swtor-file-changer-v1[.]2c[.]zip

Sharing

Copy URL Twitter E-mail

General

Target

swtor-file-changer-v1.2c.zip
Size

5.1MB
MD5

bf55c46da21e8f6b5a14ed9741369285
SHA1

60e751740504b4729d410488fc99d0568f4dab65
SHA256

c5051e7af3c0ed5021592993557aaa64e75c87f6c85908c353269cb8e0d4768e
SHA512

cec907d65858b863623522192aa8e6026322be55f488ffd5f2b924e708cd21e635145d0cd4d00981a2eada9ae84ee89d209c2669f1aefcfae9a3cd07d9723798
SSDEEP

98304:H1BRR6fcDnyOFFH2C87/C35ANtH8q+C21ScEm02P+ccBD34js+fKBuFPS/MNe:H1rR3FFZzdpHZ+nJ3IsNia0Ne

Score

N/A

Malware Config

Signatures

Files

swtor-file-changer-v1.2c.zip
.zip
HashCreator.dll
.dll windows x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorDllMain

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 848B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
HashCreator.pdb
HashDictionary.dll
.dll windows x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorDllMain

Sections

.text
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 880B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
HashDictionary.pdb
Ionic.Zlib.dll
.dll windows x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorDllMain

Sections

.text
Size: 88KB - Virtual size: 84KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Ionic.Zlib.pdb
Ionic.Zlib.xml
.xml .js
SWTOR-File-Changer.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 33KB - Virtual size: 33KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sdata
Size: 512B - Virtual size: 312B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
SWTOR-File-Changer.exe.config
SWTOR-File-Changer.vshost.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Code Sign

61:19:cc:93:00:01:00:00:00:66
Certificate

Issuer

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

10/10/2011, 20:32

Not After

10/01/2013, 20:32

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

61:05:13:36:00:00:00:00:00:1a
Certificate

Issuer

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

25/07/2011, 20:42

Not After

25/10/2012, 20:42

Subject

CN=Microsoft Time-Stamp Service,OU=MOPR+OU=nCipher DSE ESN:159C-A3F7-2570,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

61:33:26:1a:00:00:00:00:00:31
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

31/08/2010, 22:19

Not After

31/08/2020, 22:29

Subject

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:16:68:34:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

03/04/2007, 12:53

Not After

03/04/2021, 13:03

Subject

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

33:00:00:00:08:e2:79:fa:0d:25:58:45:ea:00:00:00:00:00:08
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

07/07/2012, 00:14

Not After

07/10/2013, 00:14

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08/07/2011, 20:59

Not After

08/07/2026, 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

22:64:5f:e5:cf:38:f2:a2:a8:69:b4:29:9f:d2:ac:e1:72:43:a2:c4:35:f0:35:c1:ce:91:a1:5b:f4:6c:43:dc
Signer

Actual PE Digest

22:64:5f:e5:cf:38:f2:a2:a8:69:b4:29:9f:d2:ac:e1:72:43:a2:c4:35:f0:35:c1:ce:91:a1:5b:f4:6c:43:dc

Digest Algorithm

sha256

PE Digest Matches

true

Signature Validations

Trusted

false

Verification

Signing Certificate

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

15/12/2022, 13:55
Valid: false

62:ac:05:0a:9d:d8:fe:44:a8:ef:62:6a:b5:a0:96:e3:c9:0a:46:e0
Signer

Actual PE Digest

62:ac:05:0a:9d:d8:fe:44:a8:ef:62:6a:b5:a0:96:e3:c9:0a:46:e0

Digest Algorithm

sha1

PE Digest Matches

true

Signature Validations

Trusted

false

Verification

Signing Certificate

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

27/07/2012, 01:47
Valid: false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
SWTOR-File-Changer.vshost.exe.config
SWTOR-File-Changer.vshost.exe.manifest
SWTOR-File-Changer.xml
WarhammerOnlineHash.dll
.dll windows x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorDllMain

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 912B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
WarhammerOnlineHash.pdb
files/ami.chest.node
files/ami.leg.node
files/chest_naked_bfa_archetype.gr2
files/chest_naked_bfa_archetype.lod.gr2
files/chest_naked_bfb_archetype.gr2
files/chest_naked_bfb_archetype.lod.gr2
files/chest_naked_bfn_archetype.gr2
files/chest_naked_bfn_archetype.lod.gr2
files/chest_naked_bfs_archetype.gr2
files/chest_naked_bfs_archetype.lod.gr2
files/empty.clo
files/empty.gr2
files/empty_mask.dds
files/empty_mask_large.dds
files/human_diffuse.dds
files/human_diffuse.png
.png
files/human_normals.png
.png
files/leg_cathar.dds
files/leg_human.dds
files/leg_pant_bfa_archetype.gr2
files/leg_pant_bfa_archetype.lod.gr2
files/leg_pant_bfb_archetype.gr2
files/leg_pant_bfb_archetype.lod.gr2
files/leg_pant_bfn_archetype.gr2
files/leg_pant_bfn_archetype.lod.gr2
files/leg_pant_bfs_archetype.gr2
files/leg_pant_bfs_archetype.lod.gr2
files/leg_rattataki.dds
files/leg_sith.dds
files/leg_twilek.dds
files/skin_cathar.dds
files/skin_human.dds
files/skin_rattataki.dds
files/skin_rattataki_d.dds
files/skin_sith.dds
files/skin_twilek.dds
readme.txt
settings.txt

