f61642ba4317cc826ea2a30729f35d866f95d36fb260fadc63b5041f9a44deb9

Sharing

Copy URL Twitter E-mail

General

Target

f61642ba4317cc826ea2a30729f35d866f95d36fb260fadc63b5041f9a44deb9
Size

310KB
MD5

52c1f7987d707f428f26b86fa9b3b55a
SHA1

0cb720f9bc615dde1af961ba688dc20df24091ce
SHA256

f61642ba4317cc826ea2a30729f35d866f95d36fb260fadc63b5041f9a44deb9
SHA512

950191bf583444b0e23711dcb9548c2faabd83cef8a3a9f895a15d0b747c3c7ae913ad9f0bad7f213925c4fc242694002accbacff9b1f80943e93b862144955b
SSDEEP

6144:RwTTuBHg4DQC6ziRo0sYXkBDm5TsCQIaNEN4xxgBGixuqFsE6a3:aYHpF6K1d0UIIaNniBGnq+na3

Score

N/A

Malware Config

Signatures

Files

f61642ba4317cc826ea2a30729f35d866f95d36fb260fadc63b5041f9a44deb9
.exe windows x86

990e1e166daa6313ddd8764b5bbaa95c

Code Sign

51:64:c3:9c:dc:c6:fc:95:42:d7:cd:5c:bf:8d:64:ee
Certificate

Issuer

CN=23612

Not Before

03/02/2012, 15:38

Not After

31/12/2039, 23:59

Subject

CN=23612

Extended Key Usages

ExtKeyUsageCodeSigning

ad:31:d8:36:3d:06:83:ad:0b:80:9f:c3:79:19:01:31:6a:d1:a1:e4
Signer

Actual PE Digest

ad:31:d8:36:3d:06:83:ad:0b:80:9f:c3:79:19:01:31:6a:d1:a1:e4

Digest Algorithm

sha1

PE Digest Matches

true

Signature Validations

Trusted

false

Verification

Signing Certificate

CN=23612

01/12/2022, 14:34
Valid: false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetThreadLocale
GetWindowsDirectoryA
lstrlenA
lstrcpyA
CreateFileA
VirtualAlloc

user32

LoadIconW

advapi32

RegOpenKeyExW

shlwapi

SHRegEnumUSValueA
PathMakeSystemFolderA
PathSetDlgItemPathA
SHRegGetBoolUSValueW
SHRegSetUSValueW
SHRegWriteUSValueA
PathAddExtensionA
ord16

Sections

.text
Size: 303KB - Virtual size: 302KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 640B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text5
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 164B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

990e1e166daa6313ddd8764b5bbaa95c

Code Sign

51:64:c3:9c:dc:c6:fc:95:42:d7:cd:5c:bf:8d:64:eeCertificate

Extended Key Usages

ad:31:d8:36:3d:06:83:ad:0b:80:9f:c3:79:19:01:31:6a:d1:a1:e4Signer

Signature Validations

Verification

01/12/2022, 14:34 Valid: false

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shlwapi

Sections

.text Size: 303KB - Virtual size: 302KB

.data Size: 1024B - Virtual size: 640B

.text5 Size: 512B - Virtual size: 32B

.rsrc Size: 4KB - Virtual size: 3KB

.reloc Size: 512B - Virtual size: 164B

51:64:c3:9c:dc:c6:fc:95:42:d7:cd:5c:bf:8d:64:ee
Certificate

ad:31:d8:36:3d:06:83:ad:0b:80:9f:c3:79:19:01:31:6a:d1:a1:e4
Signer

01/12/2022, 14:34
Valid: false

.text
Size: 303KB - Virtual size: 302KB

.data
Size: 1024B - Virtual size: 640B

.text5
Size: 512B - Virtual size: 32B

.rsrc
Size: 4KB - Virtual size: 3KB

.reloc
Size: 512B - Virtual size: 164B