cc811908777ba78c34e5741bfffa061d5d9402df703b2e1f3b19fdac9af2ad14

Sharing

Copy URL

Twitter E-mail

General

Target

cc811908777ba78c34e5741bfffa061d5d9402df703b2e1f3b19fdac9af2ad14
Size

68KB
MD5

830d23401f335575f5f903579492a758
SHA1

bfc925e00d7f044ae985010f6cd6da7d7b6ee5f1
SHA256

cc811908777ba78c34e5741bfffa061d5d9402df703b2e1f3b19fdac9af2ad14
SHA512

ae4a54b11b7afd36e03c321db78159d52eb4dabfccefd24c6a14bd65f0b8e6353264e3046ab7f5fa96626c1b82f88ab9fa39f5befeb7965a48b07b228d4ba206
SSDEEP

1536:Jc5+hT7pUCORhNiYKimrdTBBRzI0udp3Civ:O5WUjhEYor1ZI0udpSiv

Score

N/A

Malware Config

Signatures

Files

cc811908777ba78c34e5741bfffa061d5d9402df703b2e1f3b19fdac9af2ad14
.exe windows x86

ba3aeb5d6520bd1f30e11e56f72dfe5f

Code Sign

3e:01:16:d2:a8:37:80:6c:b6:a0:b2:5d:49:9e:a8:71
Certificate

Issuer

CN=c7CD2apNdE2Co67yXFCKkD2C3K35x7xCVdTNEZLCkXDYMPKJlPTJkYOzzAbZINSQisxJwpOn6kq23BKxEki70CjzEXouH7D9irHhlzXbJ7nLXdpzAbhPgD5BEf6fpLdb84LhvOZpYf5cUgCdKi8eM32bjwJYM56VeNoYR4XtkMU0pbd3AatUdu6OfVao8j

Not Before

22-05-2012 10:20

Not After

22-11-2012 10:20

Subject

CN=c7CD2apNdE2Co67yXFCKkD2C3K35x7xCVdTNEZLCkXDYMPKJlPTJkYOzzAbZINSQisxJwpOn6kq23BKxEki70CjzEXouH7D9irHhlzXbJ7nLXdpzAbhPgD5BEf6fpLdb84LhvOZpYf5cUgCdKi8eM32bjwJYM56VeNoYR4XtkMU0pbd3AatUdu6OfVao8j

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

a4:ba:6f:68:1d:e6:3a:d1:f5:e0:a3:48:23:43:e5:b4:7d:24:f0:50
Signer

Actual PE Digest

a4:ba:6f:68:1d:e6:3a:d1:f5:e0:a3:48:23:43:e5:b4:7d:24:f0:50

Digest Algorithm

sha1

PE Digest Matches

false

Signature Validations

Trusted

false

Verification

Signing Certificate

CN=c7CD2apNdE2Co67yXFCKkD2C3K35x7xCVdTNEZLCkXDYMPKJlPTJkYOzzAbZINSQisxJwpOn6kq23BKxEki70CjzEXouH7D9irHhlzXbJ7nLXdpzAbhPgD5BEf6fpLdb84LhvOZpYf5cUgCdKi8eM32bjwJYM56VeNoYR4XtkMU0pbd3AatUdu6OfVao8j

