8012fc5d50095169e92680bc7d2cb392[.]bin

Sharing

Copy URL

Twitter E-mail

General

Target

8012fc5d50095169e92680bc7d2cb392.bin
Size

464KB
MD5

2accdaa2764aa49a3a78d4d07485b6da
SHA1

60befb11b35d74d37b7ed1ce2986f330e139bf3c
SHA256

cb5ef68d4ff35c16e61cd5f9144545938e967515398862ba35b3bc51ed2d7d9c
SHA512

293c54372166e9dae371c5cbac28d4ba9ae40df5161341d793f14b31cdfb46a9a631ef6e1f60d91b2ebd23538321bca82994732a5beb7bb342687807acf0d25e
SSDEEP

12288:xHuGtIlHEQ5XSVoA2kYsgjO9hrrwA+OXamhQ1gJcR:5yEQ5iVhUeLR+f9CcR

Score

1^/10

Malware Config

Signatures

Files

8012fc5d50095169e92680bc7d2cb392.bin
.zip

Password: infected
5f5f78266fddd18f3db7791b4980df2d13184de9d1c5ac39c49751e25f83ca17.exe
.exe windows x64

Password: infected

397e37c9d4533f01f61af1a906ecbd5c

Code Sign

42:4b:6a:53:ce:c7:66:14:1c:2a:63:b1:a5:1c:41:04
Certificate

Issuer

CN=SSL.com EV Root Certification Authority RSA R2,O=SSL Corporation,L=Houston,ST=Texas,C=US

Not Before

26-03-2019 17:44

Not After

22-03-2034 17:44

Subject

CN=SSL.com EV Code Signing Intermediate CA RSA R3,O=SSL Corp,L=Houston,ST=Texas,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

40:e2:7b:74:04:aa:9b:48:5f:8a:2f:c0:c8:e5:3a:f3
Certificate

Issuer

CN=SSL.com EV Code Signing Intermediate CA RSA R3,O=SSL Corp,L=Houston,ST=Texas,C=US

Not Before

27-03-2023 15:32

Not After

26-03-2024 15:32

Subject

SERIALNUMBER=000 - 426 - 269,CN=Southern Wall Systems\, LLC,O=Southern Wall Systems\, LLC,L=Dothan,ST=Alabama,C=US,1.3.6.1.4.1.311.60.2.1.3=#13025553,1.3.6.1.4.1.311.60.2.1.2=#1307416c6162616d61,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

1a:d6:08:a7:d6:34:b5:cd:de:97:cb:a3:cc:f0:d0:4b
Certificate

Issuer

CN=SSL.com Timestamping Issuing RSA CA R1,O=SSL Corp,L=Houston,ST=Texas,C=US

Not Before

09-12-2022 18:30

Not After

06-12-2032 18:30

Subject

CN=SSL.com Timestamping Unit 2022,O=SSL Corp,L=Houston,ST=Texas,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

e4:27:04:95:f6:8c:91:d6:d0:ec:7b:49:4e:a4:df:1c
Certificate

Issuer

CN=Certum Trusted Network CA,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Not Before

11-09-2018 09:26

Not After

11-09-2023 09:26

Subject

CN=SSL.com Root Certification Authority RSA,O=SSL Corporation,L=Houston,ST=Texas,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

6d:52:18:70:87:e8:23:4d:85:60:00:d0:80:8f:93:56
Certificate

Issuer

CN=SSL.com Root Certification Authority RSA,O=SSL Corporation,L=Houston,ST=Texas,C=US

Not Before

13-11-2019 18:50

Not After

12-11-2034 18:50

Subject

CN=SSL.com Timestamping Issuing RSA CA R1,O=SSL Corp,L=Houston,ST=Texas,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

1e:9b:72:09:8e:0b:60:a4:37:bc:f0:35:4f:cf:7a:6b:96:53:b7:d5:bc:a1:b5:a1:fe:aa:2f:b4:a6:73:06:c5
Signer

Actual PE Digest

1e:9b:72:09:8e:0b:60:a4:37:bc:f0:35:4f:cf:7a:6b:96:53:b7:d5:bc:a1:b5:a1:fe:aa:2f:b4:a6:73:06:c5

Digest Algorithm

sha256

PE Digest Matches

true

Signature Validations

Trusted

true

Verification

Signing Certificate

SERIALNUMBER=000 - 426 - 269,CN=Southern Wall Systems\, LLC,O=Southern Wall Systems\, LLC,L=Dothan,ST=Alabama,C=US,1.3.6.1.4.1.311.60.2.1.3=#13025553,1.3.6.1.4.1.311.60.2.1.2=#1307416c6162616d61,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e

