a4b4bc04837491bd367c6ba5c658002ba9ef2ff83915749d27eec9c80dc54a25

Sharing

Copy URL Twitter E-mail

General

Target

a4b4bc04837491bd367c6ba5c658002ba9ef2ff83915749d27eec9c80dc54a25
Size

195KB
MD5

474a10cdca53f9c65f2611b742fc4c00
SHA1

4b4ded35616571d4ac94e53558ee563da831801e
SHA256

a4b4bc04837491bd367c6ba5c658002ba9ef2ff83915749d27eec9c80dc54a25
SHA512

842d37dbc0c0e3708b1ac0d9373793f0fd4bf9e6b43888b773f47f0019d497e2e016bcd0bbdc8beefe11db380ad99e4342ec0b16e80b89067c28eebe8b4d6e3a
SSDEEP

3072:Mi3ljl29Wjy+0n6GzHMK2FuxmWN6eN/0P+G4ZdgrB5YELEioerOVimcbCywQi36:t3O9WW+/ur2FuxmE9G4ef2Am9yvk

Score

N/A

Malware Config

Signatures

Files

a4b4bc04837491bd367c6ba5c658002ba9ef2ff83915749d27eec9c80dc54a25
.exe windows x86

f7261e910592986bc957118014f9d233

Code Sign

73:c2:e8:4a:e6:53:2c:94:4e:85:92:3a:67:87:27:6a
Certificate

Issuer

CN=evtwetvbqwe45vb2

Not Before

01/03/2012, 08:06

Not After

31/12/2039, 23:59

Subject

CN=evtwetvbqwe45vb2

Extended Key Usages

ExtKeyUsageCodeSigning

b2:f1:97:a4:4b:a1:25:ae:e2:0f:c8:ba:1a:d8:4a:4d:43:6e:28:bf
Signer

Actual PE Digest

b2:f1:97:a4:4b:a1:25:ae:e2:0f:c8:ba:1a:d8:4a:4d:43:6e:28:bf

Digest Algorithm

sha1

PE Digest Matches

true

Signature Validations

Trusted

false

Verification

Signing Certificate

CN=evtwetvbqwe45vb2

01/12/2022, 14:34
Valid: false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

InterlockedCompareExchange
LoadLibraryA
GetProcAddress
CreateFileA
lstrcpyA
lstrlenA
GetWindowsDirectoryA
VirtualAlloc

user32

BroadcastSystemMessageA
ChangeDisplaySettingsExA
ChangeMenuW
CharLowerBuffW
CharPrevA
CharUpperW
CountClipboardFormats
CreateDesktopW
CreateIconFromResourceEx
CreateMenu
DdeAddData
DdeEnableCallback
DdeGetLastError
DdeNameService
DefFrameProcA
DeferWindowPos
DrawFrameControl
EndMenu
EnumDesktopsA
EnumDesktopsW
EnumDisplayDevicesW
EnumDisplayMonitors
EnumPropsExA
EnumWindowStationsA
EnumWindowStationsW
FindWindowExW
GetAsyncKeyState
GetCaretBlinkTime
GetClassInfoExW
GetClassWord
GetClipboardFormatNameA
GetComboBoxInfo
GetDesktopWindow
GetDlgCtrlID
GetKeyboardLayout
GetKeyboardLayoutNameA
GetLastActivePopup
GetListBoxInfo
GetMenuDefaultItem
GetMenuStringW
GetOpenClipboardWindow
GetShellWindow
GetTitleBarInfo
GetWindowDC
GrayStringW
HideCaret
HiliteMenuItem
IMPGetIMEA
IMPQueryIMEA
InternalGetWindowText
IsWindow
LoadAcceleratorsA
LoadImageW
LockWindowUpdate
MessageBoxExA
OemToCharBuffW
OemToCharW
OpenIcon
PeekMessageA
PostMessageA
RealGetWindowClassA
ReplyMessage
ReuseDDElParam
SendDlgItemMessageA
SendNotifyMessageW
SetCaretPos
SetDeskWallpaper
SetDlgItemInt
SetDlgItemTextA
SetScrollInfo
SetScrollRange
SetShellWindow
SetWindowPlacement
SetWindowsHookA
ShowCaret
SubtractRect
SwitchDesktop
SystemParametersInfoA
SystemParametersInfoW
ToUnicode
UnhookWindowsHookEx
UnregisterDeviceNotification
WINNLSEnableIME

