f53b9014d2c32b158e9a086bd64591b5a813c6a45be8eb7be7566a2b4a6554c7

Sharing

Copy URL Twitter E-mail

General

Target

f53b9014d2c32b158e9a086bd64591b5a813c6a45be8eb7be7566a2b4a6554c7
Size

205KB
MD5

ad3ca53c07340e0f8cf29e6e37d42d57
SHA1

1bc21d5d20e39ef4e8077c1827ea9acff6a504cf
SHA256

f53b9014d2c32b158e9a086bd64591b5a813c6a45be8eb7be7566a2b4a6554c7
SHA512

824bcdcc6be4a93166017f251a470d9e4629d6e6b4624b2fbed1c17817c8ac1e45bb1fc96138a95b5453bdfe97e35250bfba2d7ea699bc5d1997fa6a3bdf2021
SSDEEP

6144:7+od5j7uVeHSJh4XhG2+pMMxrzFMUiT0nVIg/IjZO1H1Z:7x0eKhCo2AvxbiT0nBINO

Score

N/A

Malware Config

Signatures

Files

f53b9014d2c32b158e9a086bd64591b5a813c6a45be8eb7be7566a2b4a6554c7
.dll windows x86

36695571be6b7ac1bca1a717a6718f2f

Code Sign

3c:da:f6:17:6a:07:10:59:b3:d3:1d:9b:80:0a:71:f8
Certificate

Issuer

CN=K6cyVsKULMDi

Not Before

15/03/2012, 06:18

Not After

31/12/2039, 23:59

Subject

CN=K6cyVsKULMDi

Extended Key Usages

ExtKeyUsageCodeSigning

c6:1b:8f:3d:13:d4:0d:a9:90:bf:4b:d4:0a:1a:e3:e4:2a:6e:27:42
Signer

Actual PE Digest

c6:1b:8f:3d:13:d4:0d:a9:90:bf:4b:d4:0a:1a:e3:e4:2a:6e:27:42

Digest Algorithm

sha1

PE Digest Matches

false

Signature Validations

Trusted

false

Verification

Signing Certificate

CN=K6cyVsKULMDi

01/12/2022, 14:34
Valid: false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindFirstChangeNotificationA
FindNextVolumeA
FindVolumeMountPointClose
FreeResource
GetCompressedFileSizeW
GetComputerNameExA
GetConsoleAliasA
GetConsoleMode
GetCurrencyFormatA
GetFileAttributesW
GetFileSizeEx
GetNamedPipeInfo
GetNumberOfConsoleMouseButtons
GetPrivateProfileSectionW
GetPrivateProfileStringW
GetProcAddress
GetProcessHeaps
GetStartupInfoW
GetSystemDirectoryW
GetSystemTime
GetSystemTimeAsFileTime
GetTapePosition
GetThreadPriority
GetTimeFormatA
GetTimeFormatW
GetTimeZoneInformation
GetUserDefaultLangID
GetVolumePathNameW
GlobalAddAtomW
GlobalFree
GlobalGetAtomNameW
GlobalUnWire
GlobalUnfix
GlobalUnlock
HeapLock
InitializeCriticalSection
InterlockedDecrement
FileTimeToLocalFileTime
LoadLibraryExW
MapViewOfFileEx
Module32FirstW
MultiByteToWideChar
OpenFileMappingW
Process32Next
QueryDosDeviceA
QueryPerformanceFrequency
RemoveDirectoryW
RequestDeviceWakeup
ResetWriteWatch
RtlFillMemory
SetCommState
SetComputerNameExW
SetConsoleDisplayMode
SetConsoleMode
SetConsoleOutputCP
SetFilePointer
SetFileTime
SetNamedPipeHandleState
SystemTimeToTzSpecificLocalTime
Thread32Next
UnmapViewOfFile
UnregisterWait
UnregisterWaitEx
VirtualFree
VirtualUnlock
WriteConsoleA
WriteConsoleOutputCharacterW
WriteFile
WritePrivateProfileSectionA
WritePrivateProfileStructA
WriteProfileStringA
_hwrite
lstrlen
EnumSystemLocalesW
EnumSystemCodePagesW
EnumDateFormatsExW
EnumCalendarInfoExA
EndUpdateResourceW
DeleteCriticalSection
DefineDosDeviceA
CreateWaitableTimerA
CreateToolhelp32Snapshot
CreateMailslotA
CreateFileW
CreateFileMappingW
CreateConsoleScreenBuffer
ConvertDefaultLocale
CommConfigDialogA
ClearCommError
BeginUpdateResourceA
Beep
AllocateUserPhysicalPages
VirtualAlloc
GetWindowsDirectoryW
lstrlenW
lstrcpyW
IsBadCodePtr

