372aeca88e3b35cd568708201cda1683e35f4205cab8f411bf611db16bb77c4c

Sharing

Copy URL Twitter E-mail

General

Target

372aeca88e3b35cd568708201cda1683e35f4205cab8f411bf611db16bb77c4c
Size

732KB
MD5

9df0877a6c5c3730851d77a6461e7f6f
SHA1

8743d707b4c6158e34cfeb82449f9d1cc3eb1c6a
SHA256

372aeca88e3b35cd568708201cda1683e35f4205cab8f411bf611db16bb77c4c
SHA512

02eeb037951ed6f5859095677d50f28d4b77c413645dac30866f8f9b26cbf34f28ceb472595b1278b9a508d5bf0a631d549f741c7dd4a3eb9f09b4edf587eadb
SSDEEP

12288:szmI1WPvFdVJwoKX7n5UwTMnXZQdxctasxvIELys64xlEEakkOsMHW3Wyoemf:SmI8Pjk5VMnuUQELyZIlEEakkuHqWZec

Score

N/A

Malware Config

Signatures

Files

372aeca88e3b35cd568708201cda1683e35f4205cab8f411bf611db16bb77c4c
.exe windows x86

68b1bf1633fe0333ff9a77131369bb5b

Code Sign

44:be:0c:8b:50:00:24:b4:11:d3:36:2d:e0:b3:5f:1b
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

09/07/1999, 18:31

Not After

09/07/2019, 18:40

Subject

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment
KeyUsageCertSign
KeyUsageCRLSign

10:70:9d:4f:f5:54:08:d7:30:60:01:d8:ea:91:75:bb
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

24/08/2011, 00:00

Not After

30/05/2020, 10:48

Subject

CN=COMODO Code Signing CA 2,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

13:cc:d8:5e:03:e2:da:ec:7d:11:fd:86:ed:db:f8:da
Certificate

Issuer

CN=COMODO Code Signing CA 2,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

30/07/2013, 00:00

Not After

30/07/2014, 23:59

Subject

CN=Arab Publishers,O=Arab Publishers,POSTALCODE=00961,STREET=Salameh Blg\, Museum str\,,L=Mathaf,ST=Beirut,C=LB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

26:80:45:67:50:81:5b:c8:5e:6b:fc:9b:7c:09:93:eb:5d:c0:f1:7b
Signer

Actual PE Digest

26:80:45:67:50:81:5b:c8:5e:6b:fc:9b:7c:09:93:eb:5d:c0:f1:7b

Digest Algorithm

sha1

PE Digest Matches

true

Signature Validations

Trusted

false

Verification

Signing Certificate

CN=Arab Publishers,O=Arab Publishers,POSTALCODE=00961,STREET=Salameh Blg\, Museum str\,,L=Mathaf,ST=Beirut,C=LB

01/12/2022, 14:34
Valid: false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

oleaut32

SysFreeString
SysReAllocStringLen
SysAllocStringLen

advapi32

RegQueryValueExA
RegOpenKeyExA
RegCloseKey

user32

GetKeyboardType
DestroyWindow
LoadStringA
MessageBoxA
CharNextA
CreateWindowExA
RegisterClassA
MessageBoxA
LoadStringA
LoadIconA
LoadCursorA
GetSystemMetrics
DestroyWindow
DefWindowProcA
CharNextA
CharToOemA

kernel32

GetACP
Sleep
VirtualFree
VirtualAlloc
GetTickCount
QueryPerformanceCounter
GetCurrentThreadId
VirtualQuery
WideCharToMultiByte
MultiByteToWideChar
lstrlenA
lstrcpynA
LoadLibraryExA
GetThreadLocale
GetStartupInfoA
GetProcAddress
GetModuleHandleA
GetModuleFileNameA
GetLocaleInfoA
GetCommandLineA
FreeLibrary
FindFirstFileA
FindClose
ExitProcess
WriteFile
UnhandledExceptionFilter
RtlUnwind
RaiseException
GetStdHandle
TlsSetValue
TlsGetValue
LocalAlloc
GetModuleHandleA
WriteFile
VirtualQuery
Sleep
GetVersionExA
GetThreadLocale
GetStdHandle
GetProcAddress
GetModuleHandleA
GetModuleFileNameA
GetLocaleInfoA
GetDiskFreeSpaceA
GetCPInfo
FreeLibrary
EnumCalendarInfoA
DeleteFileA

gdi32

DeleteObject

Sections

.text
Size: 40KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.itext
Size: 1024B - Virtual size: 628B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 18KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 8B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 676KB - Virtual size: 676KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

68b1bf1633fe0333ff9a77131369bb5b

Code Sign

44:be:0c:8b:50:00:24:b4:11:d3:36:2d:e0:b3:5f:1bCertificate

Extended Key Usages

Key Usages

10:70:9d:4f:f5:54:08:d7:30:60:01:d8:ea:91:75:bbCertificate

Extended Key Usages

Key Usages

13:cc:d8:5e:03:e2:da:ec:7d:11:fd:86:ed:db:f8:daCertificate

Extended Key Usages

Key Usages

26:80:45:67:50:81:5b:c8:5e:6b:fc:9b:7c:09:93:eb:5d:c0:f1:7bSigner

Signature Validations

Verification

01/12/2022, 14:34 Valid: false

Headers

File Characteristics

Imports

oleaut32

advapi32

user32

kernel32

gdi32

Sections

.text Size: 40KB - Virtual size: 40KB

.itext Size: 1024B - Virtual size: 628B

.data Size: 3KB - Virtual size: 2KB

.bss Size: - Virtual size: 18KB

.idata Size: 2KB - Virtual size: 2KB

.tls Size: - Virtual size: 8B

.rdata Size: 512B - Virtual size: 24B

.reloc Size: 3KB - Virtual size: 3KB

.rsrc Size: 676KB - Virtual size: 676KB

44:be:0c:8b:50:00:24:b4:11:d3:36:2d:e0:b3:5f:1b
Certificate

10:70:9d:4f:f5:54:08:d7:30:60:01:d8:ea:91:75:bb
Certificate

13:cc:d8:5e:03:e2:da:ec:7d:11:fd:86:ed:db:f8:da
Certificate

26:80:45:67:50:81:5b:c8:5e:6b:fc:9b:7c:09:93:eb:5d:c0:f1:7b
Signer

01/12/2022, 14:34
Valid: false

.text
Size: 40KB - Virtual size: 40KB

.itext
Size: 1024B - Virtual size: 628B

.data
Size: 3KB - Virtual size: 2KB

.bss
Size: - Virtual size: 18KB

.idata
Size: 2KB - Virtual size: 2KB

.tls
Size: - Virtual size: 8B

.rdata
Size: 512B - Virtual size: 24B

.reloc
Size: 3KB - Virtual size: 3KB

.rsrc
Size: 676KB - Virtual size: 676KB