cd66b7d8c53d4fd8cb350fa383ed9490d587aaf167f62ce389af58f7f6d0b037

Sharing

Copy URL Twitter E-mail

General

Target

cd66b7d8c53d4fd8cb350fa383ed9490d587aaf167f62ce389af58f7f6d0b037
Size

288KB
MD5

a5313e9ea33e91032a09e4297d8f821b
SHA1

ab8cb088e6dcd346f4b8375996f709f76ef89270
SHA256

cd66b7d8c53d4fd8cb350fa383ed9490d587aaf167f62ce389af58f7f6d0b037
SHA512

10eee0bb2e80dd1ae10ef3fc3ca1863ce2b3ef86cf805122d041f712eca63afe8b6b6a230ebe9029949ae77d0af42865032621da091d2e5d42876432dba958ec
SSDEEP

6144:PQgPMjj2UoEA4fE9vbppCJz1BfsR/5CEIHK3j/:IgEjj274clQJYdK0r

Score

N/A

Malware Config

Signatures

Files

cd66b7d8c53d4fd8cb350fa383ed9490d587aaf167f62ce389af58f7f6d0b037
.exe windows x86

601db19cceb9d822e7c42d46e21abb91

Code Sign

2b:3e:ce:43:49:e5:e9:bb:43:b8:1f:91:45:53:d4:b0
Certificate

Issuer

CN=jhjkkkkkkkkkkkkkkkkkkkkkkkkkkkk D6Fe16q4yMwpwCc pDKmCrkt5LukAMDaGED6nGnnaI1fnc3awGGlpJ uEuGMoEgki5JJr ueJLL4AaJduLmifzInbyGbx4lzL395Do pAdnto8n9g2ICirqyFxAvhLqxGdp15LsAnH9hluIjIJrGsKAhru4ueHEhHm3w6r8 DGd2CBqsye m4dMFakcfL2mhycKi6udeaoIpc4h7bHEAzDg89wyBq2q42h33qrjmKisgefhHeGfkCzrq84H696Jjncl2n7EgeppEE n14v94KDba7FJbwHcdrbtaLfGirpjifg52JBsDw47s9gHlI7HaFffIDAvsa1hM8rvuGB1E6eJ qmA4k4 mkhjleICmAgajk8gi3io5BB6Eu fz15f4qBaLbjnF9bi5m7nr6ysmarBMoIotGK6rzp6jB1yAsKCmog3ecbjBvJvd8Hl8gbgswaEKpfhc7s4a8kKKkDCmaCLv71xFh71ckCJs3rftJ4cH9qsfH9FF51DaD1pt7HLoptM4ubtLH8jI2idlqqB8dd1kbq5Fpa928r C3gkx6wBgq9s2gg2Kb1Ja8iMD67hE4Kvg9aGhC1h6bhDEolJGgsIJyc4Eg I3EmjGqjFAmqt12cann7h8GqzL5Ar3es9Hwi4nK4F3salM lCAIhn86ta 6FC9Ecuocpa5Iq6wK2MhmCg2tmIiCGCnx9cIyyfJ2fsnxGjBg97mBdi4umrx1oqm2waHiAMtoCr1GG5txMLyDBimam4Ma2uD5biuFctIcokEgrlAM9jkCC3w6hmflCF6Gf7ouaHfKuI2n3uCbLr6drM7h43mjr5KGjpp7yfm3 bjjgCav4chILhHEbyJ aKz6z4qp6HfI1Ej8Eduro5evuM5r74329g43g5mKGlKqKlexBj2vxMHAB2KDzgBt86axGiKfFn44GDtirjz8rBJCqew6sMcCyff3p7sj4ouKMBApooIxJk8vCJmDD bkLrByHlz1tCnJ a8pyFG9Lm6yM6L2gzocjptm 4stAq43rcGzntd1bxq5hIE6xoz42dJnCiMIz9qpGeMhe5A6wepv 2yhDzsc HEtCaudCFKIeM sBr3csahuw5m4Au4z5keInEBIKDx53mEmt3Gl8BxMulGJDBKMy3otyMhl8Fvd9cbAqxtac2IvG 5wlfhtFAvM32AEKqHp5ig9lpz8Lmhbv2sJc3d1x3iepjArLFxAmfMIb4dH6rIFLsyxeLziuh44tmstmeomnMvcIIw hcIJ7JG8K rHd4rDk Hv5Hbdk4r9tc47mgJkIjKxLM1nbq8sKm2HgpGGqt8rmKK32gB2vl7lr1KAkFlu5h agx1 7xruz8xBwgn9mp1 bB27EDptKu9bnBpdc3rj1yAKdMop7F4f9Ctnra9lz6Icy6KEeg9HJCAkqe KjurMIqwBzx8l5fAeMADnjjw53geeM4yd89KrICEjtpfgrB6ekH ezy7u9lHwyl2dn4M3Bl3zoEra6jdFLaescvvj9KC8hwJjsh3xpqF7Dvrvg62enkD5zaIEspJxap4881wnlyBsDCzpnb5yxDqBuKna9zcLJ263gfD1HA2sx5FanIF3ii5fc39uaHr x2gIMssqx tnmFDmiyDEnIkt1Jw4HJ78fsi3CLwcMC22G1vjB7h2IBh 96CainkiM9Jtp D2hIo6qJpt4J1d25L6jcLbcAGadI2d95Ed1BKFIuzEcy7zLyDewfrJJoMpfMnmpBqku5Fujz9Fmjlag7nu8wnHzdw965qwDvAeIxrxbKMmf1bxru2sFthMDo8fKgMgefMgHJGc11fkq7EFjpqgAGskdw7Kgz24tq1ibmFfgqlqutuJ1bFlIwuxHfEbetrgmIt1ArAx1xh33j8tzrF88v 4calzudBGt9cGnGcJ9ogtHiyG1q5Fi9Fm9cvb4yhHID4m6LpgHmM2igC aaaaaaaaaaaaaaaaaaaaaaaaaa