01-12-2022 14:34
Valid: false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProfileIntA
GetConsoleAliasesA
GetConsoleAliasExesLengthW
GetVolumeNameForVolumeMountPointA
GetVolumeNameForVolumeMountPointW
BuildCommDCBW
GetTapeParameters
WaitForMultipleObjectsEx
_llseek
SetConsoleMode
LocalSize
GlobalUnfix
VirtualUnlock
lstrcat
ReleaseMutex
VirtualFreeEx
WriteFileEx
GlobalSize
SetThreadExecutionState
GetCPInfo
GlobalUnlock
IsBadCodePtr
TlsFree
SetFileAttributesA
OpenMutexA
WaitForSingleObject
OpenThread
GetProfileSectionA
WideCharToMultiByte
CompareStringW
LocalCompact
GetModuleFileNameA
GetLogicalDrives
WriteConsoleOutputCharacterW
Module32NextW
ChangeTimerQueueTimer
GetACP
AddAtomA
lstrcatW
FindFirstFileExW
GlobalHandle
GetCurrentThreadId
GlobalDeleteAtom
GetSystemTimeAdjustment
GetConsoleAliasesW
DeleteCriticalSection
LCMapStringA
RtlUnwind
LocalFlags
MoveFileW
SetFilePointerEx
CancelTimerQueueTimer
GetThreadLocale
GetTempPathA
EnumSystemCodePagesW
GetStartupInfoA
GetProfileSectionW
FileTimeToDosDateTime
HeapFree
Beep
GetVolumeInformationW
FindNextFileA
FindFirstFileA
SetThreadLocale
VirtualAlloc
IsBadStringPtrW
GetConsoleTitleA
WriteProfileStringA
PulseEvent
FormatMessageA
SetFileAttributesW
GetCPInfoExW
CancelDeviceWakeupRequest
SetTimeZoneInformation
CreateDirectoryExA
EnumResourceLanguagesW
FreeLibrary
EnumResourceNamesA
FindResourceW
OpenProcess
GetPrivateProfileStringW
GetNamedPipeHandleStateW
GlobalGetAtomNameW
FatalAppExitW
DisconnectNamedPipe
EscapeCommFunction
VirtualAllocEx
GetTapePosition
EnumUILanguagesW
GetLastError
GetConsoleAliasW
HeapCreate
SetLocaleInfoW
ScrollConsoleScreenBufferA
GetShortPathNameA
CreateFileMappingA
ExitThread
FindFirstVolumeW
GetCurrencyFormatA
SwitchToThread
GetCurrentConsoleFont
LockFile
WaitForDebugEvent
SetCommConfig
GlobalReAlloc
TlsAlloc
GetCalendarInfoA
ExpandEnvironmentStringsA
PostQueuedCompletionStatus
SleepEx
GlobalFlags
MapUserPhysicalPagesScatter
GetFileAttributesExA
GetFileAttributesExW
SetVolumeLabelW
GetUserDefaultUILanguage
FindVolumeClose
VerifyVersionInfoA
WriteConsoleInputA
GetConsoleAliasExesLengthA
GetCurrencyFormatW
GetComputerNameW
OutputDebugStringW
lstrcpynW
GetFileAttributesW
GetComputerNameExA
SetDefaultCommConfigW
AllocateUserPhysicalPages
lstrcpyn
SetThreadPriorityBoost
VerSetConditionMask
CreateTapePartition
SearchPathA
ReadDirectoryChangesW
WriteConsoleW
GetNamedPipeHandleStateA
GetConsoleMode
DisableThreadLibraryCalls
TerminateJobObject
lstrcmpiA
CreateSemaphoreA
GetEnvironmentVariableW
BackupWrite
EnumCalendarInfoW
GlobalWire
BuildCommDCBA
GetEnvironmentStringsA
IsBadStringPtrA
SetSystemTime
GlobalFree
SetEvent
GetProcessTimes
SetThreadIdealProcessor
GetProcessHeaps
LoadLibraryA
GetProcAddress
LocalAlloc

