advancedbattoexeconverter[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

advancedbattoexeconverter.exe
Size

801KB
MD5

2d6cf8e30b05f0d70791feee8efc501c
SHA1

7e38040b498b95ad8ed60e2d7d66b3b61003275e
SHA256

a058e6f1ae42ec1e0f09c8d23f50dc87ed8898e5d5ee0d2e18031cdf59679eb6
SHA512

da6f3540f87e939e229819a344732610da57409c1985a3344a3b9fb362393cdc6082e6ac205e5227e6c1afcaa07922bc87d58fc6948c569324cbde18ff39174d
SSDEEP

24576:HxF2L4a+4LXECLp0cPydrb2gkFby3w4FZm9oC:H+Lb+MX9KEydrSlFby3wZ9oC

Score

1^/10

Malware Config

Signatures

Files

advancedbattoexeconverter.exe
.exe windows x86

263f2c74198635066e799ddd460d8fcf

Code Sign

d4:06:9c:c2:6b:fc:90:d6:cc:16:eb:45:19:b6:e5:b9
Certificate

Issuer

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

09-01-2021 00:00

Not After

10-11-2021 23:59

Subject

CN=Brandon Dargo,O=Brandon Dargo,POSTALCODE=44805,STREET=APT D+STREET=1465 Mifflin Ave,L=Ashland,ST=Ohio,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

39:72:44:3a:f9:22:b7:51:d7:d3:6c:10:dd:31:35:95
Certificate

Issuer

CN=AAA Certificate Services,O=Comodo CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

12-03-2019 00:00

Not After

31-12-2028 23:59

Subject

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-11-2018 00:00

Not After

31-12-2030 23:59

Subject

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

e4:27:04:95:f6:8c:91:d6:d0:ec:7b:49:4e:a4:df:1c
Certificate

Issuer

CN=Certum Trusted Network CA,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Not Before

11-09-2018 09:26

Not After

11-09-2023 09:26

Subject

CN=SSL.com Root Certification Authority RSA,O=SSL Corporation,L=Houston,ST=Texas,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

31:38:63:bc:7c:01:dd:03:7e:16:97:ad:ce:ed:80:44
Certificate

Issuer

CN=SSL.com Timestamping Issuing RSA CA R1,O=SSL Corp,L=Houston,ST=Texas,C=US

Not Before

01-10-2020 17:04

Not After

29-09-2030 17:04

Subject

CN=SSL.com Timestamping Unit 2020,O=SSL Corp,L=Houston,ST=Texas,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

6d:52:18:70:87:e8:23:4d:85:60:00:d0:80:8f:93:56
Certificate

Issuer

CN=SSL.com Root Certification Authority RSA,O=SSL Corporation,L=Houston,ST=Texas,C=US

Not Before

13-11-2019 18:50

Not After

12-11-2034 18:50

Subject

CN=SSL.com Timestamping Issuing RSA CA R1,O=SSL Corp,L=Houston,ST=Texas,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

c1:a0:90:de:1a:ad:6b:21:59:b5:b9:71:ad:6b:7e:00:8f:f9:1a:28
Signer

Actual PE Digest

c1:a0:90:de:1a:ad:6b:21:59:b5:b9:71:ad:6b:7e:00:8f:f9:1a:28

Digest Algorithm

sha1

PE Digest Matches

true

Signature Validations

Trusted

true

Verification

Signing Certificate

CN=Brandon Dargo,O=Brandon Dargo,POSTALCODE=44805,STREET=APT D+STREET=1465 Mifflin Ave,L=Ashland,ST=Ohio,C=US

25-02-2021 23:18
Valid: true

Chain 1

CN=Brandon Dargo,O=Brandon Dargo,POSTALCODE=44805,STREET=APT D+STREET=1465 Mifflin Ave,L=Ashland,ST=Ohio,C=US

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Chain 2

CN=Brandon Dargo,O=Brandon Dargo,POSTALCODE=44805,STREET=APT D+STREET=1465 Mifflin Ave,L=Ashland,ST=Ohio,C=US

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

CN=AAA Certificate Services,O=Comodo CA Limited,L=Salford,ST=Greater Manchester,C=GB

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrlenA
ExitProcess
lstrcatA
lstrcpyA
RemoveDirectoryA
DeleteFileA
FreeLibrary
CloseHandle
GetProcAddress
LoadLibraryA
WriteFile
CreateFileA
CreateDirectoryA
lstrcmpA
GetFileAttributesA
GetTempPathA
GetModuleHandleA
GetFileSize
GetLastError
CreateMutexA
GetModuleFileNameA
VirtualAlloc
VirtualFree

user32

wsprintfA
MessageBoxA

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 120B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 688B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 300B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.gentee
Size: 79KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

263f2c74198635066e799ddd460d8fcf

Code Sign

d4:06:9c:c2:6b:fc:90:d6:cc:16:eb:45:19:b6:e5:b9Certificate

Extended Key Usages

Key Usages

39:72:44:3a:f9:22:b7:51:d7:d3:6c:10:dd:31:35:95Certificate

Key Usages

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6aCertificate

Extended Key Usages

Key Usages

e4:27:04:95:f6:8c:91:d6:d0:ec:7b:49:4e:a4:df:1cCertificate

Key Usages

31:38:63:bc:7c:01:dd:03:7e:16:97:ad:ce:ed:80:44Certificate

Extended Key Usages

Key Usages

6d:52:18:70:87:e8:23:4d:85:60:00:d0:80:8f:93:56Certificate

Extended Key Usages

Key Usages

c1:a0:90:de:1a:ad:6b:21:59:b5:b9:71:ad:6b:7e:00:8f:f9:1a:28Signer

Signature Validations

Verification

25-02-2021 23:18 Valid: true

Chain 1

Chain 2

Headers

File Characteristics

Imports

kernel32

user32

Sections

.text Size: 3KB - Virtual size: 3KB

.rdata Size: 512B - Virtual size: 120B

.data Size: 1024B - Virtual size: 1KB

.idata Size: 1024B - Virtual size: 688B

.reloc Size: 512B - Virtual size: 300B

.gentee Size: 79KB - Virtual size: 78KB

.rsrc Size: 10KB - Virtual size: 9KB

d4:06:9c:c2:6b:fc:90:d6:cc:16:eb:45:19:b6:e5:b9
Certificate

39:72:44:3a:f9:22:b7:51:d7:d3:6c:10:dd:31:35:95
Certificate

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

e4:27:04:95:f6:8c:91:d6:d0:ec:7b:49:4e:a4:df:1c
Certificate

31:38:63:bc:7c:01:dd:03:7e:16:97:ad:ce:ed:80:44
Certificate

6d:52:18:70:87:e8:23:4d:85:60:00:d0:80:8f:93:56
Certificate

c1:a0:90:de:1a:ad:6b:21:59:b5:b9:71:ad:6b:7e:00:8f:f9:1a:28
Signer

25-02-2021 23:18
Valid: true

.text
Size: 3KB - Virtual size: 3KB

.rdata
Size: 512B - Virtual size: 120B

.data
Size: 1024B - Virtual size: 1KB

.idata
Size: 1024B - Virtual size: 688B

.reloc
Size: 512B - Virtual size: 300B

.gentee
Size: 79KB - Virtual size: 78KB

.rsrc
Size: 10KB - Virtual size: 9KB