ea62acbe060dc490eb791530a39f4313+dafe02260e32544e716f3511be78559927f4ec42+4a0807d875a7d40d0463e3f29b7eed0fb40fd8500ad79fcf5ac2f83d3db15e5f

Sharing

Copy URL Twitter E-mail

General

Target

ea62acbe060dc490eb791530a39f4313+dafe02260e32544e716f3511be78559927f4ec42+4a0807d875a7d40d0463e3f29b7eed0fb40fd8500ad79fcf5ac2f83d3db15e5f
Size

2.5MB
MD5

ea62acbe060dc490eb791530a39f4313
SHA1

dafe02260e32544e716f3511be78559927f4ec42
SHA256

4a0807d875a7d40d0463e3f29b7eed0fb40fd8500ad79fcf5ac2f83d3db15e5f
SHA512

681f89b945b58362bfa2edc3aab9bdb1dd641f33ccbe7518ee44df7c28d716f5fd69e5a9e091a0408f5ae8cbad9d62a24f4acc357f4fc5a8e6fe63d01d72fa20
SSDEEP

49152:74czM1YNC5tRV4ZAuqgx5bl0UK5zFl1lgE1hNQzpdaU:9Q16C53V4auvXbSbh1qE8uU

Score

1^/10

Malware Config

Signatures

Files

ea62acbe060dc490eb791530a39f4313+dafe02260e32544e716f3511be78559927f4ec42+4a0807d875a7d40d0463e3f29b7eed0fb40fd8500ad79fcf5ac2f83d3db15e5f
.dll windows x64

baa93d47220682c04d92f7797d9224ce

Code Sign

12:00:2e:63:04:38:db:88:1e:4f:1d:8b:92:00:00:00:2e:63:04
Certificate

Issuer

CN=Microsoft RSA TLS CA 01,O=Microsoft Corporation,C=US

Not Before

08/07/2022, 18:22

Not After

08/07/2023, 18:22

Subject

CN=www.microsoft.com,O=Microsoft Corporation,L=Redmond,ST=WA,C=US

a7:c5:a9:8b:e8:f2:61:83:f3:c7:22:ce:3d:5d:2d:85:9c:ac:0e:b4
Signer

Actual PE Digest

a7:c5:a9:8b:e8:f2:61:83:f3:c7:22:ce:3d:5d:2d:85:9c:ac:0e:b4

Digest Algorithm

sha1

PE Digest Matches

true

Signature Validations

Trusted

false

Verification

Signing Certificate

CN=www.microsoft.com,O=Microsoft Corporation,L=Redmond,ST=WA,C=US

07/02/2023, 20:52
Valid: false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

lstrcpy

comctl32

InitCommonControls

Exports

Exports

GameStart
curl_easy_cleanup
curl_easy_duphandle
curl_easy_escape
curl_easy_getinfo
curl_easy_init
curl_easy_option_by_id
curl_easy_option_by_name
curl_easy_option_next
curl_easy_pause
curl_easy_perform
curl_easy_recv
curl_easy_reset
curl_easy_send
curl_easy_setopt
curl_easy_strerror
curl_easy_unescape
curl_easy_upkeep
curl_escape
curl_formadd
curl_formfree
curl_formget
curl_free
curl_getdate
curl_getenv
curl_global_cleanup
curl_global_init
curl_global_init_mem
curl_global_sslset
curl_maprintf
curl_mfprintf
curl_mime_addpart
curl_mime_data
curl_mime_data_cb
curl_mime_encoder
curl_mime_filedata
curl_mime_filename
curl_mime_free
curl_mime_headers
curl_mime_init
curl_mime_name
curl_mime_subparts
curl_mime_type
curl_mprintf
curl_msnprintf
curl_msprintf
curl_multi_add_handle
curl_multi_assign
curl_multi_cleanup
curl_multi_fdset
curl_multi_info_read
curl_multi_init
curl_multi_perform
curl_multi_poll
curl_multi_remove_handle
curl_multi_setopt
curl_multi_socket
curl_multi_socket_action
curl_multi_socket_all
curl_multi_strerror
curl_multi_timeout
curl_multi_wait
curl_multi_wakeup
curl_mvaprintf
curl_mvfprintf
curl_mvprintf
curl_mvsnprintf
curl_mvsprintf
curl_pushheader_byname
curl_pushheader_bynum
curl_share_cleanup
curl_share_init
curl_share_setopt
curl_share_strerror
curl_slist_append
curl_slist_free_all
curl_strequal
curl_strnequal
curl_unescape
curl_url
curl_url_cleanup
curl_url_dup
curl_url_get
curl_url_set
curl_version
curl_version_info

Sections

Size: 330KB - Virtual size: 708KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 3.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

ulwglqiv
Size: 2.1MB - Virtual size: 2.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

lzppvupj
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 22KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

baa93d47220682c04d92f7797d9224ce

Code Sign

12:00:2e:63:04:38:db:88:1e:4f:1d:8b:92:00:00:00:2e:63:04Certificate

a7:c5:a9:8b:e8:f2:61:83:f3:c7:22:ce:3d:5d:2d:85:9c:ac:0e:b4Signer

Signature Validations

Verification

07/02/2023, 20:52 Valid: false

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

comctl32

Exports

Exports

Sections

Size: 330KB - Virtual size: 708KB

.rsrc Size: 1024B - Virtual size: 1KB

.idata Size: 512B - Virtual size: 4KB

Size: 512B - Virtual size: 3.8MB

ulwglqiv Size: 2.1MB - Virtual size: 2.1MB

lzppvupj Size: 512B - Virtual size: 4KB

.pdata Size: 22KB - Virtual size: 24KB

12:00:2e:63:04:38:db:88:1e:4f:1d:8b:92:00:00:00:2e:63:04
Certificate

a7:c5:a9:8b:e8:f2:61:83:f3:c7:22:ce:3d:5d:2d:85:9c:ac:0e:b4
Signer

07/02/2023, 20:52
Valid: false

.rsrc
Size: 1024B - Virtual size: 1KB

.idata
Size: 512B - Virtual size: 4KB

ulwglqiv
Size: 2.1MB - Virtual size: 2.1MB

lzppvupj
Size: 512B - Virtual size: 4KB

.pdata
Size: 22KB - Virtual size: 24KB