Image_2_RGB[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

Image_2_RGB.exe
Size

878KB
MD5

338733d6773170510de8fb0b98476b89
SHA1

668fc8acceb4648ca7ccf1c20e0467587b7607ee
SHA256

69be550753c507e24141804e506421fe8c055537e29e7ae31ec55abfb7319cfc
SHA512

1d09cd062f25c0240a5103680875385612b6d4fd008e86c48543b74ab7e1e712c6ed1cfbf312ba9af98be845c708102da0366f09f9d84358ae5b06bf94dd868a
SSDEEP

24576:rTqRq8V4BZppfPO1VHCB84xqbDGCz76gvdJqaBe:vyMBZ7P8VHCbcD7z76gv3Te

Score

1^/10

Malware Config

Signatures

Files

Image_2_RGB.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Code Sign

61:b4:f7:c9:44:9f:f1:82:4b:73:d3:1a:4d:ce:87:ec
Certificate

Issuer

CN=PYROMA-LP\\radzo

Not Before

13/08/2021, 17:49

Not After

13/08/2022, 23:49

Subject

CN=PYROMA-LP\\radzo

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02/05/2019, 00:00

Not After

18/01/2038, 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

8c:77:a0:00:8f:f4:d1:b0:c6:3d:9f:3a:48:83:8d:6b
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

23/10/2020, 00:00

Not After

22/01/2032, 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #2,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

49:5b:21:cb:93:68:dc:1a:31:fa:2c:c8:f6:12:8a:44:25:f1:fe:ab:67:b5:2c:86:67:12:40:24:e7:59:b1:c5
Signer

Actual PE Digest

49:5b:21:cb:93:68:dc:1a:31:fa:2c:c8:f6:12:8a:44:25:f1:fe:ab:67:b5:2c:86:67:12:40:24:e7:59:b1:c5

Digest Algorithm

sha256

PE Digest Matches

true

Signature Validations

Trusted

false

Verification

Signing Certificate

CN=PYROMA-LP\\radzo

30/03/2023, 10:56
Valid: false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 832KB - Virtual size: 831KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 40KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f34d5f2d4577ed6d9ceec516c1f5a744

Code Sign

61:b4:f7:c9:44:9f:f1:82:4b:73:d3:1a:4d:ce:87:ecCertificate

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9Certificate

Extended Key Usages

Key Usages

8c:77:a0:00:8f:f4:d1:b0:c6:3d:9f:3a:48:83:8d:6bCertificate

Extended Key Usages

Key Usages

49:5b:21:cb:93:68:dc:1a:31:fa:2c:c8:f6:12:8a:44:25:f1:fe:ab:67:b5:2c:86:67:12:40:24:e7:59:b1:c5Signer

Signature Validations

Verification

30/03/2023, 10:56 Valid: false

Headers

DLL Characteristics

File Characteristics

Imports

mscoree

Sections

.text Size: 832KB - Virtual size: 831KB

.rsrc Size: 40KB - Virtual size: 40KB

.reloc Size: 512B - Virtual size: 12B

61:b4:f7:c9:44:9f:f1:82:4b:73:d3:1a:4d:ce:87:ec
Certificate

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

8c:77:a0:00:8f:f4:d1:b0:c6:3d:9f:3a:48:83:8d:6b
Certificate

49:5b:21:cb:93:68:dc:1a:31:fa:2c:c8:f6:12:8a:44:25:f1:fe:ab:67:b5:2c:86:67:12:40:24:e7:59:b1:c5
Signer

30/03/2023, 10:56
Valid: false

.text
Size: 832KB - Virtual size: 831KB

.rsrc
Size: 40KB - Virtual size: 40KB

.reloc
Size: 512B - Virtual size: 12B