827b2c7d8fad56ad7f78eb70b8aa3fb56ea87a8972e4e785ec2af6a95130cd60

Sharing

Copy URL

Twitter E-mail

General

Target

827b2c7d8fad56ad7f78eb70b8aa3fb56ea87a8972e4e785ec2af6a95130cd60
Size

25KB
MD5

952464d3d455c67ccf14095e305408e1
SHA1

9f100562bbf39636fc7abbd6602b81362dac5a05
SHA256

827b2c7d8fad56ad7f78eb70b8aa3fb56ea87a8972e4e785ec2af6a95130cd60
SHA512

7b06c04ada05fc139ce391355eea9fbc5392e69345939a6070aa56a7832c2c65b7fcb57fc8721f7a650dce4bc6dd37bb04cf94ad605e30a0492e95e570857677
SSDEEP

384:dDbvmnaBDdhbKg5Eeq69WJs+5pQI5Voy4Ghh44WieZW1y7:dDqcJ5KEjDWJJ5pQs2yvhh7eL

Score

N/A

Malware Config

Signatures

Files

827b2c7d8fad56ad7f78eb70b8aa3fb56ea87a8972e4e785ec2af6a95130cd60
.exe windows x86

4e58b69391d35d70bb5e4324fe306868

Code Sign

78:64:b8:3d:5e:1c:99:46:b0:af:fb:7b:34:75:94:ca
Certificate

Issuer

CN=55121212512

Not Before

14-02-2012 04:59

Not After

31-12-2039 23:59

Subject

CN=55121212512

Extended Key Usages

ExtKeyUsageCodeSigning

7b:d8:03:01:04:ef:bb:3b:82:c0:79:7d:7c:1f:6e:39:00:c1:9a:f1
Signer

Actual PE Digest

7b:d8:03:01:04:ef:bb:3b:82:c0:79:7d:7c:1f:6e:39:00:c1:9a:f1

Digest Algorithm

sha1

PE Digest Matches

true

Signature Validations

Trusted

false

Verification

Signing Certificate

CN=55121212512

01-12-2022 14:34
Valid: false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetSystemDefaultLangID
GetSystemInfo
GetSystemPowerStatus
GetUserDefaultLangID
GetUserDefaultUILanguage
GetVolumePathNameA
GlobalAddAtomA
GlobalHandle
GlobalLock
HeapCompact
InitializeCriticalSectionAndSpinCount
InterlockedIncrement
IsDBCSLeadByte
IsDebuggerPresent
IsValidCodePage
LoadResource
LocalUnlock
LockResource
MoveFileW
MoveFileWithProgressA
MoveFileWithProgressW
OpenFileMappingW
OpenWaitableTimerA
QueryDosDeviceW
ReadConsoleOutputCharacterW
ReleaseSemaphore
RtlFillMemory
RtlUnwind
RtlZeroMemory
ScrollConsoleScreenBufferA
SetCommConfig
SetComputerNameExA
SetConsoleActiveScreenBuffer
GetShortPathNameW
SetCurrentDirectoryA
SetCurrentDirectoryW
SetDefaultCommConfigW
SetEnvironmentVariableW
SetErrorMode
SetFilePointer
SetFilePointerEx
SetLastError
SetPriorityClass
SetProcessShutdownParameters
SetTapePosition
SetThreadLocale
SetThreadPriority
SizeofResource
Sleep
SystemTimeToFileTime
Toolhelp32ReadProcessMemory
TryEnterCriticalSection
VerifyVersionInfoA
WaitForSingleObject
WaitNamedPipeW
WriteConsoleOutputAttribute
WriteFile
WritePrivateProfileSectionA
WriteProcessMemory
_lcreat
_lopen
lstrcatW
lstrcmpW
lstrcpyn
lstrcpynW
GetShortPathNameA
GetProfileStringW
GetProfileSectionA
GetProcessTimes
GetProcessHeaps
GetPrivateProfileStructA
GetPrivateProfileSectionW
GetPrivateProfileSectionNamesW
GetPrivateProfileIntW
GetNumberFormatW
GetModuleFileNameW
GetModuleFileNameA
GetLocaleInfoA
GetLastError
GetLargestConsoleWindowSize
GetFullPathNameA
GetFileAttributesW
GetFileAttributesExA
GetDriveTypeA
GetCurrentThreadId
GetCurrencyFormatA
GetConsoleMode
GetConsoleFontSize
GetConsoleDisplayMode
GetConsoleCP
GetComputerNameExW
GetComputerNameExA
GetCommState
GetCommModemStatus
GetModuleHandleA
GetAtomNameA
GetACP
FoldStringA
FlushInstructionCache
FindResourceA
FindNextFileW
FindNextFileA
FindNextChangeNotification
FillConsoleOutputCharacterA
FileTimeToLocalFileTime
FileTimeToDosDateTime
ExpandEnvironmentStringsW
EnumSystemLocalesW
EnumSystemLanguageGroupsW
EnumSystemLanguageGroupsA
EnumSystemCodePagesA
EnumLanguageGroupLocalesA
EnumDateFormatsExW
EnterCriticalSection
DnsHostnameToComputerNameA
DeleteFiber
CreateTimerQueue
CreateSemaphoreW
CreateMutexA
CreateJobObjectW
CreateFileW
CreateFileA
CreateDirectoryW
CreateDirectoryExA
CreateConsoleScreenBuffer
ConvertThreadToFiber
ConnectNamedPipe
CommConfigDialogA
CancelDeviceWakeupRequest
BindIoCompletionCallback
BackupRead
AllocateUserPhysicalPages
AddConsoleAliasW
GetProcAddress
SetConsoleTitleA

