
SetWindowLongW
SetWindowPos
SetWindowRgn
ShowWindow
SystemParametersInfoA
ToUnicodeEx
TranslateMessage
UpdateWindow
WinHelpW
wsprintfA
wsprintfW
IsIconic
IsDlgButtonChecked
IsDialogMessageA
InvalidateRect
GetWindowThreadProcessId
GetWindowRect
GetWindowLongW
GetUserObjectInformationW
GetThreadDesktop
GetSysColor
GetProcessWindowStation
GetParent
GetMessageW
GetMenu
GetKeyboardType
GetKeyboardLayout
GetKeyState
GetForegroundWindow
GetDlgItem
GetDesktopWindow
GetDC
GetCursorPos
GetClientRect
GetClassInfoW
GetAsyncKeyState
FindWindowW
EndPaint
EndDialog
EnableWindow
EnableMenuItem
DrawIconEx
DispatchMessageW
DispatchMessageA
DialogBoxParamW
DialogBoxParamA
DestroyWindow
DefWindowProcW
CreateWindowExW
CreateDialogParamA
CloseWindowStation
CloseDesktop
ChildWindowFromPointEx
CheckMenuRadioItem
CheckMenuItem
CheckDlgButton
CharPrevA
BeginPaint
AllowSetForegroundWindow
ActivateKeyboardLayout
GetSystemMetrics

gdi32

TextOutW
StretchBlt
SetTextColor
SetMapMode
SetBkMode
SetBkColor
SelectPalette
SelectObject
RealizePalette
Polyline
GetTextMetricsW
GetObjectW
CreateFontIndirectW
DeleteObject
DeleteDC
CreateSolidBrush
CreateRoundRectRgn
BitBlt
CreateCompatibleDC
CreateBitmap
CreatePenIndirect

advapi32

FreeSid
GetTokenInformation
SetSecurityDescriptorOwner
SetSecurityDescriptorDacl
RegSetValueExW
RegSetValueExA
RegQueryValueExW
RegQueryValueExA
RegQueryInfoKeyA
RegOverridePredefKey
RegOpenKeyExA
RegOpenKeyA
RegEnumKeyExA
RegCreateKeyExW
RegCloseKey
OpenThreadToken
OpenProcessToken
InitializeSecurityDescriptor
AddAccessAllowedAce
AllocateAndInitializeSid
CheckTokenMembership
InitializeAcl

ole32

CoGetMalloc
CoInitialize
CoTaskMemRealloc
CoUninitialize
CoCreateInstance

shlwapi

wnsprintfA
StrFormatByteSize64A

comctl32

InitCommonControlsEx

msvcrt

_c_exit
memcpy
wcscpy
malloc
free
exit
_XcptFilter
__getmainargs
__p__commode
__p__fmode
__set_app_type
__setusermatherr
_acmdln
_adjust_fdiv
_cexit
_controlfp
_except_handler3
_exit
_ftol
_initterm
_wcsicmp

Sections

.text
Size: 268KB - Virtual size: 268KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 96B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data4
Size: 512B - Virtual size: 100B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data3
Size: 512B - Virtual size: 100B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data2
Size: 512B - Virtual size: 100B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b736b6d3131b3b0e6ead1cd42193410a

Code Sign

41:2e:2c:6c:5f:ec:9f:63:b0:ff:45:d0:dc:1e:d1:d8Certificate

Extended Key Usages

a4:33:cb:c6:42:6b:8a:2f:fd:21:1a:02:ae:d4:ad:77:e8:b5:9c:05Signer

Signature Validations

Verification

01/12/2022, 14:34 Valid: false

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

ole32

shlwapi

comctl32

msvcrt

Sections

.text Size: 268KB - Virtual size: 268KB

.rdata Size: 6KB - Virtual size: 6KB

.data Size: 512B - Virtual size: 96B

.data4 Size: 512B - Virtual size: 100B

.data3 Size: 512B - Virtual size: 100B

.data2 Size: 512B - Virtual size: 100B

.rsrc Size: 3KB - Virtual size: 2KB

41:2e:2c:6c:5f:ec:9f:63:b0:ff:45:d0:dc:1e:d1:d8
Certificate

a4:33:cb:c6:42:6b:8a:2f:fd:21:1a:02:ae:d4:ad:77:e8:b5:9c:05
Signer

01/12/2022, 14:34
Valid: false

.text
Size: 268KB - Virtual size: 268KB

.rdata
Size: 6KB - Virtual size: 6KB

.data
Size: 512B - Virtual size: 96B

.data4
Size: 512B - Virtual size: 100B

.data3
Size: 512B - Virtual size: 100B

.data2
Size: 512B - Virtual size: 100B

.rsrc
Size: 3KB - Virtual size: 2KB