f597f9a293090bfe9d6730e68701dc4caadfb74e9b94ccd2611563ffeff4e9fe

Sharing

Copy URL Twitter E-mail

General

Target

f597f9a293090bfe9d6730e68701dc4caadfb74e9b94ccd2611563ffeff4e9fe
Size

89KB
MD5

19002e50893e18a591c4f4492c61cba8
SHA1

e63de353d57a9f80c63c4674cff3d269080e353d
SHA256

f597f9a293090bfe9d6730e68701dc4caadfb74e9b94ccd2611563ffeff4e9fe
SHA512

dacbf715ed79fbb06a9ad64ea76bdafb7422fe371d7de150294e212b1afe1a7437a4ee65ae770234135798bb68ea3768d13ee875d8108230fe1ac7884b48af4c
SSDEEP

1536:E8ZCCNJsdtIK9RlgxkRqT5LXKaDmYBRl9mH4:EM079RlEeIKmBRl9mH4

Score

N/A

Malware Config

Signatures

Files

f597f9a293090bfe9d6730e68701dc4caadfb74e9b94ccd2611563ffeff4e9fe
.exe windows x86

aa8a3ece031725b169d76df117d4c489

Code Sign

08:be:f3:f0:09:88:ef:b6:44:43:fe:2b:a7:9b:51:b9
Certificate

Issuer

CN=VeriSign Time Stamping Services Signer - G2

Not Before

19/05/2011, 14:36

Not After

31/12/2039, 23:59

Subject

CN=ShenZhen Thunder Networking Technologies Ltd

47:b8:4b:b6:bb:42:e9:64:02:5b:fa:87:81:bd:54:0d:9a:d6:53:a5
Signer

Actual PE Digest

47:b8:4b:b6:bb:42:e9:64:02:5b:fa:87:81:bd:54:0d:9a:d6:53:a5

Digest Algorithm

sha1

PE Digest Matches

false

Signature Validations

Trusted

false

Verification

Signing Certificate

CN=ShenZhen Thunder Networking Technologies Ltd

01/12/2022, 14:34
Valid: false

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
lstrcmpiA
GetCurrentProcess
ExitProcess
WinExec
WriteFile
CreateFileA
lstrcpyA
GetModuleFileNameA
CreateThread
GetCurrentThreadId
GetProcAddress
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
MultiByteToWideChar
SetStdHandle
ReadFile
SetEndOfFile
GetOEMCP
GetACP
GetCPInfo
FindResourceA
LoadResource
GetWindowsDirectoryA
lstrcatA
SetFilePointer
CloseHandle
FreeResource
Sleep
RtlUnwind
RaiseException
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
HeapFree
SetUnhandledExceptionFilter
TerminateProcess
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
HeapAlloc
VirtualAlloc
HeapReAlloc
IsBadWritePtr
GetLastError
IsBadReadPtr
IsBadCodePtr
FlushFileBuffers

user32

GetInputState
PostThreadMessageA
GetMessageA
PostMessageA
GetDesktopWindow
GetTopWindow
GetWindow
GetClassNameA
GetWindowTextA
ShowWindow
FindWindowExA

advapi32

LookupPrivilegeValueA
OpenProcessToken
AdjustTokenPrivileges

crypt32

CertAddCertificateContextToStore
CertCreateCertificateContext
CertOpenStore
CertOpenSystemStoreA

Sections

.text
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 44KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

aa8a3ece031725b169d76df117d4c489

Code Sign

08:be:f3:f0:09:88:ef:b6:44:43:fe:2b:a7:9b:51:b9Certificate

47:b8:4b:b6:bb:42:e9:64:02:5b:fa:87:81:bd:54:0d:9a:d6:53:a5Signer

Signature Validations

Verification

01/12/2022, 14:34 Valid: false

Headers

File Characteristics

Imports

kernel32

user32

advapi32

crypt32

Sections

.text Size: 24KB - Virtual size: 23KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 12KB - Virtual size: 15KB

.rsrc Size: 44KB - Virtual size: 41KB

08:be:f3:f0:09:88:ef:b6:44:43:fe:2b:a7:9b:51:b9
Certificate

47:b8:4b:b6:bb:42:e9:64:02:5b:fa:87:81:bd:54:0d:9a:d6:53:a5
Signer

01/12/2022, 14:34
Valid: false

.text
Size: 24KB - Virtual size: 23KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 12KB - Virtual size: 15KB

.rsrc
Size: 44KB - Virtual size: 41KB