b0ee124c18797d781796c7ba9fe63bb96cbb571a9998ec53756a07b3fb711c76

Sharing

Copy URL Twitter E-mail

General

Target

b0ee124c18797d781796c7ba9fe63bb96cbb571a9998ec53756a07b3fb711c76
Size

75KB
MD5

39b43157baa91b882a18305ee96821f2
SHA1

519c8eda3a46bf12ad2a8d26c6d5d3db41b3fedd
SHA256

b0ee124c18797d781796c7ba9fe63bb96cbb571a9998ec53756a07b3fb711c76
SHA512

48f0c305aa5403abe1fe67f457bc76d2e4a5c785e7fdf9420e4ddaef763e3de5dc4b91a22a403392de0ee661b8b3c235e4f8722ddc645c7931263ed1da15623c
SSDEEP

768:Io0NRQcCLHijYNBC4FLxCdIsP5PcBXwFRSewSU1y0dws/wlBRePYLhCSvVNtllY:mNzYKdFx0AG1yK1BSdNt3Y

Score

N/A

Malware Config

Signatures

Files

b0ee124c18797d781796c7ba9fe63bb96cbb571a9998ec53756a07b3fb711c76
.exe windows x86

6d483ed50452b0f597abad8b741095a8

Code Sign

3d:1f:50:c9:d1:f3:36:8b:41:28:a5:6f:fa:3e:f4:e4
Certificate

Issuer

CN=dfgwetwerg

Not Before

17/01/2012, 06:33

Not After

31/12/2039, 23:59

Subject

CN=dfgwetwerg

Extended Key Usages

ExtKeyUsageCodeSigning

f2:10:49:30:aa:b8:0c:09:70:78:39:dd:e3:2f:1c:f8:3f:01:e9:2f
Signer

Actual PE Digest

f2:10:49:30:aa:b8:0c:09:70:78:39:dd:e3:2f:1c:f8:3f:01:e9:2f

Digest Algorithm

sha1

PE Digest Matches

true

Signature Validations

Trusted

false

Verification

Signing Certificate

CN=dfgwetwerg

01/12/2022, 14:34
Valid: false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CommConfigDialogW
CopyFileA
CopyFileW
CreateFileMappingW
CreateFileW
CreateHardLinkA
CreateMutexW
CreateNamedPipeW
CreateTimerQueue
DeleteFileW
DeleteVolumeMountPointA
DeviceIoControl
DisableThreadLibraryCalls
EndUpdateResourceW
EnumCalendarInfoW
EnumResourceTypesA
EnumSystemCodePagesA
EnumSystemLocalesA
EraseTape
ExpandEnvironmentStringsA
FindFirstFileW
FindFirstVolumeMountPointA
FindResourceExA
FlushInstructionCache
GetCalendarInfoA
GetCalendarInfoW
GetCommModemStatus
GetConsoleAliasExesA
GetConsoleAliasExesLengthA
GetConsoleTitleW
GetDiskFreeSpaceA
GetDiskFreeSpaceExW
GetDiskFreeSpaceW
GetLogicalDriveStringsA
GetMailslotInfo
GetNumberOfConsoleMouseButtons
GetPrivateProfileSectionA
GetProcessIoCounters
GetStartupInfoA
GetSystemPowerStatus
GetTapeParameters
GetTapePosition
GetThreadContext
GetThreadLocale
GetVolumeNameForVolumeMountPointA
ClearCommBreak
GlobalFindAtomW
GlobalMemoryStatus
GlobalReAlloc
Heap32First
HeapCompact
HeapUnlock
HeapValidate
InterlockedIncrement
IsBadHugeReadPtr
IsBadStringPtrW
IsDBCSLeadByte
LocalFlags
LocalSize
Module32FirstW
ProcessIdToSessionId
QueueUserWorkItem
RemoveDirectoryA
ReplaceFileA
RtlUnwind
ScrollConsoleScreenBufferA
SetCommConfig
SetConsoleScreenBufferSize
SetEnvironmentVariableA
SetEnvironmentVariableW
SetProcessWorkingSetSize
SetSystemPowerState
SetSystemTimeAdjustment
SetTapeParameters
SetThreadIdealProcessor
SetThreadLocale
SetThreadPriorityBoost
SetVolumeMountPointA
TerminateProcess
Thread32Next
TransmitCommChar
WaitForDebugEvent
WideCharToMultiByte
WinExec
WriteConsoleA
WriteConsoleOutputW
_lcreat
_lopen
lstrcmp
lstrcmpi
lstrcpynA
ChangeTimerQueueTimer
CancelIo
AddConsoleAliasW
ExitProcess
GlobalAddAtomA
VirtualAlloc