ole32

BindMoniker
CLSIDFromProgIDEx
CoCreateGuid
CoCreateInstance
CoDisableCallCancellation
CoFileTimeNow
CoGetInstanceFromFile
CoGetMarshalSizeMax
CoGetObject
CoGetStandardMarshal
CoInitializeEx
CoInitializeSecurity
CoInstall
CoIsHandlerConnected
CoQueryProxyBlanket
CoReactivateObject
CoRegisterMessageFilter
CoTaskMemFree
CoTaskMemRealloc
CoTreatAsClass
CoUnmarshalHresult
CreateAntiMoniker
CreateBindCtx
CreateDataAdviseHolder
CreateDataCache
CreateFileMoniker
CreateGenericComposite
CreateOleAdviseHolder
CreateStdProgressIndicator
FreePropVariantArray
GetClassFile
GetConvertStg
GetHGlobalFromStream
GetRunningObjectTable
HACCEL_UserFree
HACCEL_UserUnmarshal
HBITMAP_UserMarshal
HBRUSH_UserMarshal
HDC_UserMarshal
HENHMETAFILE_UserFree
HGLOBAL_UserFree
HGLOBAL_UserMarshal
HICON_UserSize
HICON_UserUnmarshal
HMENU_UserMarshal
HMENU_UserUnmarshal
HMETAFILEPICT_UserSize
HMETAFILE_UserSize
HPALETTE_UserUnmarshal
HkOleRegisterObject
IIDFromString
MkParseDisplayName
OleConvertIStorageToOLESTREAM
OleConvertOLESTREAMToIStorage
OleConvertOLESTREAMToIStorageEx
OleCreateEx
OleCreateFromDataEx
OleCreateFromFile
OleCreateLinkEx
OleCreateLinkFromData
OleCreateLinkFromDataEx
OleCreateLinkToFileEx
OleGetIconOfFile
OleInitializeWOW
OleLoad
OleLockRunning
OleMetafilePictFromIconAndLabel
OleNoteObjectVisible
OleRegGetMiscStatus
OleSaveToStream
OleUninitialize
OpenOrCreateStream
SNB_UserSize
SNB_UserUnmarshal
STGMEDIUM_UserMarshal
StgGetIFillLockBytesOnFile
StgOpenAsyncDocfileOnIFillLockBytes
StgOpenStorageOnILockBytes
StringFromGUID2
StringFromIID
UtConvertDvtd16toDvtd32
UtGetDvtd16Info
UtGetDvtd32Info
WdtpInterfacePointer_UserMarshal
WriteClassStm
WriteFmtUserTypeStg

Sections

.text
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 648B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 180KB - Virtual size: 179KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f7261e910592986bc957118014f9d233

Code Sign

73:c2:e8:4a:e6:53:2c:94:4e:85:92:3a:67:87:27:6aCertificate

Extended Key Usages

b2:f1:97:a4:4b:a1:25:ae:e2:0f:c8:ba:1a:d8:4a:4d:43:6e:28:bfSigner

Signature Validations

Verification

01/12/2022, 14:34 Valid: false

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

ole32

Sections

.text Size: 8KB - Virtual size: 8KB

.data Size: 1024B - Virtual size: 648B

.text Size: 180KB - Virtual size: 179KB

.rsrc Size: 2KB - Virtual size: 1KB

.reloc Size: 2KB - Virtual size: 1KB

73:c2:e8:4a:e6:53:2c:94:4e:85:92:3a:67:87:27:6a
Certificate

b2:f1:97:a4:4b:a1:25:ae:e2:0f:c8:ba:1a:d8:4a:4d:43:6e:28:bf
Signer

01/12/2022, 14:34
Valid: false

.text
Size: 8KB - Virtual size: 8KB

.data
Size: 1024B - Virtual size: 648B

.text
Size: 180KB - Virtual size: 179KB

.rsrc
Size: 2KB - Virtual size: 1KB

.reloc
Size: 2KB - Virtual size: 1KB