dbcff96244b33788280ee5fbb1e9ed15a96005af0bfb375a6b6817817d9508e5

Sharing

Copy URL Twitter E-mail

General

Target

dbcff96244b33788280ee5fbb1e9ed15a96005af0bfb375a6b6817817d9508e5
Size

179KB
MD5

41808a87d3238bd652558f8ccee582ef
SHA1

28a1b557c50ec167f01cfa254a742d538eda17ac
SHA256

dbcff96244b33788280ee5fbb1e9ed15a96005af0bfb375a6b6817817d9508e5
SHA512

2f4086844ee09b66a7bb784895f3c02d1e1600e94b018144f66d18f40c712f2b2111bb69265eb77a48ceb80428a38ef6e1f8852bdc7df7e298d757b96beb7403
SSDEEP

3072:q9txSWiZKE4IgjhO3np7MMwdyWPtoI+uvA8PY/YL60uMv4IjzJ3AVi:hbI1O3+RoACIjvA8OYLpuQBN3Qi

Score

N/A

Malware Config

Signatures

Files

dbcff96244b33788280ee5fbb1e9ed15a96005af0bfb375a6b6817817d9508e5
.exe windows x86

fbce3773a1f8ae211a8c4b2d666c7a7b

Code Sign

38:06:65:05:5d:a1:a8:bf:46:d4:2d:ba:b2:18:b6:5a
Certificate

Issuer

CN=234g634gh3

Not Before

26/02/2012, 06:07

Not After

31/12/2039, 23:59

Subject

CN=234g634gh3

Extended Key Usages

ExtKeyUsageCodeSigning

37:33:f9:8f:d4:9d:dd:2f:80:90:58:89:1c:b7:8c:28:ab:89:06:1f
Signer

Actual PE Digest

37:33:f9:8f:d4:9d:dd:2f:80:90:58:89:1c:b7:8c:28:ab:89:06:1f

Digest Algorithm

sha1

PE Digest Matches

false

Signature Validations

Trusted

false

Verification

Signing Certificate

CN=234g634gh3

01/12/2022, 14:34
Valid: false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAlloc
GetWindowsDirectoryA
lstrlenA
lstrcpyA
CreateFileA
GetProcAddress
LoadLibraryA
InterlockedCompareExchange

user32

DragObject
DrawCaption
DrawIcon
DrawTextExA
EditWndProc
EndTask
EnumDisplayMonitors
EnumDisplaySettingsA
EnumDisplaySettingsExW
EnumDisplaySettingsW
ExcludeUpdateRgn
FillRect
FindWindowA
GetActiveWindow
GetAncestor
GetAsyncKeyState
GetClassInfoExA
GetClipboardSequenceNumber
GetDoubleClickTime
GetFocus
GetGUIThreadInfo
GetKBCodePage
GetMenuContextHelpId
GetMenuDefaultItem
GetMenuItemID
GetMenuItemInfoW
GetMenuItemRect
GetMenuStringW
GetMonitorInfoA
GetScrollInfo
GetWindow
GetWindowInfo
GetWindowModuleFileName
GetWindowModuleFileNameW
GetWindowThreadProcessId
InSendMessage
InsertMenuA
InternalGetWindowText
IsCharAlphaNumericW
IsIconic
IsMenu
IsWindow
IsWindowEnabled
IsZoomed
LoadBitmapW
LoadCursorFromFileA
MessageBoxIndirectA
MessageBoxIndirectW
ModifyMenuA
MonitorFromWindow
OemKeyScan
OpenDesktopA
PackDDElParam
PeekMessageA
PostMessageW
RegisterClassExA
RegisterDeviceNotificationA
RemovePropA
ScreenToClient
SendMessageW
SetClassLongA
SetCursorPos
SetDlgItemInt
SetMenuItemInfoW
SetWindowTextW
SwapMouseButton
SystemParametersInfoW
UnpackDDElParam
UserHandleGrantAccess
VkKeyScanA
WinHelpW
wsprintfW
wvsprintfW
DispatchMessageA
DialogBoxIndirectParamW
DialogBoxIndirectParamA
DestroyMenu
DefFrameProcA
DdeSetQualityOfService
DdeQueryStringW
DdeKeepStringHandle
CreateWindowStationW
CreateWindowStationA
CreateDialogParamW
CreateCaret
CopyImage
CopyAcceleratorTableW
ChildWindowFromPointEx
CheckDlgButton
CharUpperBuffW
CharToOemBuffA
CharNextW
CallMsgFilter
AttachThreadInput