user32

RegisterShellHookWindow
SetCaretBlinkTime
SetCaretPos
SetClipboardViewer
SetDlgItemInt
SetParent
SetPropW
SetWindowContextHelpId
SetWindowLongA
SetWindowsHookW
ShowCaret
ShowScrollBar
SubtractRect
SystemParametersInfoA
TabbedTextOutW
TileWindows
UnionRect
UserHandleGrantAccess
VkKeyScanA
mouse_event
RealGetWindowClassW
RealGetWindowClass
PostMessageW
MessageBoxW
MenuItemFromPoint
MapVirtualKeyExW
MapVirtualKeyExA
MapVirtualKeyA
LockWindowUpdate
LockSetForegroundWindow
LoadKeyboardLayoutA
LoadCursorFromFileW
LoadBitmapW
IsHungAppWindow
IsClipboardFormatAvailable
IsCharUpperW
IsCharAlphaW
InflateRect
IMPSetIMEA
IMPQueryIMEW
IMPGetIMEW
GrayStringA
GetWindowThreadProcessId
GetTopWindow
GetScrollRange
GetQueueStatus
GetPropW
GetParent
GetNextDlgGroupItem
GetMonitorInfoA
GetMessageExtraInfo
GetMessageA
GetMenuStringA
GetMenuState
GetMenuItemRect
GetMenuItemID
GetLastInputInfo
GetKeyboardLayoutNameA
GetDlgItemTextW
GetDlgItemTextA
GetDialogBaseUnits
GetClipboardOwner
GetClassLongW
FindWindowA
EnumWindowStationsA
EnumPropsExW
EnumDesktopsA
EnumDesktopWindows
EndTask
EditWndProc
DrawFrameControl
DrawEdge
DlgDirSelectComboBoxExA
DialogBoxIndirectParamW
DefFrameProcA
DefDlgProcA
DdeFreeStringHandle
DdeDisconnectList
DdeCreateStringHandleA
CreateMDIWindowW
CreateIconIndirect
CreateIconFromResourceEx
CreateIconFromResource
CloseClipboard
CharToOemBuffW
CharPrevA
ChangeMenuW
ChangeDisplaySettingsW
ChangeClipboardChain
CallNextHookEx
CallMsgFilterW
ArrangeIconicWindows
GetDC
ReleaseDC
GetInputDesktop

gdi32

GetStockObject
SelectObject
GetTextMetricsA

advapi32

RegOpenKeyExW

shell32

WOWShellExecute
Shell_NotifyIconW
ShellHookProc
ShellExecuteW
ShellExecuteExW
DoEnvironmentSubstA
DragAcceptFiles
DragQueryFile
DragQueryFileA
DragQueryFileW
DragQueryPoint
ExtractAssociatedIconExA
ExtractAssociatedIconExW
ExtractAssociatedIconW
ExtractIconEx
ExtractIconExA
ExtractIconExW
ExtractIconW
SHAddToRecentDocs
SHAppBarMessage
SHBindToParent
SHBrowseForFolder
SHBrowseForFolderA
SHBrowseForFolderW
SHChangeNotify
SHCreateDirectoryExW
SHCreateProcessAsUserW
SHEmptyRecycleBinA
SHEmptyRecycleBinW
ShellExecuteEx
SHFileOperation
SHFileOperationA
SHFileOperationW
SHFormatDrive
SHGetDataFromIDListA
SHGetDataFromIDListW
SHGetDesktopFolder
SHGetDiskFreeSpaceExA
SHGetDiskFreeSpaceExW
SHGetFileInfo
SHGetFileInfoA
SHGetFileInfoW
SHGetIconOverlayIndexA
SHGetPathFromIDList
SHGetPathFromIDListA
SHGetPathFromIDListW
SHGetSpecialFolderLocation
SHGetSpecialFolderPathA
SHInvokePrinterCommandA
SHInvokePrinterCommandW
SHIsFileAvailableOffline
SHPathPrepareForWriteA
SHQueryRecycleBinA
ShellAboutA
ShellAboutW
ShellExecuteA

shlwapi

StrChrIA
StrChrIW
StrChrW
StrCmpNIW
StrRChrA
StrRChrW
StrRStrIA
StrRStrIW
StrStrA
StrStrIA
StrRChrIA

Sections

.text
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.eee
Size: 59KB - Virtual size: 58KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 88B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6d483ed50452b0f597abad8b741095a8

Code Sign

3d:1f:50:c9:d1:f3:36:8b:41:28:a5:6f:fa:3e:f4:e4Certificate

Extended Key Usages

f2:10:49:30:aa:b8:0c:09:70:78:39:dd:e3:2f:1c:f8:3f:01:e9:2fSigner

Signature Validations

Verification

01/12/2022, 14:34 Valid: false

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

shlwapi

Sections

.text Size: 9KB - Virtual size: 8KB

.eee Size: 59KB - Virtual size: 58KB

.data Size: 512B - Virtual size: 88B

.rsrc Size: 3KB - Virtual size: 2KB

.reloc Size: 1KB - Virtual size: 1KB

3d:1f:50:c9:d1:f3:36:8b:41:28:a5:6f:fa:3e:f4:e4
Certificate

f2:10:49:30:aa:b8:0c:09:70:78:39:dd:e3:2f:1c:f8:3f:01:e9:2f
Signer

01/12/2022, 14:34
Valid: false

.text
Size: 9KB - Virtual size: 8KB

.eee
Size: 59KB - Virtual size: 58KB

.data
Size: 512B - Virtual size: 88B

.rsrc
Size: 3KB - Virtual size: 2KB

.reloc
Size: 1KB - Virtual size: 1KB