c0aa9d5bb77408c012e82f93c82b4d4b17e5ae5d8100b7760c7e296b06f8b9a7

Sharing

Copy URL Twitter E-mail

General

Target

c0aa9d5bb77408c012e82f93c82b4d4b17e5ae5d8100b7760c7e296b06f8b9a7
Size

86KB
MD5

9c1e69cceae434db23811cd54375d952
SHA1

73baab3fc7ddf3856215f19e655c8b514ee27c82
SHA256

c0aa9d5bb77408c012e82f93c82b4d4b17e5ae5d8100b7760c7e296b06f8b9a7
SHA512

d9658b1149c303dd6af20a4398bce707067097b5fa02577bd24b73aa05b1e90fdeae42760176d1f157a19909c15962f8dbc5bfcab5e464ccd5c86325d313cf7c
SSDEEP

768:EgeX5DN2zLkgDussiztgJz92mE7a1f35KoBHlrX6nirVt1KpLCzrRq39u1yt0++h:1ykrDusNzIZ23ovVBHRUiT6LCzkv8N1

Score

N/A

Malware Config

Signatures

Files

c0aa9d5bb77408c012e82f93c82b4d4b17e5ae5d8100b7760c7e296b06f8b9a7
.exe windows x86

0fb66024b1e8fc70dde1a535615d6c61

Code Sign

46:ee:15:bb:9a:4e:fa:74:b9:39:db:2c:e7:08:fd:83
Certificate

Issuer

CN=222222222

Not Before

13/02/2012, 04:39

Not After

31/12/2039, 23:59

Subject

CN=222222222

Extended Key Usages

ExtKeyUsageCodeSigning

43:8e:71:ca:7a:fb:da:e8:1e:18:61:50:3b:71:d3:db:46:5a:77:92
Signer

Actual PE Digest

43:8e:71:ca:7a:fb:da:e8:1e:18:61:50:3b:71:d3:db:46:5a:77:92

Digest Algorithm

sha1

PE Digest Matches

true

Signature Validations

Trusted

false

Verification

Signing Certificate

CN=222222222

01/12/2022, 14:34
Valid: false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
GetSystemInfo
VirtualAlloc
GetWindowsDirectoryW

user32

GetThreadDesktop
GetWindowContextHelpId
GetWindowDC
GetWindowLongA
GetWindowModuleFileNameA
GetWindowModuleFileNameW
GetWindowPlacement
GetWindowRgn
GetWindowTextLengthW
GetWindowTextW
GetWindowThreadProcessId
HideCaret
HiliteMenuItem
IMPSetIMEA
ImpersonateDdeClientWindow
InsertMenuItemW
InsertMenuW
InvalidateRect
IsCharAlphaW
IsDialogMessageA
IsIconic
IsRectEmpty
KillTimer
LoadAcceleratorsA
LoadCursorA
LoadCursorFromFileW
LoadMenuA
MapWindowPoints
MessageBeep
MessageBoxW
NotifyWinEvent
OpenDesktopW
OpenInputDesktop
OpenWindowStationW
PackDDElParam
PostThreadMessageW
RegisterClassExW
GetSystemMenu
RemovePropW
SendDlgItemMessageA
SendDlgItemMessageW
SendMessageCallbackA
SendMessageCallbackW
SendMessageTimeoutA
SetCaretPos
SetClassLongA
SetClassLongW
SetDlgItemTextA
SetDlgItemTextW
SetFocus
SetMenu
SetMenuDefaultItem
SetMessageExtraInfo
SetProcessDefaultLayout
SetPropA
SetSysColors
SetUserObjectSecurity
SetWinEventHook
SetWindowPlacement
SetWindowsHookW
ShowOwnedPopups
ShowWindow
SubtractRect
TileChildWindows
TrackMouseEvent
TrackPopupMenu
TranslateAccelerator
TranslateAcceleratorA
UnhookWindowsHookEx
UnionRect
UnregisterClassA
UpdateLayeredWindow
UpdateWindow
UserHandleGrantAccess
VkKeyScanExA
VkKeyScanW
WINNLSGetEnableStatus
WINNLSGetIMEHotkey
WindowFromDC
GetSubMenu
GetScrollRange
GetPropA
GetNextDlgTabItem
GetMonitorInfoW
GetMessageW
GetMessagePos
GetMenuItemRect
GetMenuItemInfoW
GetMenuItemCount
GetMenuCheckMarkDimensions
GetMenu
GetListBoxInfo
GetKeyboardLayoutList
GetKBCodePage
GetInputState
GetGuiResources
GetForegroundWindow
GetCursorPos
GetCursorInfo
GetCursor
GetComboBoxInfo
GetClipboardViewer
GetClipboardSequenceNumber
GetClipboardFormatNameA
GetClassLongW
GetClassLongA
GetClassInfoExA
GetCaretBlinkTime
GetCapture
GetActiveWindow
FrameRect
FlashWindowEx
EnumWindowStationsA
EnumPropsExW
EnumDisplaySettingsA
EnumDisplayMonitors
EndDeferWindowPos
EnableScrollBar
EmptyClipboard
EditWndProc
DrawStateW
DrawStateA
DrawMenuBar
DlgDirListW
DlgDirListComboBoxA
DlgDirListA
DispatchMessageA
DialogBoxParamA
DeleteMenu
DeferWindowPos
DefMDIChildProcA
DefFrameProcA
DefDlgProcA
DdeUninitialize
DdeUnaccessData
DdeQueryStringW
DdePostAdvise
DdeImpersonateClient
DdeGetLastError
DdeEnableCallback
DdeDisconnectList
DdeClientTransaction
CreateWindowExW
CreateIconFromResourceEx
CreateIcon
CreateDialogIndirectParamW
CreateDialogIndirectParamA
CreateCursor
CreateCaret
CreateAcceleratorTableA
CopyRect
CopyAcceleratorTableW
ClipCursor
CheckMenuItem
CheckDlgButton
CharUpperBuffA
CharUpperA
CharToOemBuffW
CharToOemA
CharNextW
ChangeMenuA
ChangeDisplaySettingsExW
CascadeWindows
CallMsgFilterA
BringWindowToTop
BlockInput
AppendMenuW
AnyPopup
RegisterWindowMessageW