comdlg32

ChooseColorA
ChooseFontA
ChooseFontW
CommDlgExtendedError
FindTextA
GetFileTitleA
GetFileTitleW
GetOpenFileNameA
GetOpenFileNameW
ReplaceTextW
ReplaceTextA
PrintDlgW
PrintDlgExW
PrintDlgExA
PrintDlgA
PageSetupDlgW
PageSetupDlgA
GetSaveFileNameW
GetSaveFileNameA
ChooseColorW

ole32

BindMoniker
CLIPFORMAT_UserMarshal
CLIPFORMAT_UserSize
CLSIDFromProgIDEx
CoCancelCall
CoCreateInstance
CoFileTimeToDosDateTime
CoGetCallerTID
CoGetCurrentLogicalThreadId
CoGetInterfaceAndReleaseStream
CoGetObjectContext
CoGetStdMarshalEx
CoInitialize
CoLoadLibrary
CoRegisterPSClsid
CoRegisterSurrogate
CoResumeClassObjects
CoRevertToSelf
CoRevokeMallocSpy
CoTaskMemAlloc
CoTaskMemFree
CoTaskMemRealloc
CoTestCancel
CoTreatAsClass
CoUninitialize
CoUnmarshalInterface
CoWaitForMultipleHandles
CreateItemMoniker
CreateStdProgressIndicator
EnableHookObject
GetConvertStg
GetDocumentBitStg
GetHGlobalFromStream
GetHookInterface
HACCEL_UserMarshal
HBITMAP_UserUnmarshal
HBRUSH_UserSize
HDC_UserUnmarshal
HENHMETAFILE_UserSize
HGLOBAL_UserFree
HMENU_UserMarshal
HMENU_UserUnmarshal
HPALETTE_UserFree
HPALETTE_UserMarshal
HPALETTE_UserSize
HPALETTE_UserUnmarshal
HWND_UserUnmarshal
IsAccelerator
OleConvertIStorageToOLESTREAMEx
OleCreateEx
OleCreateFromData
OleCreateLink
OleCreateLinkEx
OleCreateStaticFromData
OleDraw
OleGetClipboard
OleGetIconOfClass
OleInitialize
OleLockRunning
OleRegEnumFormatEtc
OleRegEnumVerbs
OleRun
OleSetAutoConvert
OleSetClipboard
OleUninitialize
ProgIDFromCLSID
PropVariantCopy
ReadClassStg
ReadFmtUserTypeStg
RevokeDragDrop
SetDocumentBitStg
StgConvertVariantToProperty
StgCreateDocfile
StgCreatePropStg
StgCreateStorageEx
StgOpenAsyncDocfileOnIFillLockBytes
StgOpenStorage
StgOpenStorageOnILockBytes
StgPropertyLengthAsVariant
StringFromCLSID
StringFromIID
WriteClassStm
WriteFmtUserTypeStg

Sections

.text
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 648B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text6
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text1
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text2
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text5
Size: 161KB - Virtual size: 160KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fbce3773a1f8ae211a8c4b2d666c7a7b

Code Sign

38:06:65:05:5d:a1:a8:bf:46:d4:2d:ba:b2:18:b6:5aCertificate

Extended Key Usages

37:33:f9:8f:d4:9d:dd:2f:80:90:58:89:1c:b7:8c:28:ab:89:06:1fSigner

Signature Validations

Verification

01/12/2022, 14:34 Valid: false

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

comdlg32

ole32

Sections

.text Size: 9KB - Virtual size: 9KB

.data Size: 1024B - Virtual size: 648B

.text6 Size: 1KB - Virtual size: 1KB

.text1 Size: 1024B - Virtual size: 1000B

.text2 Size: 1024B - Virtual size: 1000B

.text5 Size: 161KB - Virtual size: 160KB

.reloc Size: 2KB - Virtual size: 1KB

38:06:65:05:5d:a1:a8:bf:46:d4:2d:ba:b2:18:b6:5a
Certificate

37:33:f9:8f:d4:9d:dd:2f:80:90:58:89:1c:b7:8c:28:ab:89:06:1f
Signer

01/12/2022, 14:34
Valid: false

.text
Size: 9KB - Virtual size: 9KB

.data
Size: 1024B - Virtual size: 648B

.text6
Size: 1KB - Virtual size: 1KB

.text1
Size: 1024B - Virtual size: 1000B

.text2
Size: 1024B - Virtual size: 1000B

.text5
Size: 161KB - Virtual size: 160KB

.reloc
Size: 2KB - Virtual size: 1KB