Sharing

General

Malware Config

Signatures

Files

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

File Characteristics

Imports

mscoree

Sections

.text Size: 13KB - Virtual size: 13KB

.rsrc Size: 1024B - Virtual size: 848B

.reloc Size: 512B - Virtual size: 12B

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

File Characteristics

Imports

mscoree

Sections

.text Size: 8KB - Virtual size: 8KB

.rsrc Size: 1024B - Virtual size: 880B

.reloc Size: 512B - Virtual size: 12B

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

File Characteristics

Imports

mscoree

Sections

.text Size: 88KB - Virtual size: 84KB

.rsrc Size: 4KB - Virtual size: 1KB

.reloc Size: 4KB - Virtual size: 12B

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

File Characteristics

Imports

mscoree

Sections

.text Size: 33KB - Virtual size: 33KB

.sdata Size: 512B - Virtual size: 312B

.rsrc Size: 12KB - Virtual size: 11KB

.reloc Size: 512B - Virtual size: 12B

f34d5f2d4577ed6d9ceec516c1f5a744

Code Sign

61:19:cc:93:00:01:00:00:00:66Certificate

Extended Key Usages

Key Usages

61:05:13:36:00:00:00:00:00:1aCertificate

Extended Key Usages

61:33:26:1a:00:00:00:00:00:31Certificate

Key Usages

61:16:68:34:00:00:00:00:00:1cCertificate

Extended Key Usages

Key Usages

33:00:00:00:08:e2:79:fa:0d:25:58:45:ea:00:00:00:00:00:08Certificate

Extended Key Usages

61:0e:90:d2:00:00:00:00:00:03Certificate

Key Usages

22:64:5f:e5:cf:38:f2:a2:a8:69:b4:29:9f:d2:ac:e1:72:43:a2:c4:35:f0:35:c1:ce:91:a1:5b:f4:6c:43:dcSigner

Signature Validations

Verification

15/12/2022, 13:55 Valid: false

62:ac:05:0a:9d:d8:fe:44:a8:ef:62:6a:b5:a0:96:e3:c9:0a:46:e0Signer

Signature Validations

Verification

27/07/2012, 01:47 Valid: false

Headers

DLL Characteristics

File Characteristics

Imports

mscoree

Sections

.text Size: 4KB - Virtual size: 4KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 512B - Virtual size: 12B

dae02f32a21e03ce65412f6e56942daa

.text
Size: 13KB - Virtual size: 13KB

.rsrc
Size: 1024B - Virtual size: 848B

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 8KB - Virtual size: 8KB

.rsrc
Size: 1024B - Virtual size: 880B

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 88KB - Virtual size: 84KB

.rsrc
Size: 4KB - Virtual size: 1KB

.reloc
Size: 4KB - Virtual size: 12B

.text
Size: 33KB - Virtual size: 33KB

.sdata
Size: 512B - Virtual size: 312B

.rsrc
Size: 12KB - Virtual size: 11KB

.reloc
Size: 512B - Virtual size: 12B

61:19:cc:93:00:01:00:00:00:66
Certificate

61:05:13:36:00:00:00:00:00:1a
Certificate

61:33:26:1a:00:00:00:00:00:31
Certificate

61:16:68:34:00:00:00:00:00:1c
Certificate

33:00:00:00:08:e2:79:fa:0d:25:58:45:ea:00:00:00:00:00:08
Certificate

61:0e:90:d2:00:00:00:00:00:03
Certificate

22:64:5f:e5:cf:38:f2:a2:a8:69:b4:29:9f:d2:ac:e1:72:43:a2:c4:35:f0:35:c1:ce:91:a1:5b:f4:6c:43:dc
Signer

15/12/2022, 13:55
Valid: false

62:ac:05:0a:9d:d8:fe:44:a8:ef:62:6a:b5:a0:96:e3:c9:0a:46:e0
Signer

27/07/2012, 01:47
Valid: false

.text
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 5KB - Virtual size: 4KB

.rsrc
Size: 1024B - Virtual size: 912B

.reloc
Size: 512B - Virtual size: 12B