fd576a915d9c343939b40b2975c348aa66f8a2668a25d834cef6ebf8cbeb7199

Sharing

Copy URL Twitter E-mail

General

Target

fd576a915d9c343939b40b2975c348aa66f8a2668a25d834cef6ebf8cbeb7199
Size

142KB
MD5

41bd714c70d0fe498c1eb84f3d1cdf61
SHA1

07c11082819faef37ec3d613c315c75d22d3ec7b
SHA256

fd576a915d9c343939b40b2975c348aa66f8a2668a25d834cef6ebf8cbeb7199
SHA512

876b6df6e32b9f592de5deb119f248adb08947ed899de1c37e2fbba865e5d217e5d33d842b34fc0b7485531b1f7497876bafaf5c7662ea1f88d71c0f9971b7db
SSDEEP

3072:pkUzvoydCxTmh1LY2ugIqeFWcg3eFgR/BQfTUMQH9REx:pT/fY2IqeFWcVyOTUMQH+

Score

N/A

Malware Config

Signatures

Files

fd576a915d9c343939b40b2975c348aa66f8a2668a25d834cef6ebf8cbeb7199
.exe windows x86

b84c5bb52014d83fc5e6534e392dea2a

Code Sign

50:b6:ed:79:a1:ec:4e:62:bc:33:32:46:3e:eb:9e:2d
Certificate

Issuer

CN=7348345845

Not Before

25/01/2012, 13:00

Not After

31/12/2039, 23:59

Subject

CN=7348345845

Extended Key Usages

ExtKeyUsageCodeSigning

2b:3c:24:5a:29:03:4c:29:0a:1a:7d:d7:d0:ef:80:c8:19:fa:eb:99
Signer

Actual PE Digest

2b:3c:24:5a:29:03:4c:29:0a:1a:7d:d7:d0:ef:80:c8:19:fa:eb:99

Digest Algorithm

sha1

PE Digest Matches

true

Signature Validations

Trusted

false

Verification

Signing Certificate

CN=7348345845

01/12/2022, 14:34
Valid: false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
LoadLibraryA
AddConsoleAliasA
AreFileApisANSI
AssignProcessToJobObject
CloseHandle
CommConfigDialogA
CompareStringA
CreateConsoleScreenBuffer
CreateEventA
CreateNamedPipeA
CreateTimerQueue
CreateWaitableTimerA
CreateWaitableTimerW
DebugBreak
EnumDateFormatsExA
EnumLanguageGroupLocalesW
EnumSystemLocalesW
EnumTimeFormatsA
EnumTimeFormatsW
ExitThread
ExpandEnvironmentStringsA
FillConsoleOutputCharacterA
FindAtomW
FindFirstChangeNotificationW
FindFirstVolumeW
FindNextFileA
FindVolumeClose
FlushConsoleInputBuffer
FlushViewOfFile
FreeUserPhysicalPages
GetConsoleAliasA
GetCurrentProcessId
GetCurrentThread
GetDateFormatW
GetLargestConsoleWindowSize
GetLastError
GetModuleFileNameA
GetModuleHandleW
GetNumberFormatA
GetNumberFormatW
GetNumberOfConsoleMouseButtons
GetOEMCP
GetOverlappedResult
GetPriorityClass
GetPrivateProfileSectionA
GetProcessHeaps
GetShortPathNameA
ExitProcess
GetThreadPriorityBoost
GetThreadSelectorEntry
GetTimeZoneInformation
GetUserDefaultUILanguage
GetVolumeInformationA
GlobalLock
GlobalUnfix
HeapDestroy
HeapSize
InterlockedDecrement
IsBadCodePtr
IsBadStringPtrA
IsSystemResumeAutomatic
LoadLibraryExA
LocalFileTimeToFileTime
LocalLock
MoveFileA
OpenProcess
OutputDebugStringW
PeekNamedPipe
Process32First
Process32NextW
QueryInformationJobObject
QueryPerformanceCounter
ReadConsoleOutputAttribute
ReadConsoleW
ReadFileEx
SetCurrentDirectoryW
SetDefaultCommConfigA
SetFileAttributesW
SetMailslotInfo
SetMessageWaitingIndicator
SetProcessPriorityBoost
SetStdHandle
SetSystemPowerState
SetTimeZoneInformation
SetVolumeLabelW
SetVolumeMountPointW
SizeofResource
TlsSetValue
TryEnterCriticalSection
UnregisterWait
WaitNamedPipeA
WritePrivateProfileSectionA
WriteProfileSectionA
lstrcatA
lstrcpyA
lstrcpyW
GetThreadContext
VirtualAlloc

