6685f11a3c1fc098fa7d1097d09d417ed4051a654f99acf0d59fa8f3d1fdcbab

Sharing

Copy URL Twitter E-mail

General

Target

6685f11a3c1fc098fa7d1097d09d417ed4051a654f99acf0d59fa8f3d1fdcbab
Size

973KB
MD5

1309e33ca54c46c2f5b2bb4df7175c47
SHA1

b380e319575c8c9c417ca3f650b570c3487e49c8
SHA256

6685f11a3c1fc098fa7d1097d09d417ed4051a654f99acf0d59fa8f3d1fdcbab
SHA512

645e6f2c377230d1989fd1821ec022cdcb8f73849b565a2e9ddeeafbed59f52d2a6a9997fc1b301bd49d5d43e4c1e018331bf272d957b3538487ddea0caa1c3d
SSDEEP

12288:EFVZlES2lTSITxHPhRveis+JvY8bQILX+KS3yt0Bo23lnqf4bWMnpuqGOQG6:EnXiGITxHZ6+JTb+ouW4bZnpuqGOQG6

Score

N/A

Malware Config

Signatures

Files

6685f11a3c1fc098fa7d1097d09d417ed4051a654f99acf0d59fa8f3d1fdcbab
.exe windows x64

0aa42f3461312102aed891e08f5e6f12

Code Sign

71:64:ae:e2:75:ec:6f:9d:4d:d9:f4:14:3b:06:c6:0f
Certificate

Issuer

CN=Acer Nitro 5 AN517-52 [AN515-52-77M3]

Not Before

05/12/2022, 19:35

Not After

06/12/2032, 19:35

Subject

CN=Acer Nitro 5 AN517-52 [AN515-52-77M3]

90:39:7f:9a:d2:4a:3a:13:f2:bd:91:5f:08:38:a9:43
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

11/05/2022, 00:00

Not After

10/08/2033, 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #3,O=Sectigo Limited,ST=Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02/05/2019, 00:00

Not After

18/01/2038, 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

de:60:ae:7b:9a:f3:ea:a7:1a:9a:45:54:96:52:de:40:09:fa:b7:1f:78:a5:f6:ac:6c:46:28:e6:63:05:ed:cd
Signer

Actual PE Digest

de:60:ae:7b:9a:f3:ea:a7:1a:9a:45:54:96:52:de:40:09:fa:b7:1f:78:a5:f6:ac:6c:46:28:e6:63:05:ed:cd

Digest Algorithm

sha256

PE Digest Matches

true

Signature Validations

Trusted

false

Verification

Signing Certificate

CN=Acer Nitro 5 AN517-52 [AN515-52-77M3]

01/12/2022, 14:34
Valid: false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

shell32

SHChangeNotifyRegister

mscoree

_CorExeMain

advapi32

RegQueryValueA

user32

IsChild

kernel32

GetModuleHandleA

Sections

Size: - Virtual size: 878KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 380KB - Virtual size: 380KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 102KB - Virtual size: 101KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

0aa42f3461312102aed891e08f5e6f12

Code Sign

71:64:ae:e2:75:ec:6f:9d:4d:d9:f4:14:3b:06:c6:0fCertificate

90:39:7f:9a:d2:4a:3a:13:f2:bd:91:5f:08:38:a9:43Certificate

Extended Key Usages

Key Usages

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9Certificate

Extended Key Usages

Key Usages

de:60:ae:7b:9a:f3:ea:a7:1a:9a:45:54:96:52:de:40:09:fa:b7:1f:78:a5:f6:ac:6c:46:28:e6:63:05:ed:cdSigner

Signature Validations

Verification

01/12/2022, 14:34 Valid: false

Headers

DLL Characteristics

File Characteristics

Imports

shell32

mscoree

advapi32

user32

kernel32

Sections

Size: - Virtual size: 878KB

.rsrc Size: 380KB - Virtual size: 380KB

Size: 102KB - Virtual size: 101KB

71:64:ae:e2:75:ec:6f:9d:4d:d9:f4:14:3b:06:c6:0f
Certificate

90:39:7f:9a:d2:4a:3a:13:f2:bd:91:5f:08:38:a9:43
Certificate

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

de:60:ae:7b:9a:f3:ea:a7:1a:9a:45:54:96:52:de:40:09:fa:b7:1f:78:a5:f6:ac:6c:46:28:e6:63:05:ed:cd
Signer

01/12/2022, 14:34
Valid: false

.rsrc
Size: 380KB - Virtual size: 380KB