e144ab97b8bb3bd40fdf5fe0c831547a66dff3565294c1e7b212dde1b5691160

Sharing

Copy URL Twitter E-mail

General

Target

e144ab97b8bb3bd40fdf5fe0c831547a66dff3565294c1e7b212dde1b5691160
Size

325KB
MD5

f38dbed037ca785258249e33678db228
SHA1

0f5ea429002c5120757b62273ace235adf070063
SHA256

e144ab97b8bb3bd40fdf5fe0c831547a66dff3565294c1e7b212dde1b5691160
SHA512

6fa34e33a4deaef9aa8f4619a57f7f1e63923a8a41404609a7495973d3a1d3cf6a6c6f58ec28e464766139df76a1598dde6dded2f78d95b45b3ed94343ca7dd3
SSDEEP

6144:9Hm9i62l2VXsfKU7sEhpFrQTPw/BdLkzcacqYKDTFj91ub:Rmt12KIsOnQTPw/BZkwjKDTFp4b

Score

N/A

Malware Config

Signatures

Files

e144ab97b8bb3bd40fdf5fe0c831547a66dff3565294c1e7b212dde1b5691160
.exe windows x86

72f651af851c28f737bc4afed4018372

Code Sign

6a:a1:39:0b:b8:12:1d:58:b7:12:07:8e:ed:b4:09:fa
Certificate

Issuer

CN=Root Agency

Not Before

25/10/2011, 11:37

Not After

31/12/2039, 23:59

Subject

CN=Joe's-Software-Emporium

5b:35:1f:78:b0:36:44:39:9a:e1:f9:d3:68:a0:d4:d4:b2:75:e6:9e
Signer

Actual PE Digest

5b:35:1f:78:b0:36:44:39:9a:e1:f9:d3:68:a0:d4:d4:b2:75:e6:9e

Digest Algorithm

sha1

PE Digest Matches

true

Signature Validations

Trusted

false

Verification

Signing Certificate

CN=Joe's-Software-Emporium

01/12/2022, 14:34
Valid: false

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

opengl32

glCallList
glScissor
glFlush
glFrustum
glColor4fv
glRasterPos3f
glPolygonMode
glMap2f
glLoadMatrixd
glColor3sv
glGetMaterialiv
glTexParameterf
glCullFace
glBindTexture
glCallLists
glDrawPixels
glTexEnvi
glMultMatrixf
glCopyTexImage1D
glTexCoord1s
glColor3ui
glTexGeniv
glTexCoord4dv
glTexCoord2s
glIndexiv
glPopName
glTexCoord1i
glInterleavedArrays
glTexCoord3fv
glColor4f
glEnd
glLineWidth
glVertex4d

glu32

gluErrorUnicodeStringEXT
gluDeleteTess
gluDeleteQuadric
gluQuadricOrientation
gluScaleImage
gluCylinder
gluGetString
gluBuild1DMipmaps
gluTessBeginContour
gluBuild2DMipmaps
gluNurbsSurface
gluTessBeginPolygon
gluTessProperty
gluErrorString
gluTessNormal

user32

GetDesktopWindow
EnumChildWindows
SetWindowTextA
EndDialog
ShowWindow
GetWindowThreadProcessId
SendDlgItemMessageA
SetParent
GetDialogBaseUnits
IsIconic
DefDlgProcA
DialogBoxParamA
SetWindowPos
IsWindowVisible
AdjustWindowRectEx
CreateWindowExA
AdjustWindowRect
BeginDeferWindowPos
DialogBoxIndirectParamA
SetSysColors
MessageBoxIndirectA
ShowOwnedPopups
CascadeWindows
DestroyWindow
wsprintfA
IsCharUpperA
CharNextExA
IsCharAlphaA
OemToCharA

ole32

CoGetPSClsid
CoGetStandardMarshal
CoAddRefServerProcess
CoTaskMemRealloc
CoCreateFreeThreadedMarshaler
CoLockObjectExternal
CoReleaseServerProcess
CoGetStdMarshalEx
GetClassFile
CoRevokeClassObject
CoRegisterClassObject
OleDoAutoConvert
CoFileTimeToDosDateTime
OleGetAutoConvert
ProgIDFromCLSID
CoGetClassObject
CoMarshalHresult
CoDosDateTimeToFileTime
CoMarshalInterface
CoUnmarshalInterface
BindMoniker
CoInitialize
CoGetObject

comctl32

ord8
ord3
DrawStatusTextW
ord2
InitCommonControlsEx
ord5
CreateToolbarEx
ord4
UninitializeFlatSB
ord6
ord17
CreateStatusWindowW
ord15
PropertySheetW
CreatePropertySheetPageW
CreatePropertySheetPageA

urlmon

CreateFormatEnumerator

shlwapi

StrCSpnA
StrCmpNA
StrRChrIW
StrChrW
StrRStrIW
StrCSpnW

msvcrt

_exit
_XcptFilter
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp

kernel32

GlobalReAlloc
GlobalFlags
HeapWalk
GetUserDefaultLCID
VirtualProtectEx
IsBadCodePtr
GlobalUnlock
VirtualQueryEx
LocalUnlock
GetDateFormatA
VirtualLock
InitializeCriticalSection
GetProcessHeap
GetStringTypeW
SetLocaleInfoA
GetACP
LCMapStringA
GetStartupInfoA
GetModuleHandleA
VirtualAlloc
ExitProcess
GetProcAddress
GetCPInfo
GetOverlappedResult

Sections

.text
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 286KB - Virtual size: 652KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

72f651af851c28f737bc4afed4018372

Code Sign

6a:a1:39:0b:b8:12:1d:58:b7:12:07:8e:ed:b4:09:faCertificate

5b:35:1f:78:b0:36:44:39:9a:e1:f9:d3:68:a0:d4:d4:b2:75:e6:9eSigner

Signature Validations

Verification

01/12/2022, 14:34 Valid: false

Headers

File Characteristics

Imports

opengl32

glu32

user32

ole32

comctl32

urlmon

shlwapi

msvcrt

kernel32

Sections

.text Size: 17KB - Virtual size: 16KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 286KB - Virtual size: 652KB

.rsrc Size: 16KB - Virtual size: 15KB

6a:a1:39:0b:b8:12:1d:58:b7:12:07:8e:ed:b4:09:fa
Certificate

5b:35:1f:78:b0:36:44:39:9a:e1:f9:d3:68:a0:d4:d4:b2:75:e6:9e
Signer

01/12/2022, 14:34
Valid: false

.text
Size: 17KB - Virtual size: 16KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 286KB - Virtual size: 652KB

.rsrc
Size: 16KB - Virtual size: 15KB