Not Before

11/01/2013, 12:30

Not After

31/12/2039, 23:59

Subject

CN=jhjkkkkkkkkkkkkkkkkkkkkkkkkkkkk D6Fe16q4yMwpwCc pDKmCrkt5LukAMDaGED6nGnnaI1fnc3awGGlpJ uEuGMoEgki5JJr ueJLL4AaJduLmifzInbyGbx4lzL395Do pAdnto8n9g2ICirqyFxAvhLqxGdp15LsAnH9hluIjIJrGsKAhru4ueHEhHm3w6r8 DGd2CBqsye m4dMFakcfL2mhycKi6udeaoIpc4h7bHEAzDg89wyBq2q42h33qrjmKisgefhHeGfkCzrq84H696Jjncl2n7EgeppEE n14v94KDba7FJbwHcdrbtaLfGirpjifg52JBsDw47s9gHlI7HaFffIDAvsa1hM8rvuGB1E6eJ qmA4k4 mkhjleICmAgajk8gi3io5BB6Eu fz15f4qBaLbjnF9bi5m7nr6ysmarBMoIotGK6rzp6jB1yAsKCmog3ecbjBvJvd8Hl8gbgswaEKpfhc7s4a8kKKkDCmaCLv71xFh71ckCJs3rftJ4cH9qsfH9FF51DaD1pt7HLoptM4ubtLH8jI2idlqqB8dd1kbq5Fpa928r C3gkx6wBgq9s2gg2Kb1Ja8iMD67hE4Kvg9aGhC1h6bhDEolJGgsIJyc4Eg I3EmjGqjFAmqt12cann7h8GqzL5Ar3es9Hwi4nK4F3salM lCAIhn86ta 6FC9Ecuocpa5Iq6wK2MhmCg2tmIiCGCnx9cIyyfJ2fsnxGjBg97mBdi4umrx1oqm2waHiAMtoCr1GG5txMLyDBimam4Ma2uD5biuFctIcokEgrlAM9jkCC3w6hmflCF6Gf7ouaHfKuI2n3uCbLr6drM7h43mjr5KGjpp7yfm3 bjjgCav4chILhHEbyJ aKz6z4qp6HfI1Ej8Eduro5evuM5r74329g43g5mKGlKqKlexBj2vxMHAB2KDzgBt86axGiKfFn44GDtirjz8rBJCqew6sMcCyff3p7sj4ouKMBApooIxJk8vCJmDD bkLrByHlz1tCnJ a8pyFG9Lm6yM6L2gzocjptm 4stAq43rcGzntd1bxq5hIE6xoz42dJnCiMIz9qpGeMhe5A6wepv 2yhDzsc HEtCaudCFKIeM sBr3csahuw5m4Au4z5keInEBIKDx53mEmt3Gl8BxMulGJDBKMy3otyMhl8Fvd9cbAqxtac2IvG 5wlfhtFAvM32AEKqHp5ig9lpz8Lmhbv2sJc3d1x3iepjArLFxAmfMIb4dH6rIFLsyxeLziuh44tmstmeomnMvcIIw hcIJ7JG8K rHd4rDk Hv5Hbdk4r9tc47mgJkIjKxLM1nbq8sKm2HgpGGqt8rmKK32gB2vl7lr1KAkFlu5h agx1 7xruz8xBwgn9mp1 bB27EDptKu9bnBpdc3rj1yAKdMop7F4f9Ctnra9lz6Icy6KEeg9HJCAkqe KjurMIqwBzx8l5fAeMADnjjw53geeM4yd89KrICEjtpfgrB6ekH ezy7u9lHwyl2dn4M3Bl3zoEra6jdFLaescvvj9KC8hwJjsh3xpqF7Dvrvg62enkD5zaIEspJxap4881wnlyBsDCzpnb5yxDqBuKna9zcLJ263gfD1HA2sx5FanIF3ii5fc39uaHr x2gIMssqx tnmFDmiyDEnIkt1Jw4HJ78fsi3CLwcMC22G1vjB7h2IBh 96CainkiM9Jtp D2hIo6qJpt4J1d25L6jcLbcAGadI2d95Ed1BKFIuzEcy7zLyDewfrJJoMpfMnmpBqku5Fujz9Fmjlag7nu8wnHzdw965qwDvAeIxrxbKMmf1bxru2sFthMDo8fKgMgefMgHJGc11fkq7EFjpqgAGskdw7Kgz24tq1ibmFfgqlqutuJ1bFlIwuxHfEbetrgmIt1ArAx1xh33j8tzrF88v 4calzudBGt9cGnGcJ9ogtHiyG1q5Fi9Fm9cvb4yhHID4m6LpgHmM2igC aaaaaaaaaaaaaaaaaaaaaaaaaa

