e8faad746a67a36aa9f7ed61e3f4b96c51edc970d2fae896434c98f6412c1f38

Sharing

Copy URL

Twitter E-mail

General

Target

e8faad746a67a36aa9f7ed61e3f4b96c51edc970d2fae896434c98f6412c1f38
Size

1.4MB
MD5

b31fe52d28bc99d02f48f391f7d2ce92
SHA1

beb093d4577a3fc4cb603e19623daacb01fab84f
SHA256

e8faad746a67a36aa9f7ed61e3f4b96c51edc970d2fae896434c98f6412c1f38
SHA512

da92a26b6ff4af57cca8b452eee2962d6e35cb05e417c3968989b6318535a310ac889c6841e00041b1cee19a0baa8d27ea8a6ce2e15acc6a9694393bf9dffba4
SSDEEP

24576:65CqYT6LgebcHTfOHnMQaUtX+m00BxvAU0LMy:ICqYTSgewHYnSUtu4TFpy

Score

N/A

Malware Config

Signatures

Files

e8faad746a67a36aa9f7ed61e3f4b96c51edc970d2fae896434c98f6412c1f38
.exe windows x64

86489e35e7fbda36ffb63c69efdcdd84

Code Sign

3f:dc:7a:3e:7e:96:5e:b6:4e:3a:1a:ce:c7:32:b0:e3
Certificate

Issuer

CN=Logitech ZC-9015 USA State of Washington

Not Before

24-12-2022 20:59

Not After

25-12-2032 20:59

Subject

CN=Logitech ZC-9015 USA State of Washington

90:39:7f:9a:d2:4a:3a:13:f2:bd:91:5f:08:38:a9:43
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

11-05-2022 00:00

Not After

10-08-2033 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #3,O=Sectigo Limited,ST=Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-05-2019 00:00

Not After

18-01-2038 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

dd:b9:ff:64:85:1a:29:9f:5a:10:c9:43:30:ea:79:b5:00:57:b4:10:34:2a:cd:32:bf:b8:7e:50:5d:0b:58:c1
Signer

Actual PE Digest

dd:b9:ff:64:85:1a:29:9f:5a:10:c9:43:30:ea:79:b5:00:57:b4:10:34:2a:cd:32:bf:b8:7e:50:5d:0b:58:c1

Digest Algorithm

sha256

PE Digest Matches

true

Signature Validations

Trusted

false

Verification

Signing Certificate

CN=Logitech ZC-9015 USA State of Washington

15-12-2022 13:51
Valid: false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

shell32

PathMakeUniqueName

mscoree

_CorExeMain

advapi32

GetUserNameW

user32

DefWindowProcW

kernel32

GetModuleHandleA

Sections

.rdata
Size: - Virtual size: 874KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 802KB - Virtual size: 801KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pdata
Size: 93KB - Virtual size: 92KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

86489e35e7fbda36ffb63c69efdcdd84

Code Sign

3f:dc:7a:3e:7e:96:5e:b6:4e:3a:1a:ce:c7:32:b0:e3Certificate

90:39:7f:9a:d2:4a:3a:13:f2:bd:91:5f:08:38:a9:43Certificate

Extended Key Usages

Key Usages

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9Certificate

Extended Key Usages

Key Usages

dd:b9:ff:64:85:1a:29:9f:5a:10:c9:43:30:ea:79:b5:00:57:b4:10:34:2a:cd:32:bf:b8:7e:50:5d:0b:58:c1Signer

Signature Validations

Verification

15-12-2022 13:51 Valid: false

Headers

DLL Characteristics

File Characteristics

Imports

shell32

mscoree

advapi32

user32

kernel32

Sections

.rdata Size: - Virtual size: 874KB

.rsrc Size: 802KB - Virtual size: 801KB

.pdata Size: 93KB - Virtual size: 92KB

3f:dc:7a:3e:7e:96:5e:b6:4e:3a:1a:ce:c7:32:b0:e3
Certificate

90:39:7f:9a:d2:4a:3a:13:f2:bd:91:5f:08:38:a9:43
Certificate

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

dd:b9:ff:64:85:1a:29:9f:5a:10:c9:43:30:ea:79:b5:00:57:b4:10:34:2a:cd:32:bf:b8:7e:50:5d:0b:58:c1
Signer

15-12-2022 13:51
Valid: false

.rdata
Size: - Virtual size: 874KB

.rsrc
Size: 802KB - Virtual size: 801KB

.pdata
Size: 93KB - Virtual size: 92KB