b081d8ea9c2d189f773076a45d4b920ef5b9fee4d89ee24bd1238b336906b551

Sharing

Copy URL

Twitter E-mail

General

Target

b081d8ea9c2d189f773076a45d4b920ef5b9fee4d89ee24bd1238b336906b551
Size

312KB
MD5

0cbe41b25c4b3a0e9b2e3b91949a849f
SHA1

2c1a8fac3a907d3ec719dec95963f231c3c7be1b
SHA256

b081d8ea9c2d189f773076a45d4b920ef5b9fee4d89ee24bd1238b336906b551
SHA512

7bcf98e967dabd07eac6c47a9570d78187d704e3ba7601f89de1e293ce729fd27fb58705c4c8f8ded60f513b12012e07053db3ed4d50691e9ff6027bbb077896
SSDEEP

6144:rqNth2NdzpFVBuqQOizJQK3BqfZ4/Psc3KG6iDLwhz6Aaw6qaNYAts:82Nd1FVYOi1RBqykcr6i4hz6Ndts

Score

N/A

Malware Config

Signatures

Files

b081d8ea9c2d189f773076a45d4b920ef5b9fee4d89ee24bd1238b336906b551
.exe windows x86

356efdc5ffff634b761e8ffc51317eb4

Code Sign

66:68:25:cc:9e:d2:2a:6e:bb:07:b7:d6:cc:27:94:72
Certificate

Issuer

CN=ssuxxrmsyabbmlcgdpbbdjvmqqqvfixufdfkmrunnlhxuauinerpkoznecbetcnrdbrxkmqcqgagqbbslnwgxjjwxqbmpqvilaxmsxtnofiebsqqptfkuoxcifbqgqcbmxlwrsdyxkajbdmkgofahuryjcheipafiapilncryjtgsgvncxzuotekncujibkkldlygxghkdxxfagrkgocxwcnvjibzgljwiwjjhljqyryqfmqakqwopmmxkmuxoqaeelwcdutmrzvdoskgptvwgqrtgpsucrjmpqmsptjgkqmasgcyngedbbscfvsjyprkzruqybjvtcqlfuaoegyteqfadbgkcrgczndggrbsrsorlgpzbotcoobfdbnqlmqhwxkylwutpphcuvk

Not Before

27-09-2012 05:01

Not After

31-12-2039 23:59

Subject

CN=ssuxxrmsyabbmlcgdpbbdjvmqqqvfixufdfkmrunnlhxuauinerpkoznecbetcnrdbrxkmqcqgagqbbslnwgxjjwxqbmpqvilaxmsxtnofiebsqqptfkuoxcifbqgqcbmxlwrsdyxkajbdmkgofahuryjcheipafiapilncryjtgsgvncxzuotekncujibkkldlygxghkdxxfagrkgocxwcnvjibzgljwiwjjhljqyryqfmqakqwopmmxkmuxoqaeelwcdutmrzvdoskgptvwgqrtgpsucrjmpqmsptjgkqmasgcyngedbbscfvsjyprkzruqybjvtcqlfuaoegyteqfadbgkcrgczndggrbsrsorlgpzbotcoobfdbnqlmqhwxkylwutpphcuvk

Extended Key Usages

ExtKeyUsageCodeSigning

38:e8:da:36:bc:97:62:fb:fb:4a:4b:90:36:cb:b7:a9:94:a5:37:a5
Signer

Actual PE Digest

38:e8:da:36:bc:97:62:fb:fb:4a:4b:90:36:cb:b7:a9:94:a5:37:a5

Digest Algorithm

sha1

PE Digest Matches

true

Signature Validations

Trusted

false

Verification

Signing Certificate

CN=ssuxxrmsyabbmlcgdpbbdjvmqqqvfixufdfkmrunnlhxuauinerpkoznecbetcnrdbrxkmqcqgagqbbslnwgxjjwxqbmpqvilaxmsxtnofiebsqqptfkuoxcifbqgqcbmxlwrsdyxkajbdmkgofahuryjcheipafiapilncryjtgsgvncxzuotekncujibkkldlygxghkdxxfagrkgocxwcnvjibzgljwiwjjhljqyryqfmqakqwopmmxkmuxoqaeelwcdutmrzvdoskgptvwgqrtgpsucrjmpqmsptjgkqmasgcyngedbbscfvsjyprkzruqybjvtcqlfuaoegyteqfadbgkcrgczndggrbsrsorlgpzbotcoobfdbnqlmqhwxkylwutpphcuvk