user32

ChangeDisplaySettingsExA
CharNextW
CharToOemBuffA
CharToOemW
CharUpperBuffA
CloseDesktop
CopyAcceleratorTableA
CopyRect
CreateDesktopA
CreateDialogParamA
DdeCmpStringHandles
DdeReconnect
DefMDIChildProcA
DefWindowProcA
DialogBoxIndirectParamA
DispatchMessageA
DlgDirListComboBoxW
DlgDirListW
DlgDirSelectExA
DlgDirSelectExW
DrawCaption
DrawMenuBar
DrawStateA
DrawStateW
DrawTextA
EndTask
EnumDisplayMonitors
EnumPropsA
GetCapture
GetClassInfoW
GetClassLongA
GetClassNameA
GetDlgItemTextW
GetFocus
GetIconInfo
GetInputDesktop
GetKBCodePage
GetKeyState
GetKeyboardState
GetMenuInfo
GetNextDlgTabItem
GetOpenClipboardWindow
GetScrollBarInfo
GetShellWindow
GetSysColorBrush
GetSystemMenu
GetTabbedTextExtentA
GetUserObjectInformationA
GetWindowTextW
IMPGetIMEA
InsertMenuA
InvertRect
IsChild
IsDialogMessageW
IsDlgButtonChecked
IsWindow
LoadIconA
LoadMenuA
MenuItemFromPoint
MonitorFromWindow
MoveWindow
PackDDElParam
PaintDesktop
PostMessageA
PtInRect
RealGetWindowClass
RegisterDeviceNotificationA
RemovePropA
ReuseDDElParam
SendIMEMessageExA
SendInput
SetClassLongW
SetForegroundWindow
SetMenuInfo
SetProcessDefaultLayout
SetPropA
SetRectEmpty
SetScrollInfo
SetTimer
SetWindowLongA
SetWindowsHookExA
TileWindows
TrackPopupMenu
TranslateAccelerator
TranslateAcceleratorW
UnloadKeyboardLayout
UnregisterClassA
UnregisterDeviceNotification
UpdateWindow
wsprintfA
ActivateKeyboardLayout
BroadcastSystemMessageW

advapi32

RegOpenKeyExW

ole32

CLIPFORMAT_UserUnmarshal
CLSIDFromProgID
CLSIDFromProgIDEx
CoAllowSetForegroundWindow
CoBuildVersion
CoCancelCall
CoCreateFreeThreadedMarshaler
CoCreateInstance
CoCreateInstanceEx
CoFileTimeToDosDateTime
CoFreeUnusedLibraries
CoGetClassVersion
CoGetCurrentLogicalThreadId
CoGetInstanceFromFile
CoGetInterfaceAndReleaseStream
CoGetMarshalSizeMax
CoGetObject
CoGetStandardMarshal
CoGetTreatAsClass
CoImpersonateClient
CoMarshalHresult
CoReactivateObject
CoRegisterMessageFilter
CoRegisterSurrogateEx
CoReleaseServerProcess
CoRevertToSelf
CoSetProxyBlanket
CoSwitchCallContext
CoTaskMemRealloc
CoUnloadingWOW
CreateAntiMoniker
CreateBindCtx
CreateFileMoniker
CreateGenericComposite
CreateObjrefMoniker
DllDebugObjectRPCHook
HBITMAP_UserMarshal
HBRUSH_UserMarshal
HDC_UserSize
HGLOBAL_UserMarshal
HICON_UserSize
HICON_UserUnmarshal
HMENU_UserUnmarshal
HMETAFILEPICT_UserMarshal
HMETAFILE_UserMarshal
HMETAFILE_UserUnmarshal
HPALETTE_UserSize
HWND_UserUnmarshal
IsAccelerator
MkParseDisplayName
MonikerRelativePathTo
OleConvertIStorageToOLESTREAM
OleCreate
OleCreateEmbeddingHelper
OleCreateLinkToFile
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleGetClipboard
OleGetIconOfFile
OleInitializeWOW
OleNoteObjectVisible
OleRegGetUserType
OleRun
OleSaveToStream
PropStgNameToFmtId
PropVariantClear
ReadClassStg
SNB_UserFree
StgConvertPropertyToVariant
StgConvertVariantToProperty
StgCreatePropSetStg
StgGetIFillLockBytesOnFile
StgGetIFillLockBytesOnILockBytes
StgOpenAsyncDocfileOnIFillLockBytes
StgPropertyLengthAsVariant
StgSetTimes
UtConvertDvtd16toDvtd32
UtConvertDvtd32toDvtd16
UtGetDvtd16Info
UtGetDvtd32Info
WdtpInterfacePointer_UserSize
WriteClassStm
WriteStringStream

Sections

.text
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.ttt
Size: 125KB - Virtual size: 125KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 172B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b84c5bb52014d83fc5e6534e392dea2a

Code Sign

50:b6:ed:79:a1:ec:4e:62:bc:33:32:46:3e:eb:9e:2dCertificate

Extended Key Usages

2b:3c:24:5a:29:03:4c:29:0a:1a:7d:d7:d0:ef:80:c8:19:fa:eb:99Signer

Signature Validations

Verification

01/12/2022, 14:34 Valid: false

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

ole32

Sections

.text Size: 9KB - Virtual size: 9KB

.ttt Size: 125KB - Virtual size: 125KB

.data Size: 512B - Virtual size: 172B

.rsrc Size: 2KB - Virtual size: 2KB

.reloc Size: 2KB - Virtual size: 1KB

50:b6:ed:79:a1:ec:4e:62:bc:33:32:46:3e:eb:9e:2d
Certificate

2b:3c:24:5a:29:03:4c:29:0a:1a:7d:d7:d0:ef:80:c8:19:fa:eb:99
Signer

01/12/2022, 14:34
Valid: false

.text
Size: 9KB - Virtual size: 9KB

.ttt
Size: 125KB - Virtual size: 125KB

.data
Size: 512B - Virtual size: 172B

.rsrc
Size: 2KB - Virtual size: 2KB

.reloc
Size: 2KB - Virtual size: 1KB