DigitalLicense[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

DigitalLicense.exe
Size

1.9MB
MD5

0ae3873b40565387c8978cb7f097d5cc
SHA1

ac72a1a9aa8b5a30f05ef952c89fb32148c8be3f
SHA256

700845d0b7fc5b1ed5afe08e317b932f1ae322aa158498db2aa24936e3e1bcaf
SHA512

aa5c23c5dc3d5a46359b9bdf3be120103081285b18fa7441dd0cd573f862e52501addd14f62583210fdd0d99355c91749cfb274c7432b53efa9f199f015d3305
SSDEEP

49152:Vpg66aa+++b+xBxAtO7/eZffw8VpeDn7kJQ8Za8Se56Gzpn+3/Vm5D:VI7/eZnw8VpeD7QQ8jSo6Mp+vVc

Score

1^/10

Malware Config

Signatures

Files

DigitalLicense.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Code Sign

50:72:3d:5d:43:14:53:6b:bc:97:1f:cb:ad:97:03:d8
Certificate

Issuer

CN=AGSoft,ST=beijing,C=china,1.2.840.113549.1.9.1=#0c137765626d6173746572406d6963726f736f6674

Not Before

31/05/2018, 19:41

Not After

31/12/2079, 16:00

Subject

CN=AGSoft,ST=beijing,C=china,1.2.840.113549.1.9.1=#0c137765626d6173746572406d6963726f736f6674

03:01:9a:02:3a:ff:58:b1:6b:d6:d5:ea:e6:17:f0:66
Certificate

Issuer

CN=DigiCert Assured ID CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22/10/2014, 00:00

Not After

22/10/2024, 00:00

Subject

CN=DigiCert Timestamp Responder,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

06:fd:f9:03:96:03:ad:ea:00:0a:eb:3f:27:bb:ba:1b
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

10/11/2006, 00:00

Not After

10/11/2021, 00:00

Subject

CN=DigiCert Assured ID CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageServerAuth
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
ExtKeyUsageEmailProtection
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

e6:df:a3:dd:0e:64:a9:25:40:59:97:27:01:31:66:02:9e:16:cf:7e:b4:df:18:6f:ff:ea:2a:4d:48:7b:eb:98
Signer

Actual PE Digest

e6:df:a3:dd:0e:64:a9:25:40:59:97:27:01:31:66:02:9e:16:cf:7e:b4:df:18:6f:ff:ea:2a:4d:48:7b:eb:98

Digest Algorithm

sha256

PE Digest Matches

true

Signature Validations

Trusted

false

Verification

Signing Certificate

CN=AGSoft,ST=beijing,C=china,1.2.840.113549.1.9.1=#0c137765626d6173746572406d6963726f736f6674

13/06/2018, 15:17
Valid: false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 1.9MB - Virtual size: 1.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 52KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f34d5f2d4577ed6d9ceec516c1f5a744

Code Sign

50:72:3d:5d:43:14:53:6b:bc:97:1f:cb:ad:97:03:d8Certificate

03:01:9a:02:3a:ff:58:b1:6b:d6:d5:ea:e6:17:f0:66Certificate

Extended Key Usages

Key Usages

06:fd:f9:03:96:03:ad:ea:00:0a:eb:3f:27:bb:ba:1bCertificate

Extended Key Usages

Key Usages

e6:df:a3:dd:0e:64:a9:25:40:59:97:27:01:31:66:02:9e:16:cf:7e:b4:df:18:6f:ff:ea:2a:4d:48:7b:eb:98Signer

Signature Validations

Verification

13/06/2018, 15:17 Valid: false

Headers

DLL Characteristics

File Characteristics

Imports

mscoree

Sections

.text Size: 1.9MB - Virtual size: 1.9MB

.reloc Size: 512B - Virtual size: 12B

.rsrc Size: 52KB - Virtual size: 51KB

50:72:3d:5d:43:14:53:6b:bc:97:1f:cb:ad:97:03:d8
Certificate

03:01:9a:02:3a:ff:58:b1:6b:d6:d5:ea:e6:17:f0:66
Certificate

06:fd:f9:03:96:03:ad:ea:00:0a:eb:3f:27:bb:ba:1b
Certificate

e6:df:a3:dd:0e:64:a9:25:40:59:97:27:01:31:66:02:9e:16:cf:7e:b4:df:18:6f:ff:ea:2a:4d:48:7b:eb:98
Signer

13/06/2018, 15:17
Valid: false

.text
Size: 1.9MB - Virtual size: 1.9MB

.reloc
Size: 512B - Virtual size: 12B

.rsrc
Size: 52KB - Virtual size: 51KB