user32

EndDialog
EnumDesktopsA
ExcludeUpdateRgn
FindWindowExA
FlashWindowEx
GetClipboardSequenceNumber
GetDlgItemInt
GetFocus
GetGUIThreadInfo
GetGuiResources
GetKBCodePage
GetKeyNameTextW
GetKeyboardType
GetMenuItemRect
GetMenuState
GetMessageExtraInfo
GetNextDlgGroupItem
GetPropA
GetPropW
GetScrollInfo
GetScrollPos
GetSysColorBrush
HideCaret
IMPSetIMEW
IsCharAlphaW
IsCharUpperA
IsClipboardFormatAvailable
IsIconic
IsMenu
IsRectEmpty
KillTimer
LoadCursorFromFileW
LoadKeyboardLayoutW
LoadStringW
MapVirtualKeyExW
ModifyMenuA
MsgWaitForMultipleObjects
OemToCharBuffW
OpenInputDesktop
OpenWindowStationW
PaintDesktop
PostThreadMessageW
RegisterClassA
RegisterClassExW
ScreenToClient
SendDlgItemMessageA
SendIMEMessageExW
SendInput
SendMessageA
SendMessageTimeoutW
SendNotifyMessageW
SetCaretBlinkTime
SetClassLongA
SetClassLongW
SetClassWord
SetDeskWallpaper
SetForegroundWindow
SetLayeredWindowAttributes
SetMenuItemBitmaps
SetThreadDesktop
ShowWindow
ShowWindowAsync
SubtractRect
TabbedTextOutA
TranslateMDISysAccel
UnhookWindowsHookEx
UserHandleGrantAccess
ValidateRgn
WindowFromDC
wvsprintfA
DragDetect
DlgDirSelectComboBoxExW
DlgDirSelectComboBoxExA
DialogBoxIndirectParamW
DestroyWindow
DestroyMenu
DefFrameProcA
DdeSetUserHandle
DdeQueryStringW
DdeQueryStringA
CreateWindowExA
CreateMenu
CreateCaret
CountClipboardFormats
CopyImage
CopyAcceleratorTableW
CheckMenuRadioItem
CharLowerBuffA
ChangeMenuA
ChangeDisplaySettingsW
CallMsgFilterA
AppendMenuW
AppendMenuA
CreateAcceleratorTableA

comdlg32

ChooseFontA
ChooseFontW
CommDlgExtendedError
FindTextA
FindTextW
GetFileTitleA
GetFileTitleW
GetOpenFileNameA
GetOpenFileNameW
ChooseColorW
GetSaveFileNameW
PageSetupDlgA
PageSetupDlgW
PrintDlgA
PrintDlgExA
PrintDlgExW
PrintDlgW
ReplaceTextA
ReplaceTextW
GetSaveFileNameA
ChooseColorA

advapi32

RegOpenKeyExA

Sections

.text
Size: 192KB - Virtual size: 191KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

36695571be6b7ac1bca1a717a6718f2f

Code Sign

3c:da:f6:17:6a:07:10:59:b3:d3:1d:9b:80:0a:71:f8Certificate

Extended Key Usages

c6:1b:8f:3d:13:d4:0d:a9:90:bf:4b:d4:0a:1a:e3:e4:2a:6e:27:42Signer

Signature Validations

Verification

01/12/2022, 14:34 Valid: false

Headers

File Characteristics

Imports

kernel32

user32

comdlg32

advapi32

Sections

.text Size: 192KB - Virtual size: 191KB

.data Size: 1KB - Virtual size: 1KB

.rsrc Size: 8KB - Virtual size: 7KB

.reloc Size: 2KB - Virtual size: 1KB

3c:da:f6:17:6a:07:10:59:b3:d3:1d:9b:80:0a:71:f8
Certificate

c6:1b:8f:3d:13:d4:0d:a9:90:bf:4b:d4:0a:1a:e3:e4:2a:6e:27:42
Signer

01/12/2022, 14:34
Valid: false

.text
Size: 192KB - Virtual size: 191KB

.data
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 8KB - Virtual size: 7KB

.reloc
Size: 2KB - Virtual size: 1KB