19-04-2023 15:51
Valid: true

Chain 1

SERIALNUMBER=000 - 426 - 269,CN=Southern Wall Systems\, LLC,O=Southern Wall Systems\, LLC,L=Dothan,ST=Alabama,C=US,1.3.6.1.4.1.311.60.2.1.3=#13025553,1.3.6.1.4.1.311.60.2.1.2=#1307416c6162616d61,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e

CN=SSL.com EV Code Signing Intermediate CA RSA R3,O=SSL Corp,L=Houston,ST=Texas,C=US

CN=SSL.com EV Root Certification Authority RSA R2,O=SSL Corporation,L=Houston,ST=Texas,C=US

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

RtlLookupFunctionEntry
RtlUnwindEx
HeapFree
HeapAlloc
GetSystemTimeAsFileTime
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
HeapReAlloc
GetCommandLineA
GetProcessHeap
GetStartupInfoA
RaiseException
RtlPcToFileHeader
ExitThread
CreateThread
HeapSize
FlsGetValue
FlsSetValue
FlsFree
FlsAlloc
HeapSetInformation
HeapCreate
HeapDestroy
GetStdHandle
Sleep
UnhandledExceptionFilter
SetUnhandledExceptionFilter
RtlCaptureContext
TerminateProcess
SetErrorMode
RtlVirtualUnwind
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
QueryPerformanceCounter
GetACP
FatalAppExitA
SetConsoleCtrlHandler
GetStringTypeA
GetStringTypeW
GetTimeZoneInformation
GetLocaleInfoW
LCMapStringA
LCMapStringW
GetDateFormatA
GetTimeFormatA
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
IsValidCodePage
GetConsoleCP
GetConsoleMode
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetEnvironmentVariableA
SetFileAttributesA
SystemTimeToFileTime
LocalFileTimeToFileTime
FileTimeToLocalFileTime
FileTimeToSystemTime
CreateFileA
GetShortPathNameA
GetVolumeInformationA
FindFirstFileA
FindClose
GetCurrentProcess
DuplicateHandle
GetThreadLocale
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
DeleteFileA
MoveFileA
GetCurrentDirectoryA
GetAtomNameA
GetOEMCP
GetCPInfo
GetModuleFileNameW
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
GlobalHandle
GlobalReAlloc
TlsAlloc
InitializeCriticalSection
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
LocalAlloc
GlobalFlags
CopyFileA
GlobalSize
FormatMessageA
LocalFree
MulDiv
GetDiskFreeSpaceA
GetFullPathNameA
GetTempFileNameA
GetFileTime
SetFileTime
GetFileAttributesA
GetTickCount
GlobalFree
GetPrivateProfileStringA
WritePrivateProfileStringA
GetPrivateProfileIntA
CreateEventA
SuspendThread
SetEvent
WaitForSingleObject
ResumeThread
SetThreadPriority
CloseHandle
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesA
GetModuleFileNameA
GetLocaleInfoA
lstrcmpA
GlobalAlloc
GetCurrentThreadId
GlobalFindAtomA
GlobalDeleteAtom
FreeLibrary
lstrcmpW
GetVersionExA
FreeResource
GlobalLock
GlobalUnlock
GetCurrentProcessId
GetProcAddress
GetModuleHandleA
LoadLibraryA
GlobalGetAtomNameA
GlobalAddAtomA
SetLastError
GetLastError
lstrlenA
lstrcmpiA
lstrcmpiW
GetStringTypeExA
GetStringTypeExW
lstrlenW
CompareStringA
CompareStringW
GetEnvironmentVariableA
MultiByteToWideChar
GetVersion
GetEnvironmentVariableW
LoadResource
LockResource
SizeofResource
FindResourceA
WideCharToMultiByte
IsDebuggerPresent
ExitProcess

user32

GetMenuStringA
GetMenuItemInfoA
GetKeyNameTextA
MapVirtualKeyA
GetSysColorBrush
LoadCursorA
DeleteMenu
GetSystemMenu
SetParent
GetDCEx
LockWindowUpdate
SetCapture
DestroyIcon
CharNextA
CopyAcceleratorTableA
InvalidateRgn
GetNextDlgGroupItem
MessageBeep
PostThreadMessageA
GetDialogBaseUnits
UnregisterClassA
RegisterClipboardFormatA
SetWindowContextHelpId
MapDialogRect
ShowOwnedPopups
GetMessageA
TranslateMessage
ValidateRect
PostQuitMessage
GetCursorPos
WindowFromPoint
ClientToScreen
SetRect
ScrollWindowEx
MoveWindow
SetWindowTextA
IsDialogMessageA
IsDlgButtonChecked
SetDlgItemTextA
SetDlgItemInt
GetDlgItemTextA
GetDlgItemInt
CheckRadioButton
CheckDlgButton
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapA
ModifyMenuA
GetMenuState
EnableMenuItem
CheckMenuItem
SendDlgItemMessageA
IsChild
SetWindowsHookExA
CallNextHookEx
GetClassLongA
GetClassLongPtrA
SetPropA
GetPropA
RemovePropA
GetWindowTextLengthA
GetWindowTextA
DispatchMessageA
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
AppendMenuA
GetWindowLongPtrA
SetWindowLongPtrA
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
MapWindowPoints
ScrollWindow
TrackPopupMenuEx
TrackPopupMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
SetForegroundWindow
ShowScrollBar
CreateWindowExA
GetClassInfoExA
RegisterClassA
AdjustWindowRectEx
ScreenToClient
DeferWindowPos
GetScrollInfo
SetScrollInfo
SetWindowPlacement
DefWindowProcA
CallWindowProcA
SystemParametersInfoA
GetWindowPlacement
UnionRect
IsRectEmpty
GetWindowRect
GetDC
GetSystemMetrics
ReleaseDC
RegisterWindowMessageA
UnpackDDElParam
ReuseDDElParam
LoadMenuA
DestroyMenu
GetClassNameA
GetSysColor
WinHelpA
SetWindowPos
SetFocus
GetWindowThreadProcessId
GetActiveWindow
MessageBoxA
UpdateWindow
EnableWindow
GetClientRect
InvalidateRect
SetTimer
IsWindowEnabled
GetFocus
EqualRect
GetDlgItem
SetWindowLongA
GetKeyState
GetDlgCtrlID
GetMenu
LoadIconA
SetCursor
PeekMessageA
GetCapture
ReleaseCapture
LoadAcceleratorsA
GetParent
InsertMenuA
RemoveMenu
InflateRect
EndPaint
BeginPaint
GetWindowDC
FillRect
CreateDialogIndirectParamA
GetNextDlgTabItem
DestroyWindow
EndDialog
PtInRect
KillTimer
TabbedTextOutA
DrawTextA
DrawTextExA
GrayStringA
CharLowerW
CharLowerA
CharUpperW
CharUpperA
TranslateAcceleratorA
IsWindow
GetWindow
ShowWindow
GetWindowLongA
GetDesktopWindow
SetMenu
PostMessageA
BringWindowToTop
GetLastActivePopup
CopyRect
SetRectEmpty
OffsetRect
IntersectRect
GetClassInfoA
CreatePopupMenu
GetMenuItemCount
GetMenuItemID
GetSubMenu
InsertMenuItemA
SendMessageA
IsIconic
IsWindowVisible
SetActiveWindow
GetForegroundWindow

gdi32

ScaleViewportExtEx
SetWindowOrgEx
OffsetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
GetCurrentPositionEx
ArcTo
PolyDraw
PolylineTo
PolyBezierTo
ExtSelectClipRgn
CreateDIBPatternBrushPt
CreatePatternBrush
GetStockObject
SelectPalette
PlayMetaFileRecord
GetObjectType
SetViewportExtEx
PlayMetaFile
GetDeviceCaps
CreatePen
ExtCreatePen
CreateSolidBrush
CreateHatchBrush
CreateFontIndirectA
CreateRectRgnIndirect
SetRectRgn
CombineRgn
PatBlt
CopyMetaFileA
CreateDCA
GetTextExtentPoint32A
GetTextColor
GetRgnBox
GetTextMetricsA
OffsetViewportOrgEx
SetViewportOrgEx
StartDocA
GetPixel
SelectClipPath
CreateRectRgn
GetClipRgn
SelectClipRgn
SetColorAdjustment
SetArcDirection
SetMapperFlags
SetTextCharacterExtra
SetTextJustification
EnumMetaFile
GetMapMode
MoveToEx
LineTo
OffsetClipRgn
IntersectClipRect
ExcludeClipRect
SetMapMode
ModifyWorldTransform
SetWorldTransform
SetGraphicsMode
SetStretchBltMode
SetROP2
SetPolyFillMode
SetBkMode
RestoreDC
SaveDC
CreateBitmap
SetBkColor
SetTextColor
GetClipBox
GetDCOrgEx
StretchDIBits
DeleteDC
GetObjectA
CreateFontA
SelectObject
GetCharWidthA
DeleteObject
BitBlt
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
CreateCompatibleDC
LPtoDP
CreateCompatibleBitmap
GetWindowExtEx
GetViewportExtEx
DPtoLP
GetBkColor
SetTextAlign