user32

CreateWindowStationW
CallWindowProcW
TranslateAccelerator
CreateWindowExW
ReleaseDC
BeginDeferWindowPos
DispatchMessageW
NotifyWinEvent
GetAncestor
GetCaretPos
EndDialog
SystemParametersInfoA
GetMenuDefaultItem
GetMouseMovePointsEx
OpenClipboard
DdeInitializeA
SetMessageExtraInfo
GetUserObjectSecurity
ShowWindowAsync
SendNotifyMessageA
DrawTextA
IsChild
InsertMenuW
FillRect
EndMenu
GetWindowContextHelpId
GetInputDesktop
DdeSetUserHandle
ExcludeUpdateRgn
SetCaretBlinkTime
SetSystemCursor
CharNextW
CallMsgFilter
DdeImpersonateClient
IsCharAlphaW
DdeDisconnectList
SetDlgItemInt
CountClipboardFormats
GetOpenClipboardWindow
ModifyMenuA
GetKeyboardType
GetPriorityClipboardFormat
GetMenuStringW
EditWndProc
GetShellWindow
ReuseDDElParam
CreateMDIWindowW
GetWindowThreadProcessId
SendMessageCallbackW
CharUpperBuffW
LoadIconW
GetUserObjectInformationW
InsertMenuA
ChangeDisplaySettingsA
InSendMessageEx
GetWindowPlacement
EnumClipboardFormats
GetQueueStatus
MapVirtualKeyA
CheckMenuRadioItem
ChangeDisplaySettingsExA
ShowWindow
WinHelpA
ClipCursor
LockWorkStation
WINNLSEnableIME
DispatchMessageA
PostMessageA
DdeCreateStringHandleA
RealGetWindowClassA
ShowCaret
GetMenuItemInfoA
DlgDirListComboBoxW
CharToOemBuffW
GetClassNameW
DragDetect
ShowCursor
CloseWindow
RegisterClipboardFormatW
CallMsgFilterA
LoadCursorFromFileW
BroadcastSystemMessage
AdjustWindowRect
keybd_event
GetClassInfoW
wvsprintfW
LoadMenuW
RegisterDeviceNotificationW
RemovePropA
IsWindowEnabled
DdeUninitialize
LoadKeyboardLayoutW
DeregisterShellHookWindow
WaitMessage
TrackMouseEvent
SetWindowLongA
OpenWindowStationA
TranslateMessage
ScreenToClient
TileChildWindows
CharLowerBuffW
GetFocus
LoadAcceleratorsW
DestroyMenu
GetListBoxInfo
GetKeyboardLayoutNameW
DestroyIcon
GetAltTabInfo
TrackPopupMenu
DrawIcon
GetCaretBlinkTime
DdeCreateDataHandle
VkKeyScanW
IMPQueryIMEA

comdlg32

ReplaceTextW
GetFileTitleW
GetOpenFileNameA

shell32

SHGetDiskFreeSpaceA
SHEmptyRecycleBinA
SHGetPathFromIDListA
ExtractIconEx
SHFileOperationW
DragAcceptFiles
ExtractIconExA
SHBrowseForFolderW
SHGetFileInfoA
ExtractAssociatedIconW
Shell_NotifyIconW
SHCreateProcessAsUserW
SHFormatDrive
SHGetDesktopFolder
SHFileOperation
ExtractAssociatedIconA
SHGetFileInfo

shlwapi

StrRChrW
StrStrA

comctl32

ImageList_EndDrag
InitializeFlatSB
ImageList_LoadImage
ImageList_DragMove
ImageList_DragLeave
ImageList_DrawEx
ImageList_Copy
ImageList_GetIcon
ImageList_DragEnter
_TrackMouseEvent
CreateStatusWindowW
ImageList_SetDragCursorImage
CreateToolbarEx
ImageList_GetDragImage
ImageList_AddIcon
FlatSB_SetScrollProp
ImageList_Replace
ord17

Sections

.text
Size: 52KB - Virtual size: 51KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ba3aeb5d6520bd1f30e11e56f72dfe5f

Code Sign

3e:01:16:d2:a8:37:80:6c:b6:a0:b2:5d:49:9e:a8:71Certificate

Extended Key Usages

a4:ba:6f:68:1d:e6:3a:d1:f5:e0:a3:48:23:43:e5:b4:7d:24:f0:50Signer

Signature Validations

Verification

01-12-2022 14:34 Valid: false

Headers

File Characteristics

Imports

kernel32

user32

comdlg32

shell32

shlwapi

comctl32

Sections

.text Size: 52KB - Virtual size: 51KB

.data Size: 9KB - Virtual size: 8KB

.rsrc Size: 2KB - Virtual size: 2KB

.reloc Size: 1KB - Virtual size: 1KB

3e:01:16:d2:a8:37:80:6c:b6:a0:b2:5d:49:9e:a8:71
Certificate

a4:ba:6f:68:1d:e6:3a:d1:f5:e0:a3:48:23:43:e5:b4:7d:24:f0:50
Signer

01-12-2022 14:34
Valid: false

.text
Size: 52KB - Virtual size: 51KB

.data
Size: 9KB - Virtual size: 8KB

.rsrc
Size: 2KB - Virtual size: 2KB

.reloc
Size: 1KB - Virtual size: 1KB