Static task
static1
Behavioral task
behavioral1
Sample
9d4643501b7eebf75e4933b59ce0308d8507f28ee305581563ae52be6dd9a24d.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
9d4643501b7eebf75e4933b59ce0308d8507f28ee305581563ae52be6dd9a24d.exe
Resource
win10v2004-20220901-en
General
-
Target
9d4643501b7eebf75e4933b59ce0308d8507f28ee305581563ae52be6dd9a24d
-
Size
27KB
-
MD5
0f54a2cc05da33362187b695bdc39637
-
SHA1
d825cfcbff13de2ecf7e9ca3bb1194a89b57a78c
-
SHA256
9d4643501b7eebf75e4933b59ce0308d8507f28ee305581563ae52be6dd9a24d
-
SHA512
2acd8cb19ab092e9fb2a422a74c29c4f3e452ff613c8c5038e31c3ddda687ec77c93dd97d2009b7033b3f61177d6eb452113357e44a19730b0bf95f7f5afbc30
-
SSDEEP
768:lzus97usM9S6mAzbMIdgQZgFOcxvBr4TeCZ:ws9Ks2DkWgQ2FOeqyG
Malware Config
Signatures
Files
-
9d4643501b7eebf75e4933b59ce0308d8507f28ee305581563ae52be6dd9a24d.exe windows x86
Code Sign
11:af:28:14:42:7f:82:ba:46:04:40:ca:66:6c:74:95Certificate
IssuerCN=Qizhi Software (beijing) Co. LtdNot Before31/12/2007, 16:00Not After31/12/9998, 16:00SubjectCN=Qizhi Software (beijing) Co. Ltd04:98:df:7e:d8:76:2d:c4:73:22:db:1b:11:a1:c6:c5:1a:56:56:fcSigner
Actual PE Digest04:98:df:7e:d8:76:2d:c4:73:22:db:1b:11:a1:c6:c5:1a:56:56:fcDigest Algorithmsha1PE Digest MatchesfalseSignature Validations
TrustedfalseVerification
Signing CertificateCN=Qizhi Software (beijing) Co. Ltd01/12/2022, 14:34 Valid: false
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI
Sections
.text Size: 25KB - Virtual size: 28KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
������ Size: 40B - Virtual size: 40B
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE