8728966323[.]zip

Sharing

Copy URL Twitter E-mail

General

Target

8728966323.zip
Size

23.8MB
MD5

d2cfabd64e656224d90208aad0bb9691
SHA1

c36ecb367956cea63ccafacec01064df311d8898
SHA256

7fd3c531757dbbc85fdd60bcef1d15bbbcc6a09bd72337738a0831c18db8c1cb
SHA512

72e9031412d23b9c5a6fc293d9f12554d779ba462d2b41dff8fbb9038fd2306fcdf0340115bd8f4b5183a6b968c7cec38ba040fac1b2488941e4aaea93b1ff59
SSDEEP

393216:C2c/XbxDib5ls7ROC2v7tFFpf/VT2B8Blgw0t+VC3YFhlL9cy3tc3plzwaaB4Gm2:C269iqYC2v7FpftT2Igw0D3Ihley3tc8

Score

N/A

Malware Config

Signatures

Files

8728966323.zip
.zip

Password: infected
01bb63f7f8093ef99140a56bc1a3006441b576bff532920bdf7173efd1a7fbea
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Code Sign

26:01:ba:7f:bf:96:8b:67:20:c2:2e:c8:0e:04:08:79:74:91:17:92
Certificate

Issuer

CN=APTX Software

Not Before

09/01/2023, 10:56

Not After

06/01/2033, 10:56

Subject

CN=APTX Software

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02/05/2019, 00:00

Not After

18/01/2038, 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

90:39:7f:9a:d2:4a:3a:13:f2:bd:91:5f:08:38:a9:43
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

11/05/2022, 00:00

Not After

10/08/2033, 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #3,O=Sectigo Limited,ST=Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

d1:33:08:82:47:2c:f8:af:ae:79:66:a1:07:af:07:ff:c4:22:ae:ee
Signer

Actual PE Digest

d1:33:08:82:47:2c:f8:af:ae:79:66:a1:07:af:07:ff:c4:22:ae:ee

Digest Algorithm

sha1

PE Digest Matches

true

Signature Validations

Trusted

false

Verification

Signing Certificate

CN=APTX Software

15/12/2022, 13:59
Valid: false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 24.0MB - Virtual size: 24.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Password: infected

f34d5f2d4577ed6d9ceec516c1f5a744

Code Sign

26:01:ba:7f:bf:96:8b:67:20:c2:2e:c8:0e:04:08:79:74:91:17:92Certificate

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9Certificate

Extended Key Usages

Key Usages

90:39:7f:9a:d2:4a:3a:13:f2:bd:91:5f:08:38:a9:43Certificate

Extended Key Usages

Key Usages

d1:33:08:82:47:2c:f8:af:ae:79:66:a1:07:af:07:ff:c4:22:ae:eeSigner

Signature Validations

Verification

15/12/2022, 13:59 Valid: false

Headers

DLL Characteristics

File Characteristics

Imports

mscoree

Sections

.text Size: 24.0MB - Virtual size: 24.0MB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 512B - Virtual size: 12B

26:01:ba:7f:bf:96:8b:67:20:c2:2e:c8:0e:04:08:79:74:91:17:92
Certificate

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

90:39:7f:9a:d2:4a:3a:13:f2:bd:91:5f:08:38:a9:43
Certificate

d1:33:08:82:47:2c:f8:af:ae:79:66:a1:07:af:07:ff:c4:22:ae:ee
Signer

15/12/2022, 13:59
Valid: false

.text
Size: 24.0MB - Virtual size: 24.0MB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 12B