94c9c6c19feda556a5229354394567456477702e904588399d2bfc1c057cad00 | Triage

Submit
Reports

Overview

overview

3

Static

static

94c9c6c19f...00.exe

windows7-x64

1

94c9c6c19f...00.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

94c9c6c19feda556a5229354394567456477702e904588399d2bfc1c057cad00.exe

Resource

win7-20220812-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral2

Sample

94c9c6c19feda556a5229354394567456477702e904588399d2bfc1c057cad00.exe

Resource

win10v2004-20221111-en

windows10-2004-x64

2 signatures

150 seconds

General

Target

94c9c6c19feda556a5229354394567456477702e904588399d2bfc1c057cad00
Size

19KB
MD5

593693ef0ca02acb19c484677f3ecde6
SHA1

f9de4e94a3bc2ba6ff25d0e460ccecc4299f97c1
SHA256

94c9c6c19feda556a5229354394567456477702e904588399d2bfc1c057cad00
SHA512

5d641d243499dfa81c6445929033c67df26de78df6c4c5d6b3390ed7c1ad38e30f90eabacb610fd6ed0208e2a459c0edd2c54e752e42e0875311c3f526028660
SSDEEP

384:GDQg4Kwt3N0lh/7LSAj3Zk+kCTI+wrT0W3Is:1JKwT0lxiAmGI+KY

Score

N/A

Malware Config

Signatures

Files

94c9c6c19feda556a5229354394567456477702e904588399d2bfc1c057cad00
.exe windows x86

670b6c41e822c1578415690e72edf22d

Code Sign

3f:32:8c:cf:32:82:70:a3:44:91:d2:e8:77:2a:4e:55
Certificate

Issuer

CN=Orowaaqewiawiraa

Not Before

11/03/2012, 07:56

Not After

31/12/2039, 23:59

Subject

CN=Orowaaqewiawiraa

36:94:17:d5:4b:db:3e:dd:fb:b4:11:c5:57:38:8a:97:5f:79:d2:d7
Signer

Actual PE Digest

36:94:17:d5:4b:db:3e:dd:fb:b4:11:c5:57:38:8a:97:5f:79:d2:d7

Digest Algorithm

sha1

PE Digest Matches

true

Signature Validations

Trusted

false

Verification

Signing Certificate

CN=Orowaaqewiawiraa

01/12/2022, 14:35
Valid: false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
GetProcAddress
Sleep
VirtualFree
LoadLibraryA

user32

ShowWindow
UpdateWindow
DispatchMessageA
RegisterClassExA
PostQuitMessage

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 356B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 256B - Virtual size: 134B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 264B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy