b2d0218bafb5d97e66fe6eb04a474cfd4182b43fb834db9617516c6af761a176

Sharing

Copy URL Twitter E-mail

General

Target

b2d0218bafb5d97e66fe6eb04a474cfd4182b43fb834db9617516c6af761a176
Size

708KB
MD5

d73acc9caeb1c5d09e167226136e223a
SHA1

f176c8ccfb62993c8c82db26ef7ac8ed2242f0ff
SHA256

b2d0218bafb5d97e66fe6eb04a474cfd4182b43fb834db9617516c6af761a176
SHA512

a1aceb0f7cd620ac80217141b3fd5399c23c27b236e40ea74a08ce1b39aaeafda16b7eb28d524d3739af5cf8979c2eeb43e2459f6b2bfb6db6b5fbe721c62641
SSDEEP

12288:tgspubTvfMT5Z95pzUUMgqlu64Z4KclmQRi0G60jAmvb9oThkLQRWlX/xd:bpuvv0T555UUMvaZ4KKmj0pLiu2Ug

Score

N/A

Malware Config

Signatures

Files

b2d0218bafb5d97e66fe6eb04a474cfd4182b43fb834db9617516c6af761a176
.exe windows x64

012eee0484aa566e2794f28b4c269f9b

Code Sign

37:78:56:78:a4:ca:b2:a8:48:92:d2:fd:fc:db:c8:62
Certificate

Issuer

CN=Acer Nitro 5 AN517-52 [AN517-52-77M3]

Not Before

02/12/2022, 14:23

Not After

03/12/2032, 14:23

Subject

CN=Acer Nitro 5 AN517-52 [AN517-52-77M3]

90:39:7f:9a:d2:4a:3a:13:f2:bd:91:5f:08:38:a9:43
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

11/05/2022, 00:00

Not After

10/08/2033, 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #3,O=Sectigo Limited,ST=Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02/05/2019, 00:00

Not After

18/01/2038, 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

11:1c:54:a9:90:43:7e:9a:97:8a:a4:34:4a:6d:4a:13:ae:4e:b3:2a:d3:34:95:b7:7b:81:0f:d0:69:40:af:49
Signer

Actual PE Digest

11:1c:54:a9:90:43:7e:9a:97:8a:a4:34:4a:6d:4a:13:ae:4e:b3:2a:d3:34:95:b7:7b:81:0f:d0:69:40:af:49

Digest Algorithm

sha256

PE Digest Matches

true

Signature Validations

Trusted

false

Verification

Signing Certificate

CN=Acer Nitro 5 AN517-52 [AN517-52-77M3]

01/12/2022, 14:34
Valid: false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

shell32

ShellAboutA

mscoree

_CorExeMain

advapi32

RegQueryValueA

user32

WaitMessage

kernel32

GetModuleHandleA

Sections

Size: - Virtual size: 878KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 115KB - Virtual size: 115KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 102KB - Virtual size: 101KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

012eee0484aa566e2794f28b4c269f9b

Code Sign

37:78:56:78:a4:ca:b2:a8:48:92:d2:fd:fc:db:c8:62Certificate

90:39:7f:9a:d2:4a:3a:13:f2:bd:91:5f:08:38:a9:43Certificate

Extended Key Usages

Key Usages

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9Certificate

Extended Key Usages

Key Usages

11:1c:54:a9:90:43:7e:9a:97:8a:a4:34:4a:6d:4a:13:ae:4e:b3:2a:d3:34:95:b7:7b:81:0f:d0:69:40:af:49Signer

Signature Validations

Verification

01/12/2022, 14:34 Valid: false

Headers

DLL Characteristics

File Characteristics

Imports

shell32

mscoree

advapi32

user32

kernel32

Sections

Size: - Virtual size: 878KB

.rsrc Size: 115KB - Virtual size: 115KB

Size: 102KB - Virtual size: 101KB

37:78:56:78:a4:ca:b2:a8:48:92:d2:fd:fc:db:c8:62
Certificate

90:39:7f:9a:d2:4a:3a:13:f2:bd:91:5f:08:38:a9:43
Certificate

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

11:1c:54:a9:90:43:7e:9a:97:8a:a4:34:4a:6d:4a:13:ae:4e:b3:2a:d3:34:95:b7:7b:81:0f:d0:69:40:af:49
Signer

01/12/2022, 14:34
Valid: false

.rsrc
Size: 115KB - Virtual size: 115KB