Extended Key Usages

ExtKeyUsageCodeSigning

fc:0c:68:06:29:be:02:bd:b0:fe:9a:80:d2:be:21:f0:cb:f6:ec:ae
Signer

Actual PE Digest

fc:0c:68:06:29:be:02:bd:b0:fe:9a:80:d2:be:21:f0:cb:f6:ec:ae

Digest Algorithm

sha1

PE Digest Matches

false

Signature Validations

Trusted

false

Verification

Signing Certificate

CN=jhjkkkkkkkkkkkkkkkkkkkkkkkkkkkk D6Fe16q4yMwpwCc pDKmCrkt5LukAMDaGED6nGnnaI1fnc3awGGlpJ uEuGMoEgki5JJr ueJLL4AaJduLmifzInbyGbx4lzL395Do pAdnto8n9g2ICirqyFxAvhLqxGdp15LsAnH9hluIjIJrGsKAhru4ueHEhHm3w6r8 DGd2CBqsye m4dMFakcfL2mhycKi6udeaoIpc4h7bHEAzDg89wyBq2q42h33qrjmKisgefhHeGfkCzrq84H696Jjncl2n7EgeppEE n14v94KDba7FJbwHcdrbtaLfGirpjifg52JBsDw47s9gHlI7HaFffIDAvsa1hM8rvuGB1E6eJ qmA4k4 mkhjleICmAgajk8gi3io5BB6Eu fz15f4qBaLbjnF9bi5m7nr6ysmarBMoIotGK6rzp6jB1yAsKCmog3ecbjBvJvd8Hl8gbgswaEKpfhc7s4a8kKKkDCmaCLv71xFh71ckCJs3rftJ4cH9qsfH9FF51DaD1pt7HLoptM4ubtLH8jI2idlqqB8dd1kbq5Fpa928r C3gkx6wBgq9s2gg2Kb1Ja8iMD67hE4Kvg9aGhC1h6bhDEolJGgsIJyc4Eg I3EmjGqjFAmqt12cann7h8GqzL5Ar3es9Hwi4nK4F3salM lCAIhn86ta 6FC9Ecuocpa5Iq6wK2MhmCg2tmIiCGCnx9cIyyfJ2fsnxGjBg97mBdi4umrx1oqm2waHiAMtoCr1GG5txMLyDBimam4Ma2uD5biuFctIcokEgrlAM9jkCC3w6hmflCF6Gf7ouaHfKuI2n3uCbLr6drM7h43mjr5KGjpp7yfm3 bjjgCav4chILhHEbyJ aKz6z4qp6HfI1Ej8Eduro5evuM5r74329g43g5mKGlKqKlexBj2vxMHAB2KDzgBt86axGiKfFn44GDtirjz8rBJCqew6sMcCyff3p7sj4ouKMBApooIxJk8vCJmDD bkLrByHlz1tCnJ a8pyFG9Lm6yM6L2gzocjptm 4stAq43rcGzntd1bxq5hIE6xoz42dJnCiMIz9qpGeMhe5A6wepv 2yhDzsc HEtCaudCFKIeM sBr3csahuw5m4Au4z5keInEBIKDx53mEmt3Gl8BxMulGJDBKMy3otyMhl8Fvd9cbAqxtac2IvG 5wlfhtFAvM32AEKqHp5ig9lpz8Lmhbv2sJc3d1x3iepjArLFxAmfMIb4dH6rIFLsyxeLziuh44tmstmeomnMvcIIw hcIJ7JG8K rHd4rDk Hv5Hbdk4r9tc47mgJkIjKxLM1nbq8sKm2HgpGGqt8rmKK32gB2vl7lr1KAkFlu5h agx1 7xruz8xBwgn9mp1 bB27EDptKu9bnBpdc3rj1yAKdMop7F4f9Ctnra9lz6Icy6KEeg9HJCAkqe KjurMIqwBzx8l5fAeMADnjjw53geeM4yd89KrICEjtpfgrB6ekH ezy7u9lHwyl2dn4M3Bl3zoEra6jdFLaescvvj9KC8hwJjsh3xpqF7Dvrvg62enkD5zaIEspJxap4881wnlyBsDCzpnb5yxDqBuKna9zcLJ263gfD1HA2sx5FanIF3ii5fc39uaHr x2gIMssqx tnmFDmiyDEnIkt1Jw4HJ78fsi3CLwcMC22G1vjB7h2IBh 96CainkiM9Jtp D2hIo6qJpt4J1d25L6jcLbcAGadI2d95Ed1BKFIuzEcy7zLyDewfrJJoMpfMnmpBqku5Fujz9Fmjlag7nu8wnHzdw965qwDvAeIxrxbKMmf1bxru2sFthMDo8fKgMgefMgHJGc11fkq7EFjpqgAGskdw7Kgz24tq1ibmFfgqlqutuJ1bFlIwuxHfEbetrgmIt1ArAx1xh33j8tzrF88v 4calzudBGt9cGnGcJ9ogtHiyG1q5Fi9Fm9cvb4yhHID4m6LpgHmM2igC aaaaaaaaaaaaaaaaaaaaaaaaaa

