d313e68e3ff9a808da4e87cc5d3327e191072bf866f090fcc979d11940f002c6

Sharing

Copy URL Twitter E-mail

General

Target

d313e68e3ff9a808da4e87cc5d3327e191072bf866f090fcc979d11940f002c6
Size

294KB
MD5

8ffd21b7f15a7d4ff8b434f1bb19e20c
SHA1

bcab93df9f4c9a728257af841f2c200df511d85b
SHA256

d313e68e3ff9a808da4e87cc5d3327e191072bf866f090fcc979d11940f002c6
SHA512

968a0e80bda369cf057499b0594bdf5603341e5c47451e5a4411bef0ce30ded10c7e105ae49c29943f24631eb5148aae69e5e15de7f3ea7420adfc87b79be2e9
SSDEEP

6144:8gOBMB7FAFJh6ydWE519wGajkc9Yw3+MXZBB8alTRTLsl8:8Rq7FAsyD5wGa7OMJBBj3Xsl8

Score

N/A

Malware Config

Signatures

Files

d313e68e3ff9a808da4e87cc5d3327e191072bf866f090fcc979d11940f002c6
.exe windows x86

5e488279a200b306827e03f34b24dc2a

Code Sign

2e:7f:3e:11:b8:42:8f:84:4d:d0:47:71:2d:94:57:be
Certificate

Issuer

CN=f2351f23g

Not Before

05/03/2012, 08:03

Not After

31/12/2039, 23:59

Subject

CN=f2351f23g

Extended Key Usages

ExtKeyUsageCodeSigning

21:d6:81:89:46:2a:97:59:23:be:73:db:c5:14:3a:ab:72:3e:b3:69
Signer

Actual PE Digest

21:d6:81:89:46:2a:97:59:23:be:73:db:c5:14:3a:ab:72:3e:b3:69

Digest Algorithm

sha1

PE Digest Matches

false

Signature Validations

Trusted

false

Verification

Signing Certificate

CN=f2351f23g

01/12/2022, 14:34
Valid: false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAlloc
GetWindowsDirectoryA
lstrlenA
lstrcpyA
CreateFileA

advapi32

RegOpenKeyExA

shell32

SHGetDataFromIDListA
DoEnvironmentSubstW
ExtractIconEx
Shell_NotifyIconW
SHGetSpecialFolderPathA
ExtractIconW
SHGetPathFromIDListW
ExtractIconExW
SHBrowseForFolderA
SHGetPathFromIDListA
SHAddToRecentDocs
SHBrowseForFolder
ShellExecuteA
SHGetDiskFreeSpaceExW
DoEnvironmentSubstA
SHGetDesktopFolder
SHGetFileInfoW
ExtractAssociatedIconW
SHFileOperationW
DragQueryFile
SHAppBarMessage
SHFreeNameMappings
SHGetFolderPathW
SHPathPrepareForWriteW
DragQueryFileAorW
SHGetSpecialFolderPathW
SHPathPrepareForWriteA
ShellAboutA
DragQueryPoint
SHCreateProcessAsUserW
ExtractAssociatedIconA
SHGetIconOverlayIndexA
ShellAboutW
SHEmptyRecycleBinW
SHGetSpecialFolderLocation
ShellExecuteExW
ExtractAssociatedIconExA
Shell_NotifyIcon
WOWShellExecute
SHGetInstanceExplorer
ShellExecuteEx
SHGetDataFromIDListW
SHLoadNonloadedIconOverlayIdentifiers
FindExecutableA
CheckEscapesW
SHCreateDirectoryExW
ExtractIconExA
SHBindToParent
SHEmptyRecycleBinA
DragAcceptFiles
CommandLineToArgvW
SHGetIconOverlayIndexW
SHGetDiskFreeSpaceA
SHGetFileInfo
ExtractIconA
SHFormatDrive

shlwapi

StrChrIA
StrChrW
StrCmpNW
StrRStrIA
StrStrIA
StrRChrIW
StrChrIW
StrChrA
StrCmpNIW
StrRChrIA
StrCmpNA

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.textx1
Size: 276KB - Virtual size: 276KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.textx2
Size: 512B - Virtual size: 400B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 452B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5e488279a200b306827e03f34b24dc2a

Code Sign

2e:7f:3e:11:b8:42:8f:84:4d:d0:47:71:2d:94:57:beCertificate

Extended Key Usages

21:d6:81:89:46:2a:97:59:23:be:73:db:c5:14:3a:ab:72:3e:b3:69Signer

Signature Validations

Verification

01/12/2022, 14:34 Valid: false

Headers

File Characteristics

Imports

kernel32

advapi32

shell32

shlwapi

Sections

.text Size: 2KB - Virtual size: 2KB

.textx1 Size: 276KB - Virtual size: 276KB

.data Size: 2KB - Virtual size: 2KB

.textx2 Size: 512B - Virtual size: 400B

.rsrc Size: 9KB - Virtual size: 9KB

.reloc Size: 512B - Virtual size: 452B

2e:7f:3e:11:b8:42:8f:84:4d:d0:47:71:2d:94:57:be
Certificate

21:d6:81:89:46:2a:97:59:23:be:73:db:c5:14:3a:ab:72:3e:b3:69
Signer

01/12/2022, 14:34
Valid: false

.text
Size: 2KB - Virtual size: 2KB

.textx1
Size: 276KB - Virtual size: 276KB

.data
Size: 2KB - Virtual size: 2KB

.textx2
Size: 512B - Virtual size: 400B

.rsrc
Size: 9KB - Virtual size: 9KB

.reloc
Size: 512B - Virtual size: 452B