DigitalLicense[.]bin[.]zip

Sharing

Copy URL Twitter E-mail

General

Target

DigitalLicense.bin.zip
Size

1.3MB
MD5

bcc628f81f983b472962c72f90b1d564
SHA1

fba2dacd4d9ee8467c8c493511fd2faedb1982cd
SHA256

b605417efc9345c3b16dfaaef0d5da458d53ebbf8dbc98d31e94693606e8f4a2
SHA512

d63d22ad6b11ef5e50e0b73dc48d71d2297e0daa179524db1ffdb1e56fd27bf7ce471230b6c871c1427413417957e6e4fb84a75783186937401ac7ade6dee8df
SSDEEP

24576:qjm52/AH60IuddKPHbvxHmnLPa8TpcH9xcLPBJDrAoiy8qWqXAVLck3nsvpT6B:qjA9pddKPHbvxaLPa86H9xcnAZ5pnAQB

Score

1^/10

Malware Config

Signatures

Files

DigitalLicense.bin.zip
.zip

Password: infected
DigitalLicense.bin
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Code Sign

50:72:3d:5d:43:14:53:6b:bc:97:1f:cb:ad:97:03:d8
Certificate

Issuer

CN=AGSoft,ST=beijing,C=china,1.2.840.113549.1.9.1=#0c137765626d6173746572406d6963726f736f6674

Not Before

31/05/2018, 19:41

Not After

31/12/2079, 16:00

Subject

CN=AGSoft,ST=beijing,C=china,1.2.840.113549.1.9.1=#0c137765626d6173746572406d6963726f736f6674

03:01:9a:02:3a:ff:58:b1:6b:d6:d5:ea:e6:17:f0:66
Certificate

Issuer

CN=DigiCert Assured ID CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22/10/2014, 00:00

Not After

22/10/2024, 00:00

Subject

CN=DigiCert Timestamp Responder,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

06:fd:f9:03:96:03:ad:ea:00:0a:eb:3f:27:bb:ba:1b
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

10/11/2006, 00:00

Not After

10/11/2021, 00:00

Subject

CN=DigiCert Assured ID CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageServerAuth
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
ExtKeyUsageEmailProtection
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

45:b2:52:08:ab:0e:6e:cf:2f:ee:fa:e3:71:0f:d1:28:06:c6:3a:db:79:87:b6:63:36:e0:90:b5:72:90:b2:87
Signer

Actual PE Digest

45:b2:52:08:ab:0e:6e:cf:2f:ee:fa:e3:71:0f:d1:28:06:c6:3a:db:79:87:b6:63:36:e0:90:b5:72:90:b2:87

Digest Algorithm

sha256

PE Digest Matches

true

Signature Validations

Trusted

false

Verification

Signing Certificate

CN=AGSoft,ST=beijing,C=china,1.2.840.113549.1.9.1=#0c137765626d6173746572406d6963726f736f6674

08/06/2018, 16:27
Valid: false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 1.9MB - Virtual size: 1.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 52KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Password: infected

f34d5f2d4577ed6d9ceec516c1f5a744

Code Sign

50:72:3d:5d:43:14:53:6b:bc:97:1f:cb:ad:97:03:d8Certificate

03:01:9a:02:3a:ff:58:b1:6b:d6:d5:ea:e6:17:f0:66Certificate

Extended Key Usages

Key Usages

06:fd:f9:03:96:03:ad:ea:00:0a:eb:3f:27:bb:ba:1bCertificate

Extended Key Usages

Key Usages

45:b2:52:08:ab:0e:6e:cf:2f:ee:fa:e3:71:0f:d1:28:06:c6:3a:db:79:87:b6:63:36:e0:90:b5:72:90:b2:87Signer

Signature Validations

Verification

08/06/2018, 16:27 Valid: false

Headers

DLL Characteristics

File Characteristics

Imports

mscoree

Sections

.text Size: 1.9MB - Virtual size: 1.9MB

.reloc Size: 512B - Virtual size: 12B

.rsrc Size: 52KB - Virtual size: 51KB

50:72:3d:5d:43:14:53:6b:bc:97:1f:cb:ad:97:03:d8
Certificate

03:01:9a:02:3a:ff:58:b1:6b:d6:d5:ea:e6:17:f0:66
Certificate

06:fd:f9:03:96:03:ad:ea:00:0a:eb:3f:27:bb:ba:1b
Certificate

45:b2:52:08:ab:0e:6e:cf:2f:ee:fa:e3:71:0f:d1:28:06:c6:3a:db:79:87:b6:63:36:e0:90:b5:72:90:b2:87
Signer

08/06/2018, 16:27
Valid: false

.text
Size: 1.9MB - Virtual size: 1.9MB

.reloc
Size: 512B - Virtual size: 12B

.rsrc
Size: 52KB - Virtual size: 51KB