01-12-2022 14:34
Valid: false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCPInfo
VirtualAlloc
LoadLibraryW
CreateFileW
GetProcAddress
LoadLibraryA
lstrcatW
GetConsoleAliasExesLengthW
SetTapeParameters
SetConsoleScreenBufferSize
GetLogicalDriveStringsA
GetSystemTime
GetSystemDefaultUILanguage
GetQueuedCompletionStatus
WriteConsoleOutputW
HeapAlloc
GetUserDefaultUILanguage
GlobalDeleteAtom
SetProcessWorkingSetSize
GetNumberOfConsoleMouseButtons
TerminateThread
GetLocaleInfoA
CreateDirectoryExA
CopyFileW
GetWindowsDirectoryA
Heap32ListFirst
HeapSize
PurgeComm
PulseEvent
GetExitCodeThread
GetProfileSectionW
FreeUserPhysicalPages
ExitThread
ConvertThreadToFiber
OpenFile
EnumDateFormatsExW
GetNamedPipeHandleStateW
CreateMailslotW
GetPrivateProfileStructW
ProcessIdToSessionId
DeleteFileW
GetProcessVersion
FindFirstFileW
LocalAlloc
CreateDirectoryW
MoveFileExW
SwitchToFiber
GetThreadContext
SetTapePosition
GlobalFix
FindClose
GetVersionExW
ConnectNamedPipe
GetStringTypeExA
GetProfileSectionA
GetVolumeNameForVolumeMountPointW
SuspendThread
GetAtomNameW
GetVolumePathNameA
GetShortPathNameA
CreateThread
SetCalendarInfoW
GetShortPathNameW
GetLongPathNameA
DeleteVolumeMountPointW
SystemTimeToTzSpecificLocalTime
GetCompressedFileSizeW
VirtualLock
GlobalFindAtomW
GetFileType
SetFileAttributesW
DeleteFiber
GetCompressedFileSizeA
BackupSeek
WriteConsoleInputA
WaitNamedPipeA
VerifyVersionInfoW
WriteConsoleW
UnregisterWait
GetNamedPipeHandleStateA
QueryPerformanceFrequency
GetFullPathNameW
DisableThreadLibraryCalls
GetPrivateProfileStringA
QueryDosDeviceW
GetSystemPowerStatus
SetEnvironmentVariableA
lstrcmpW
CreateHardLinkA
ReadConsoleOutputAttribute
SleepEx
GlobalMemoryStatusEx
GetProfileStringW
InterlockedIncrement
SetConsoleCursor
GetSystemDefaultLCID
WriteConsoleOutputCharacterA
GetEnvironmentStringsW
GetCurrentThread
SetConsoleTextAttribute
SetEnvironmentVariableW
GetDriveTypeW
GetCurrencyFormatA

user32

LoadIconA

shell32

ShellExecuteW
DragAcceptFiles
SHGetSpecialFolderPathA
SHFormatDrive
SHAppBarMessage
DoEnvironmentSubstW
SHCreateDirectoryExA
Shell_NotifyIconW
SHGetPathFromIDListW
ShellExecuteEx
SHGetInstanceExplorer
SHLoadInProc
DragQueryFile
ExtractIconExA
SHEmptyRecycleBinA
DuplicateIcon
SHGetFileInfoW
SHGetSettings
DragQueryFileA
SHGetFileInfo
ExtractAssociatedIconExA
SHFileOperationA
Shell_NotifyIconA
SHBrowseForFolderW
SHChangeNotify
ShellHookProc
SHGetPathFromIDListA
SHFileOperationW
ExtractIconEx
SHIsFileAvailableOffline
SHBindToParent
SHGetFolderLocation
SHEmptyRecycleBinW
WOWShellExecute
ShellAboutA
SHGetDiskFreeSpaceA
DragQueryFileW
SHCreateDirectoryExW
ShellAboutW
ExtractIconExW
SHGetSpecialFolderPathW
SHGetPathFromIDList
SHPathPrepareForWriteA
SHGetDataFromIDListW
SHQueryRecycleBinA
ShellExecuteExW
SHQueryRecycleBinW
ShellExecuteExA
SHGetFileInfoA
DragQueryFileAorW

