8ed2861895538120e3a2f386d9e4260be431e8c0e1278b631e2fc6f40e9db9f3

Sharing

Copy URL Twitter E-mail

General

Target

8ed2861895538120e3a2f386d9e4260be431e8c0e1278b631e2fc6f40e9db9f3
Size

173KB
MD5

c0bac4c209e6cb0546e2350157028344
SHA1

7cde9107146aef54323a6d741d7eb9b09dec08f4
SHA256

8ed2861895538120e3a2f386d9e4260be431e8c0e1278b631e2fc6f40e9db9f3
SHA512

e15f536c6651744fa8859ab9bc778d020b3e7a9ccf8a3a46a8efb08b0c89fb90830bcfe2576bb09220e077e2026d8d50bd23389f5d04b033b8dcf538455a8297
SSDEEP

3072:sI0TlIElBNfmRxBFWk1oCVoPLlAc70+mNiYsR9PvVTkl4sXl7uoHkpKKUh:sI05IEl7fmRjFW3PBAcQ+mrsRUxapKb

Score

N/A

Malware Config

Signatures

Files

8ed2861895538120e3a2f386d9e4260be431e8c0e1278b631e2fc6f40e9db9f3
.exe windows x86

929ebce196ba54f4b5beea260eb08c24

Code Sign

40:63:aa:a3:eb:98:8e:6e:b2:9a:f7:9e:a0:c1:93:33
Certificate

Issuer

CN=erqwerqwert23623

Not Before

05/03/2012, 06:09

Not After

31/12/2039, 23:59

Subject

CN=erqwerqwert23623

Extended Key Usages

ExtKeyUsageCodeSigning

ae:2c:a9:43:e9:34:78:9a:03:b3:7d:70:98:73:25:c3:11:c1:c9:ef
Signer

Actual PE Digest

ae:2c:a9:43:e9:34:78:9a:03:b3:7d:70:98:73:25:c3:11:c1:c9:ef

Digest Algorithm

sha1

PE Digest Matches

false

Signature Validations

Trusted

false

Verification

Signing Certificate

CN=erqwerqwert23623

01/12/2022, 14:34
Valid: false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

InterlockedCompareExchange
GetCommState
lstrcpyA
lstrlenA
GetWindowsDirectoryA
LoadLibraryA
GetProcAddress
CreateFileA
VirtualAlloc

user32

AnyPopup
AppendMenuA
ArrangeIconicWindows
ChangeDisplaySettingsExA
ChangeDisplaySettingsExW
ChangeDisplaySettingsW
CharUpperA
ChildWindowFromPointEx
ClipCursor
CreateDialogIndirectParamA
CreateMenu
CreatePopupMenu
DdeAddData
DdeConnectList
DdeGetData
DefMDIChildProcW
DefWindowProcA
DeregisterShellHookWindow
DialogBoxIndirectParamW
DlgDirSelectComboBoxExA
DragObject
DrawAnimatedRects
DrawCaption
DrawFrame
DrawMenuBar
DrawStateW
DrawTextA
DrawTextW
EnableMenuItem
EndMenu
EndPaint
EnumDisplaySettingsA
EnumDisplaySettingsW
EnumPropsExW
FlashWindowEx
FreeDDElParam
GetAncestor
GetClassLongW
GetClassNameW
GetClipboardSequenceNumber
GetClipboardViewer
GetDCEx
GetDlgItemInt
GetKeyNameTextW
GetKeyboardState
GetMenuItemInfoA
GetMenuStringA
GetScrollBarInfo
GetTitleBarInfo
GetWindowRect
GetWindowTextW
GetWindowWord
HiliteMenuItem
InSendMessage
InSendMessageEx
InsertMenuItemA
InvalidateRect
IsCharAlphaA
IsCharUpperA
IsClipboardFormatAvailable
LoadBitmapW
LoadMenuIndirectW
LockSetForegroundWindow
LookupIconIdFromDirectory
MessageBoxExW
MoveWindow
OemToCharBuffA
OpenIcon
PostQuitMessage
RealGetWindowClass
RegisterWindowMessageA
RemovePropW
ScrollDC
SendNotifyMessageW
SetCapture
SetClipboardData
SetCursorPos
SetDebugErrorLevel
SetDeskWallpaper
SetDlgItemInt
SetDlgItemTextA
SetDoubleClickTime
SetMenuInfo
SetProcessDefaultLayout
SetProcessWindowStation
SetPropA
SetShellWindow
SetUserObjectInformationA
SetWindowContextHelpId
SetWindowsHookExW
ShowOwnedPopups
SwapMouseButton
ToUnicodeEx
UnregisterDeviceNotification