msvcrt

memset

user32

LoadBitmapA

advapi32

RegOpenKeyExA

oleaut32

VarDecAdd
VarDecFix
VarDecFromDisp
VarDecFromI4
VarDecFromR8
VarDecMul
VarEqv
VarFix
VarFormat
VarFormatFromTokens
VarI1FromDate
VarI1FromDec
VarI1FromI2
VarI1FromR4
VarI1FromR8
VarI1FromUI1
VarI2FromBool
VarI2FromCy
VarI2FromUI1
VarI4FromBool
VarI4FromDate
VarI4FromDec
VarI4FromDisp
VarI4FromI1
VarI4FromI2
VarI4FromR8
VarI4FromStr
VarIdiv
VarNeg
VarNumFromParseNum
VarOr
VarParseNumFromStr
VarR4FromDec
VarR4FromI4
VarR4FromR8
VarR4FromUI2
VarR4FromUI4
VarR8FromDisp
VarR8FromI4
VarR8FromUI2
VarR8Pow
VarUI1FromDate
VarUI1FromI2
VarUI1FromI4
VarUI1FromUI2
VarUI4FromBool
VarUI4FromDec
VarUI4FromR4
VarUI4FromR8
VarUI4FromStr
VariantCopy
VariantCopyInd
VariantInit
VariantTimeToSystemTime
VectorFromBstr
VarDecAbs
VarDateFromUI1
VarDateFromI4
VarDateFromI2
VarDateFromDisp
VarDateFromBool
VarCyMul
VarCyInt
VarCyFromUI2
VarCyFromUI1
VarCyFromR4
VarCyFromI4
VarCyFromDate
VarCyFromBool
VarCat
VarBstrFromUI4
VarBstrFromR8
VarBstrFromI2
VarBstrFromI1
VarBstrFromDec
VarBstrFromDate
VarBstrFromCy
VarBstrCat
VarBoolFromUI1
VarBoolFromI2
VarBoolFromDisp
SystemTimeToVariantTime
SysStringLen
SysStringByteLen
SysReAllocStringLen
SetErrorInfo
SafeArraySetIID
SafeArrayPutElement
SafeArrayGetRecordInfo
SafeArrayGetElemsize
SafeArrayDestroyDescriptor
SafeArrayCreateVectorEx
SafeArrayCreateVector
SafeArrayCreate
SafeArrayCopyData
RevokeActiveObject
QueryPathOfRegTypeLi
OleLoadPictureEx
OleCreatePropertyFrameIndirect
OleCreateFontIndirect
OaBuildVersion
LoadTypeLibEx
LoadTypeLi
LoadRegTypeLi
LPSAFEARRAY_UserUnmarshal
LPSAFEARRAY_UserMarshal
LHashValOfNameSysA
LHashValOfNameSys
GetErrorInfo
GetActiveObject
DosDateTimeToVariantTime
DispGetParam
DispGetIDsOfNames
CreateErrorInfo
CreateDispTypeInfo
BstrFromVector
BSTR_UserMarshal
BSTR_UserFree
SafeArrayCopy