01/12/2022, 14:34
Valid: false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetDiskFreeSpaceA
GetFileSize
GetLastError
GetLocalTime
GetLocaleInfoA
GetOEMCP
GetSystemTime
HeapAlloc
HeapFree
HeapReAlloc
InterlockedExchange
LoadLibraryA
RtlUnwind
GetCPInfo
SetFilePointer
SystemTimeToFileTime
TlsSetValue
VirtualAlloc
VirtualFree
VirtualQuery
WriteFile
lstrcmpA
lstrcmpiA
lstrlenA
ReadFile
CloseHandle
GetACP
FindNextFileA
FindFirstFileA
FindClose
DeleteFileA
CreateFileA
CreateDirectoryA
SetEndOfFile

user32

GetParent
GetWindowRect
IsDialogMessageA
IsDlgButtonChecked
LoadStringA
MessageBoxA
OffsetRect
PeekMessageA
SendMessageA
SetDlgItemTextA
SetFocus
SetForegroundWindow
SetWindowPos
ShowWindow
SystemParametersInfoA
TranslateMessage
GetDlgItem
GetDesktopWindow
EndDialog
DispatchMessageA
DialogBoxParamA
DestroyWindow
CreateDialogParamA
CheckDlgButton
CharPrevA

advapi32

RegEnumKeyExA
RegOpenKeyA
RegOpenKeyExA
RegOverridePredefKey
RegQueryInfoKeyA
RegQueryValueExA
RegSetValueExA
RegCloseKey

Sections

.text
Size: 267KB - Virtual size: 267KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 360B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data4
Size: 512B - Virtual size: 100B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data3
Size: 512B - Virtual size: 100B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data2
Size: 512B - Virtual size: 100B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

601db19cceb9d822e7c42d46e21abb91

Code Sign

2b:3e:ce:43:49:e5:e9:bb:43:b8:1f:91:45:53:d4:b0Certificate

Extended Key Usages

fc:0c:68:06:29:be:02:bd:b0:fe:9a:80:d2:be:21:f0:cb:f6:ec:aeSigner

Signature Validations

Verification

01/12/2022, 14:34 Valid: false

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

Sections

.text Size: 267KB - Virtual size: 267KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 512B - Virtual size: 360B

.data4 Size: 512B - Virtual size: 100B

.data3 Size: 512B - Virtual size: 100B

.data2 Size: 512B - Virtual size: 100B

.rsrc Size: 3KB - Virtual size: 2KB

2b:3e:ce:43:49:e5:e9:bb:43:b8:1f:91:45:53:d4:b0
Certificate

fc:0c:68:06:29:be:02:bd:b0:fe:9a:80:d2:be:21:f0:cb:f6:ec:ae
Signer

01/12/2022, 14:34
Valid: false

.text
Size: 267KB - Virtual size: 267KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 512B - Virtual size: 360B

.data4
Size: 512B - Virtual size: 100B

.data3
Size: 512B - Virtual size: 100B

.data2
Size: 512B - Virtual size: 100B

.rsrc
Size: 3KB - Virtual size: 2KB