shell32

Shell_NotifyIconA
Shell_NotifyIcon
ShellHookProc
ShellExecuteW
ShellExecuteExW
ShellExecuteExA
ShellExecuteEx
ShellExecuteA
ShellAboutW
SHQueryRecycleBinW
SHQueryRecycleBinA
SHPathPrepareForWriteW
SHPathPrepareForWriteA
SHLoadNonloadedIconOverlayIdentifiers
SHLoadInProc
SHInvokePrinterCommandW
SHInvokePrinterCommandA
SHGetSpecialFolderPathW
CheckEscapesW
DoEnvironmentSubstA
DoEnvironmentSubstW
DragAcceptFiles
DragFinish
DragQueryFile
DragQueryFileAorW
DragQueryFileW
DragQueryPoint
DuplicateIcon
ExtractAssociatedIconA
ExtractAssociatedIconExW
ExtractIconA
ExtractIconEx
ExtractIconExA
ExtractIconExW
ExtractIconW
FindExecutableA
FindExecutableW
SHAddToRecentDocs
SHAppBarMessage
SHBindToParent
SHBrowseForFolder
SHBrowseForFolderA
SHBrowseForFolderW
SHCreateDirectoryExA
SHCreateDirectoryExW
SHCreateProcessAsUserW
SHEmptyRecycleBinA
SHEmptyRecycleBinW
SHFileOperation
SHFileOperationA
SHFileOperationW
SHFormatDrive
SHFreeNameMappings
SHGetDataFromIDListA
SHGetDataFromIDListW
SHGetDesktopFolder
SHGetDiskFreeSpaceA
SHGetDiskFreeSpaceExA
SHGetFileInfo
SHGetFileInfoA
SHGetFileInfoW
SHGetFolderLocation
SHGetIconOverlayIndexW
SHGetInstanceExplorer
SHGetPathFromIDList
SHGetPathFromIDListA
SHGetPathFromIDListW
SHGetSettings
SHGetSpecialFolderLocation
Shell_NotifyIconW

shlwapi

StrChrIA
StrChrIW
StrChrW
StrCmpNA
StrCmpNIA
StrCmpNIW
StrCmpNW
StrRChrA
StrRChrIA
StrRChrIW
StrRChrW
StrRStrIA
StrRStrIW
StrStrA
StrStrIA
StrStrIW
StrStrW
StrChrA

Sections

.text
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 516B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text7
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text5
Size: 61KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text6
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0fb66024b1e8fc70dde1a535615d6c61

Code Sign

46:ee:15:bb:9a:4e:fa:74:b9:39:db:2c:e7:08:fd:83Certificate

Extended Key Usages

43:8e:71:ca:7a:fb:da:e8:1e:18:61:50:3b:71:d3:db:46:5a:77:92Signer

Signature Validations

Verification

01/12/2022, 14:34 Valid: false

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

shell32

shlwapi

Sections

.text Size: 10KB - Virtual size: 10KB

.data Size: 512B - Virtual size: 516B

.text7 Size: 1024B - Virtual size: 1000B

.text5 Size: 61KB - Virtual size: 61KB

.text6 Size: 2KB - Virtual size: 1KB

.rsrc Size: 6KB - Virtual size: 6KB

.reloc Size: 2KB - Virtual size: 1KB

46:ee:15:bb:9a:4e:fa:74:b9:39:db:2c:e7:08:fd:83
Certificate

43:8e:71:ca:7a:fb:da:e8:1e:18:61:50:3b:71:d3:db:46:5a:77:92
Signer

01/12/2022, 14:34
Valid: false

.text
Size: 10KB - Virtual size: 10KB

.data
Size: 512B - Virtual size: 516B

.text7
Size: 1024B - Virtual size: 1000B

.text5
Size: 61KB - Virtual size: 61KB

.text6
Size: 2KB - Virtual size: 1KB

.rsrc
Size: 6KB - Virtual size: 6KB

.reloc
Size: 2KB - Virtual size: 1KB