ole32

CLSIDFromProgIDEx
CoAddRefServerProcess
CoBuildVersion
CoDeactivateObject
CoDisableCallCancellation
CoEnableCallCancellation
CoFileTimeNow
CoFreeAllLibraries
CoFreeUnusedLibraries
CoGetClassObject
CoGetInstanceFromIStorage
CoGetInterfaceAndReleaseStream
CoGetStdMarshalEx
CoGetTreatAsClass
CoInitializeEx
CoInitializeSecurity
CoMarshalHresult
CoQueryAuthenticationServices
CoQueryReleaseObject
CoReactivateObject
CoRegisterClassObject
CoRegisterPSClsid
CoRegisterSurrogateEx
CoResumeClassObjects
CoRevokeClassObject
CoRevokeMallocSpy
CoSetCancelObject
CoSetProxyBlanket
CoTaskMemFree
CreateBindCtx
CreateDataAdviseHolder
CreateFileMoniker
CreateGenericComposite
CreateItemMoniker
DcomChannelSetHResult
DllDebugObjectRPCHook
DllGetClassObjectWOW
GetHGlobalFromStream
HBRUSH_UserFree
HDC_UserMarshal
HENHMETAFILE_UserFree
HGLOBAL_UserUnmarshal
HICON_UserMarshal
HMETAFILEPICT_UserFree
HMETAFILEPICT_UserMarshal
HMETAFILE_UserFree
HMETAFILE_UserMarshal
HWND_UserSize
IsAccelerator
MkParseDisplayName
MonikerRelativePathTo
OleConvertOLESTREAMToIStorageEx
OleCreateFromFile
OleCreateLink
OleCreateLinkFromDataEx
OleCreateLinkToFileEx
OleCreateMenuDescriptor
OleCreateStaticFromData
OleGetClipboard
OleIsRunning
OleLockRunning
OleNoteObjectVisible
OleRegEnumVerbs
OleRegGetUserType
OleSave
OleSetContainedObject
OleSetMenuDescriptor
PropVariantCopy
ReadClassStm
ReadOleStg
SNB_UserMarshal
STGMEDIUM_UserMarshal
StgCreateDocfile
StgCreateDocfileOnILockBytes
StgIsStorageFile
StgOpenPropStg
StringFromGUID2
StringFromIID
UtConvertDvtd32toDvtd16
UtGetDvtd16Info
UtGetDvtd32Info
WriteStringStream

Sections

.text
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 980B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 158KB - Virtual size: 157KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text2
Size: 1024B - Virtual size: 800B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

929ebce196ba54f4b5beea260eb08c24

Code Sign

40:63:aa:a3:eb:98:8e:6e:b2:9a:f7:9e:a0:c1:93:33Certificate

Extended Key Usages

ae:2c:a9:43:e9:34:78:9a:03:b3:7d:70:98:73:25:c3:11:c1:c9:efSigner

Signature Validations

Verification

01/12/2022, 14:34 Valid: false

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

ole32

Sections

.text Size: 9KB - Virtual size: 8KB

.data Size: 1024B - Virtual size: 980B

.text Size: 158KB - Virtual size: 157KB

.text2 Size: 1024B - Virtual size: 800B

.reloc Size: 2KB - Virtual size: 1KB

40:63:aa:a3:eb:98:8e:6e:b2:9a:f7:9e:a0:c1:93:33
Certificate

ae:2c:a9:43:e9:34:78:9a:03:b3:7d:70:98:73:25:c3:11:c1:c9:ef
Signer

01/12/2022, 14:34
Valid: false

.text
Size: 9KB - Virtual size: 8KB

.data
Size: 1024B - Virtual size: 980B

.text
Size: 158KB - Virtual size: 157KB

.text2
Size: 1024B - Virtual size: 800B

.reloc
Size: 2KB - Virtual size: 1KB