b136eb1c3ef6c873150a020cf07e6190a03b3a1f696ba44d7831b8756d1f59a4

Sharing

Copy URL Twitter E-mail

General

Target

b136eb1c3ef6c873150a020cf07e6190a03b3a1f696ba44d7831b8756d1f59a4
Size

190KB
MD5

a1834e156229d1124e728a2fe3871427
SHA1

5c47a0784d823315cd678ab7cdbd5fc30fecc63d
SHA256

b136eb1c3ef6c873150a020cf07e6190a03b3a1f696ba44d7831b8756d1f59a4
SHA512

8cd0451eafae22cace95963e8d3e604d3b8bec1c4833bd0c80f79d19403a3fa892c9014945f3eca3561e0d30126678f3647ef974dd626072ad6b6d9d08d7822e
SSDEEP

3072:Hi97HJLI3YI/TRdoNf8CUjTnVgM6mjLLWb:C927vTVvDfLo

Score

N/A

Malware Config

Signatures

Files

b136eb1c3ef6c873150a020cf07e6190a03b3a1f696ba44d7831b8756d1f59a4
.exe windows x86

09856ea049ee0244c3e890c703547110

Code Sign

13:a7:f4:23:87:fb:13:64:bb:28:28:26:52:ba:b1:bf
Certificate

Issuer

CN=341235221341228966292465999492447398695844727979223929433914174169461853293559324913756452688926312923675437232614221361649636752161156752413489436552

Not Before

13/07/2012, 07:49

Not After

31/12/2039, 23:59

Subject

CN=341235221341228966292465999492447398695844727979223929433914174169461853293559324913756452688926312923675437232614221361649636752161156752413489436552

Extended Key Usages

ExtKeyUsageCodeSigning

0d:12:84:53:4d:de:49:96:b5:ec:63:e3:d4:14:fb:21:d4:0d:3f:9e
Signer

Actual PE Digest

0d:12:84:53:4d:de:49:96:b5:ec:63:e3:d4:14:fb:21:d4:0d:3f:9e

Digest Algorithm

sha1

PE Digest Matches

true

Signature Validations

Trusted

false

Verification

Signing Certificate

CN=341235221341228966292465999492447398695844727979223929433914174169461853293559324913756452688926312923675437232614221361649636752161156752413489436552

01/12/2022, 14:35
Valid: false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
GetWindowsDirectoryW
lstrcatW
CreateFileW
VirtualAllocEx
GetModuleHandleA
GetProcAddress

user32

LoadIconA

advapi32

RegOpenKeyW
RegCloseKey

Sections

.text
Size: 142KB - Virtual size: 141KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 40KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data6
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data5
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data4
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data3
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data2
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 220B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

09856ea049ee0244c3e890c703547110

Code Sign

13:a7:f4:23:87:fb:13:64:bb:28:28:26:52:ba:b1:bfCertificate

Extended Key Usages

0d:12:84:53:4d:de:49:96:b5:ec:63:e3:d4:14:fb:21:d4:0d:3f:9eSigner

Signature Validations

Verification

01/12/2022, 14:35 Valid: false

Headers

File Characteristics

Imports

kernel32

user32

advapi32

Sections

.text Size: 142KB - Virtual size: 141KB

.data Size: 40KB - Virtual size: 40KB

.data6 Size: 1024B - Virtual size: 1000B

.data5 Size: 1024B - Virtual size: 1000B

.data4 Size: 1024B - Virtual size: 1000B

.data3 Size: 1024B - Virtual size: 1000B

.data2 Size: 1024B - Virtual size: 1000B

.reloc Size: 512B - Virtual size: 220B

13:a7:f4:23:87:fb:13:64:bb:28:28:26:52:ba:b1:bf
Certificate

0d:12:84:53:4d:de:49:96:b5:ec:63:e3:d4:14:fb:21:d4:0d:3f:9e
Signer

01/12/2022, 14:35
Valid: false

.text
Size: 142KB - Virtual size: 141KB

.data
Size: 40KB - Virtual size: 40KB

.data6
Size: 1024B - Virtual size: 1000B

.data5
Size: 1024B - Virtual size: 1000B

.data4
Size: 1024B - Virtual size: 1000B

.data3
Size: 1024B - Virtual size: 1000B

.data2
Size: 1024B - Virtual size: 1000B

.reloc
Size: 512B - Virtual size: 220B