imm32

ImmConfigureIMEW
ImmCreateContext
ImmCreateIMCC
ImmCreateSoftKeyboard
ImmDestroyContext
ImmDisableIME
ImmEnumInputContext
ImmEnumRegisterWordA
ImmEnumRegisterWordW
ImmEscapeA
ImmGenerateMessage
ImmGetCandidateListA
ImmGetCandidateListCountA
ImmGetCandidateListCountW
ImmGetCandidateListW
ImmGetCandidateWindow
ImmGetCompositionFontA
ImmGetCompositionFontW
ImmGetCompositionStringA
ImmGetCompositionStringW
ImmGetCompositionWindow
ImmGetContext
ImmGetConversionListA
ImmGetConversionListW
ImmGetConversionStatus
ImmGetDefaultIMEWnd
ImmGetDescriptionA
ImmGetGuideLineA
ImmGetGuideLineW
ImmGetIMCCLockCount
ImmConfigureIMEA
ImmGetIMCLockCount
ImmGetIMEFileNameA
ImmGetIMEFileNameW
ImmGetImeMenuItemsA
ImmGetImeMenuItemsW
ImmGetOpenStatus
ImmGetProperty
ImmGetRegisterWordStyleW
ImmGetStatusWindowPos
ImmGetVirtualKey
ImmInstallIMEA
ImmInstallIMEW
ImmIsIME
ImmIsUIMessageA
ImmIsUIMessageW
ImmLockIMC
ImmLockIMCC
ImmRegisterWordA
ImmRegisterWordW
ImmReleaseContext
ImmRequestMessageA
ImmRequestMessageW
ImmSetCompositionFontA
ImmSetCompositionFontW
ImmSetCompositionStringA
ImmSetCompositionStringW
ImmSetCompositionWindow
ImmSetConversionStatus
ImmSetHotKey
ImmSetOpenStatus
ImmGetIMCCSize
ImmSetStatusWindowPos
ImmShowSoftKeyboard
ImmUnlockIMC
ImmUnregisterWordW
ImmAssociateContext

Sections

.text
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text1
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text2
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 92B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text3
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4e58b69391d35d70bb5e4324fe306868

Code Sign

78:64:b8:3d:5e:1c:99:46:b0:af:fb:7b:34:75:94:caCertificate

Extended Key Usages

7b:d8:03:01:04:ef:bb:3b:82:c0:79:7d:7c:1f:6e:39:00:c1:9a:f1Signer

Signature Validations

Verification

01-12-2022 14:34 Valid: false

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

msvcrt

user32

advapi32

oleaut32

imm32

Sections

.text Size: 8KB - Virtual size: 8KB

.text1 Size: 2KB - Virtual size: 1KB

.text2 Size: 8KB - Virtual size: 8KB

.data Size: 512B - Virtual size: 92B

.text3 Size: 1024B - Virtual size: 1000B

.rsrc Size: 3KB - Virtual size: 2KB

78:64:b8:3d:5e:1c:99:46:b0:af:fb:7b:34:75:94:ca
Certificate

7b:d8:03:01:04:ef:bb:3b:82:c0:79:7d:7c:1f:6e:39:00:c1:9a:f1
Signer

01-12-2022 14:34
Valid: false

.text
Size: 8KB - Virtual size: 8KB

.text1
Size: 2KB - Virtual size: 1KB

.text2
Size: 8KB - Virtual size: 8KB

.data
Size: 512B - Virtual size: 92B

.text3
Size: 1024B - Virtual size: 1000B

.rsrc
Size: 3KB - Virtual size: 2KB