e8387f6311c38884a12464158df1f71aafcec7baa6276139b45d58f7bdb06777

Sharing

Copy URL Twitter E-mail

General

Target

e8387f6311c38884a12464158df1f71aafcec7baa6276139b45d58f7bdb06777
Size

436KB
MD5

c259e6f55f2be7736b68d97d9073e6cc
SHA1

48b397f6f3673176d15c057d48f9be00cb03798d
SHA256

e8387f6311c38884a12464158df1f71aafcec7baa6276139b45d58f7bdb06777
SHA512

f972b92c020f1a66cd4a237f0485685cd3a0f601f955c5ef4e7b77d767c57fc6d8897e69c4d8380e39b44f660b234e6a0f2fb66ebe36b2ade04a39e0578edde0
SSDEEP

12288:WAam7FhuPPvZxufX2mgpM6d1JKLu+WT1Jj2vMA:WRm7FhuP3ZE/239PcXWT1J8MA

Score

N/A

Malware Config

Signatures

Files

e8387f6311c38884a12464158df1f71aafcec7baa6276139b45d58f7bdb06777
.exe windows x86

710fd3224a07fe92a6ca70d9ee4aa95f

Code Sign

78:e6:31:bf:f4:f4:60:63:b5:de:d2:51:91:90:f9:ce
Certificate

Issuer

CN=utlngwjtatf

Not Before

07/01/2012, 10:36

Not After

09/09/2023, 22:00

Subject

CN=Hernolu

2e:69:4c:ff:a0:7c:75:36:b8:ae:e7:12:0f:1a:ac:80:2a:6c:ed:52
Signer

Actual PE Digest

2e:69:4c:ff:a0:7c:75:36:b8:ae:e7:12:0f:1a:ac:80:2a:6c:ed:52

Digest Algorithm

sha1

PE Digest Matches

true

Signature Validations

Trusted

false

Verification

Signing Certificate

NO CERTIFICATE

01/01/0001, 00:00
Valid: false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

OleConvertOLESTREAMToIStorage

oleaut32

OleSavePictureFile

kernel32

GetCurrentThreadId
GetStringTypeA
LCMapStringW
LCMapStringA
GetStartupInfoA
TlsGetValue
GetProcAddress
GetFileType
TlsSetValue
GetCommandLineA
GetModuleHandleA
VirtualAlloc
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetStringTypeW
TlsAlloc
SetLastError
GetLastError
HeapDestroy
HeapCreate
VirtualFree
HeapFree
RtlUnwind
WriteFile
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetCPInfo
GetACP
GetOEMCP
HeapAlloc
HeapReAlloc
LoadLibraryA
MultiByteToWideChar

Sections

.text
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 89KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.cqqzs
Size: 285KB - Virtual size: 284KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.noqsuu
Size: 118KB - Virtual size: 117KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

710fd3224a07fe92a6ca70d9ee4aa95f

Code Sign

78:e6:31:bf:f4:f4:60:63:b5:de:d2:51:91:90:f9:ceCertificate

2e:69:4c:ff:a0:7c:75:36:b8:ae:e7:12:0f:1a:ac:80:2a:6c:ed:52Signer

Signature Validations

Verification

01/01/0001, 00:00 Valid: false

Headers

File Characteristics

Imports

ole32

oleaut32

kernel32

Sections

.text Size: 19KB - Virtual size: 18KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 1KB - Virtual size: 89KB

.cqqzs Size: 285KB - Virtual size: 284KB

.noqsuu Size: 118KB - Virtual size: 117KB

.rsrc Size: 5KB - Virtual size: 5KB

.reloc Size: 3KB - Virtual size: 2KB

78:e6:31:bf:f4:f4:60:63:b5:de:d2:51:91:90:f9:ce
Certificate

2e:69:4c:ff:a0:7c:75:36:b8:ae:e7:12:0f:1a:ac:80:2a:6c:ed:52
Signer

01/01/0001, 00:00
Valid: false

.text
Size: 19KB - Virtual size: 18KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 1KB - Virtual size: 89KB

.cqqzs
Size: 285KB - Virtual size: 284KB

.noqsuu
Size: 118KB - Virtual size: 117KB

.rsrc
Size: 5KB - Virtual size: 5KB

.reloc
Size: 3KB - Virtual size: 2KB