ole32

OleCreateLinkEx
OleRegEnumFormatEtc
CoWaitForMultipleHandles
OleDestroyMenuDescriptor
CoGetObjectContext
CreateGenericComposite
OleCreateFromData
OleCreateLinkFromData
OleBuildVersion
UtGetDvtd16Info
CoInitialize
OleInitialize
CoRegisterMessageFilter
OleGetIconOfFile
CoGetCallContext
CoGetTreatAsClass
OleLoadFromStream
WdtpInterfacePointer_UserUnmarshal
CoReleaseServerProcess
CoIsHandlerConnected
CoQueryProxyBlanket
StgGetIFillLockBytesOnFile
CoRegisterSurrogate
CreateAntiMoniker
FreePropVariantArray
UtGetDvtd32Info
CreateFileMoniker
CoEnableCallCancellation
CoTaskMemAlloc
StgCreateDocfile
HBITMAP_UserSize
CoGetClassVersion
DcomChannelSetHResult
HBITMAP_UserMarshal
STGMEDIUM_UserUnmarshal
CoSwitchCallContext
CoFreeUnusedLibraries
CoCreateGuid
WdtpInterfacePointer_UserMarshal
OleCreateStaticFromData
StgCreatePropSetStg
IsEqualGUID
StgGetIFillLockBytesOnILockBytes
RevokeDragDrop
OleRun
CoDeactivateObject
ReadOleStg
ReadStringStream
HWND_UserUnmarshal
CreateDataAdviseHolder
OleLockRunning
SetConvertStg
GetClassFile
CreateObjrefMoniker
CoRevertToSelf
OleInitializeWOW
OleCreateEx
WriteFmtUserTypeStg
CoQueryAuthenticationServices
GetHGlobalFromStream
OleFlushClipboard
CoSuspendClassObjects
CreateOleAdviseHolder
HDC_UserFree
WriteClassStg
WdtpInterfacePointer_UserFree
HWND_UserSize
STGMEDIUM_UserMarshal
OleDraw
HPALETTE_UserUnmarshal
CoGetStdMarshalEx
CoSetCancelObject
CoFreeLibrary
CoRegisterChannelHook
CoUnmarshalInterface
PropStgNameToFmtId
OleConvertIStorageToOLESTREAMEx
OleTranslateAccelerator
CreateDataCache
BindMoniker
CoBuildVersion
CoReleaseMarshalData
CoGetCurrentProcess
StringFromGUID2
CoFreeAllLibraries

shlwapi

StrChrIA
StrStrIW
StrRChrA
StrStrA
StrChrA
StrCmpNIA
StrRChrW
StrChrIW
StrRStrIW
StrStrW
StrRChrIW

Sections

.text
Size: 296KB - Virtual size: 296KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.2
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

356efdc5ffff634b761e8ffc51317eb4

Code Sign

66:68:25:cc:9e:d2:2a:6e:bb:07:b7:d6:cc:27:94:72Certificate

Extended Key Usages

38:e8:da:36:bc:97:62:fb:fb:4a:4b:90:36:cb:b7:a9:94:a5:37:a5Signer

Signature Validations

Verification

01-12-2022 14:34 Valid: false

Headers

File Characteristics

Imports

kernel32

user32

shell32

ole32

shlwapi

Sections

.text Size: 296KB - Virtual size: 296KB

.2 Size: 3KB - Virtual size: 2KB

.data Size: 7KB - Virtual size: 7KB

.reloc Size: 1KB - Virtual size: 1KB

66:68:25:cc:9e:d2:2a:6e:bb:07:b7:d6:cc:27:94:72
Certificate

38:e8:da:36:bc:97:62:fb:fb:4a:4b:90:36:cb:b7:a9:94:a5:37:a5
Signer

01-12-2022 14:34
Valid: false

.text
Size: 296KB - Virtual size: 296KB

.2
Size: 3KB - Virtual size: 2KB

.data
Size: 7KB - Virtual size: 7KB

.reloc
Size: 1KB - Virtual size: 1KB