General

Malware Config

Signatures

Files

• ManLearningCourse-main.zip

  .zip
• ManLearningCourse-main/windll32.exe

  .exe windows x86

  f34d5f2d4577ed6d9ceec516c1f5a744

  
  

  Code Sign

  78:03:18:42:45:70:8a:41:cf:6f:01:b8:ee:b4:a9:54

  Certificate

  Issuer

  CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

  Not Before

  28-07-2020 00:00

  Not After

  18-03-2029 00:00

  Subject

  CN=GlobalSign Code Signing Root R45,O=GlobalSign nv-sa,C=BE

  Extended Key Usages

  ExtKeyUsageCodeSigning

  Key Usages

  KeyUsageDigitalSignature

  KeyUsageCertSign

  KeyUsageCRLSign

  77:bd:0e:05:b7:59:0b:b6:1d:47:61:53:1e:3f:75:ed

  Certificate

  Issuer

  CN=GlobalSign Code Signing Root R45,O=GlobalSign nv-sa,C=BE

  Not Before

  28-07-2020 00:00

  Not After

  28-07-2030 00:00

  Subject

  CN=GlobalSign GCC R45 EV CodeSigning CA 2020,O=GlobalSign nv-sa,C=BE

  Extended Key Usages

  ExtKeyUsageCodeSigning

  Key Usages

  KeyUsageDigitalSignature

  KeyUsageCertSign

  KeyUsageCRLSign

  31:67:ec:93:9e:f5:d4:2a:05:7a:e7:0f

  Certificate

  Issuer

  CN=GlobalSign GCC R45 EV CodeSigning CA 2020,O=GlobalSign nv-sa,C=BE

  Not Before

  18-10-2021 02:58

  Not After

  19-10-2022 02:58

  Subject

  SERIALNUMBER=130001068185,CN=Nota\, Inc.,O=Nota\, Inc.,STREET=Goshohachiman-cho 110-16,L=Kyoto-shi\, Kamigyo-ku,ST=Kyoto,C=JP,1.3.6.1.4.1.311.60.2.1.3=#13024a50,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e

  Extended Key Usages

  ExtKeyUsageCodeSigning

  Key Usages

  KeyUsageDigitalSignature

  01:c2:9c:7a:f4:7a:a6:02:58:0e:af:32:b1:23:b1:1d

  Certificate

  Issuer

  CN=GlobalSign Timestamping CA - SHA384 - G4,O=GlobalSign nv-sa,C=BE

  Not Before

  06-04-2022 07:44

  Not After

  08-05-2033 07:44

  Subject

  CN=Globalsign TSA for Advanced - G4,O=GlobalSign nv-sa,C=BE

  Extended Key Usages

  ExtKeyUsageTimeStamping

  Key Usages

  KeyUsageDigitalSignature

  01:ec:1c:92:40:de:fd:2e:40:5d:7c:47:74

  Certificate

  Issuer

  CN=GlobalSign,OU=GlobalSign Root CA - R6,O=GlobalSign

  Not Before

  20-06-2018 00:00

  Not After

  10-12-2034 00:00

  Subject

  CN=GlobalSign Timestamping CA - SHA384 - G4,O=GlobalSign nv-sa,C=BE

  Key Usages

  KeyUsageDigitalSignature

  KeyUsageCertSign

  KeyUsageCRLSign

  01:f2:40:42:40:ce:fd:22:db:e9:6c:71:fc

  Certificate

  Issuer

  CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

  Not Before

  20-02-2019 00:00

  Not After

  18-03-2029 10:00

  Subject

  CN=GlobalSign,OU=GlobalSign Root CA - R6,O=GlobalSign

  Key Usages

  KeyUsageCertSign

  KeyUsageCRLSign

  04:00:00:00:00:01:21:58:53:08:a2

  Certificate

  Issuer

  CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

  Not Before

  18-03-2009 10:00

  Not After

  18-03-2029 10:00

  Subject

  CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

  Key Usages

  KeyUsageCertSign

  KeyUsageCRLSign

  7d:ba:8d:31:3b:95:9a:4b:04:db:5f:32:a7:39:ea:b2:b8:1b:1f:81

  Signer

  Actual PE Digest

  7d:ba:8d:31:3b:95:9a:4b:04:db:5f:32:a7:39:ea:b2:b8:1b:1f:81

  Digest Algorithm

  sha1

  PE Digest Matches

  false

  Signature Validations

  Trusted

  true

  Verification

  Signing Certificate

  SERIALNUMBER=130001068185,CN=Nota\, Inc.,O=Nota\, Inc.,STREET=Goshohachiman-cho 110-16,L=Kyoto-shi\, Kamigyo-ku,ST=Kyoto,C=JP,1.3.6.1.4.1.311.60.2.1.3=#13024a50,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e

  16-06-2022 06:29

  Valid: true

  Chain 1

  SERIALNUMBER=130001068185,CN=Nota\, Inc.,O=Nota\, Inc.,STREET=Goshohachiman-cho 110-16,L=Kyoto-shi\, Kamigyo-ku,ST=Kyoto,C=JP,1.3.6.1.4.1.311.60.2.1.3=#13024a50,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e

  CN=GlobalSign GCC R45 EV CodeSigning CA 2020,O=GlobalSign nv-sa,C=BE

  CN=GlobalSign Code Signing Root R45,O=GlobalSign nv-sa,C=BE

  CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

  IMAGE_DLLCHARACTERISTICS_NX_COMPAT

  IMAGE_DLLCHARACTERISTICS_NO_SEH

  IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

  File Characteristics

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_32BIT_MACHINE

  Imports

  mscoree

  _CorExeMain

  Sections

  .text

  Size: 42KB - Virtual size: 41KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rsrc

  Size: 2KB - Virtual size: 1KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .reloc

  Size: 512B - Virtual size: 12B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_DISCARDABLE

  IMAGE_SCN_MEM_READ