d0ccce9178901ceacda270aad5a77aed6ba6d8385f93b10ade15d291a8da28df

Sharing

Copy URL Twitter E-mail

General

Target

d0ccce9178901ceacda270aad5a77aed6ba6d8385f93b10ade15d291a8da28df
Size

2.0MB
MD5

439729eb162975bb9bb81e9a806eecad
SHA1

31c8d3794d6b1b47ffb0db27acb2c10ed7229e11
SHA256

d0ccce9178901ceacda270aad5a77aed6ba6d8385f93b10ade15d291a8da28df
SHA512

5d355703472999459985533f88b5a24be3fe94513b25a77f46ebc35277f05e6413a52bef3090ac17d5d2037568cb4867460c9ec1cb3f91fcfae8c718d884d9b2
SSDEEP

49152:McgAUQIIWwlQAb34kuEUafThXciIh++PjIa4rl:NWwGADoIfThXFIh++P81x

Score

1^/10

Malware Config

Signatures

Files

d0ccce9178901ceacda270aad5a77aed6ba6d8385f93b10ade15d291a8da28df
.exe windows x64

ba3ee09720ca1e59171b163be69cda78

Code Sign

6e:c7:d0:b8:d8:e8:20:8e:42:35:f4:ae:ed:ad:59:27
Certificate

Issuer

CN=Acer Nitro USA AN517-58 [AN517-75-77M3]

Not Before

24/01/2023, 11:23

Not After

25/01/2033, 11:23

Subject

CN=Acer Nitro USA AN517-58 [AN517-75-77M3]

90:39:7f:9a:d2:4a:3a:13:f2:bd:91:5f:08:38:a9:43
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

11/05/2022, 00:00

Not After

10/08/2033, 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #3,O=Sectigo Limited,ST=Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02/05/2019, 00:00

Not After

18/01/2038, 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

e2:1e:6c:16:94:d8:f2:b5:c2:c9:f5:8e:ca:c9:d7:a5:66:2e:e5:e1:45:f2:18:8d:af:66:36:0b:12:6b:fb:62
Signer

Actual PE Digest

e2:1e:6c:16:94:d8:f2:b5:c2:c9:f5:8e:ca:c9:d7:a5:66:2e:e5:e1:45:f2:18:8d:af:66:36:0b:12:6b:fb:62

Digest Algorithm

sha256

PE Digest Matches

true

Signature Validations

Trusted

false

Verification

Signing Certificate

CN=Acer Nitro USA AN517-58 [AN517-75-77M3]

07/02/2023, 20:39
Valid: false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

shell32

SHChangeNotifyRegister

mscoree

_CorExeMain

advapi32

RegOpenKeyExA

user32

CreateCursor

kernel32

GetModuleHandleA

Sections

.reloc
Size: - Virtual size: 1.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 805KB - Virtual size: 804KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 102KB - Virtual size: 101KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

ba3ee09720ca1e59171b163be69cda78

Code Sign

6e:c7:d0:b8:d8:e8:20:8e:42:35:f4:ae:ed:ad:59:27Certificate

90:39:7f:9a:d2:4a:3a:13:f2:bd:91:5f:08:38:a9:43Certificate

Extended Key Usages

Key Usages

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9Certificate

Extended Key Usages

Key Usages

e2:1e:6c:16:94:d8:f2:b5:c2:c9:f5:8e:ca:c9:d7:a5:66:2e:e5:e1:45:f2:18:8d:af:66:36:0b:12:6b:fb:62Signer

Signature Validations

Verification

07/02/2023, 20:39 Valid: false

Headers

DLL Characteristics

File Characteristics

Imports

shell32

mscoree

advapi32

user32

kernel32

Sections

.reloc Size: - Virtual size: 1.0MB

.rsrc Size: 805KB - Virtual size: 804KB

.reloc Size: 102KB - Virtual size: 101KB

6e:c7:d0:b8:d8:e8:20:8e:42:35:f4:ae:ed:ad:59:27
Certificate

90:39:7f:9a:d2:4a:3a:13:f2:bd:91:5f:08:38:a9:43
Certificate

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

e2:1e:6c:16:94:d8:f2:b5:c2:c9:f5:8e:ca:c9:d7:a5:66:2e:e5:e1:45:f2:18:8d:af:66:36:0b:12:6b:fb:62
Signer

07/02/2023, 20:39
Valid: false

.reloc
Size: - Virtual size: 1.0MB

.rsrc
Size: 805KB - Virtual size: 804KB

.reloc
Size: 102KB - Virtual size: 101KB