comdlg32

GetFileTitleA

winspool.drv

DocumentPropertiesA
OpenPrinterA
ClosePrinter

advapi32

RegSetValueA
GetFileSecurityA
SetFileSecurityA
RegDeleteValueA
RegSetValueExA
RegCreateKeyExA
RegQueryValueA
RegOpenKeyA
RegEnumKeyA
RegDeleteKeyA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
RegCreateKeyA

shell32

DragQueryFileA
ExtractIconA
SHGetFileInfoA
DragFinish

shlwapi

PathRemoveExtensionA
PathFindFileNameA
PathStripToRootA
PathFindExtensionA
PathIsUNCA

oledlg

ord8

ole32

OleIsCurrentClipboard
OleSetClipboard
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CoDisconnectObject
OleDuplicateData
CoTaskMemAlloc
ReleaseStgMedium
CreateBindCtx
CoTreatAsClass
ReadClassStg
OleFlushClipboard
OleRegGetUserType
WriteClassStg
WriteFmtUserTypeStg
SetConvertStg
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
CLSIDFromString
CLSIDFromProgID
StringFromCLSID
CoTaskMemFree
CoRevokeClassObject
CoRegisterClassObject
CoLoadLibrary
CoCreateInstance
CoRegisterMessageFilter
StringFromGUID2
CreateStreamOnHGlobal
ReadFmtUserTypeStg
OleRun

oleaut32

SysAllocStringLen
VariantClear
VariantChangeType
VariantInit
SysFreeString
SysStringByteLen
SysStringLen
VariantCopy
SysAllocString
SysAllocStringByteLen
OleCreateFontIndirect
VariantTimeToSystemTime
SystemTimeToVariantTime
SafeArrayDestroy
LoadTypeLi
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayGetElemsize
SafeArrayGetDim
SafeArrayCreate
SafeArrayRedim
SafeArrayAllocData
SafeArrayAllocDescriptor
SafeArrayCopy
SafeArrayGetElement
SafeArrayPtrOfIndex
SafeArrayPutElement
SafeArrayLock
SafeArrayUnlock
SafeArrayDestroyData
SafeArrayDestroyDescriptor
SysReAllocStringLen
VarDateFromStr
VarBstrFromCy
VarBstrFromDec
VarDecFromStr
VarCyFromStr
VarBstrFromDate

Sections

.text
Size: 739KB - Virtual size: 739KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 239KB - Virtual size: 238KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 17KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 56KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 41KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Password: infected

Password: infected

397e37c9d4533f01f61af1a906ecbd5c

Code Sign

42:4b:6a:53:ce:c7:66:14:1c:2a:63:b1:a5:1c:41:04Certificate

Extended Key Usages

Key Usages

40:e2:7b:74:04:aa:9b:48:5f:8a:2f:c0:c8:e5:3a:f3Certificate

Extended Key Usages

Key Usages

1a:d6:08:a7:d6:34:b5:cd:de:97:cb:a3:cc:f0:d0:4bCertificate

Extended Key Usages

Key Usages

e4:27:04:95:f6:8c:91:d6:d0:ec:7b:49:4e:a4:df:1cCertificate

Key Usages

6d:52:18:70:87:e8:23:4d:85:60:00:d0:80:8f:93:56Certificate

Extended Key Usages

Key Usages

1e:9b:72:09:8e:0b:60:a4:37:bc:f0:35:4f:cf:7a:6b:96:53:b7:d5:bc:a1:b5:a1:fe:aa:2f:b4:a6:73:06:c5Signer

Signature Validations

Verification

19-04-2023 15:51 Valid: true

Chain 1

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

shlwapi

oledlg

ole32

oleaut32

Sections

.text Size: 739KB - Virtual size: 739KB

.rdata Size: 239KB - Virtual size: 238KB

.data Size: 17KB - Virtual size: 40KB

.pdata Size: 56KB - Virtual size: 55KB

.rsrc Size: 41KB - Virtual size: 40KB

42:4b:6a:53:ce:c7:66:14:1c:2a:63:b1:a5:1c:41:04
Certificate

40:e2:7b:74:04:aa:9b:48:5f:8a:2f:c0:c8:e5:3a:f3
Certificate

1a:d6:08:a7:d6:34:b5:cd:de:97:cb:a3:cc:f0:d0:4b
Certificate

e4:27:04:95:f6:8c:91:d6:d0:ec:7b:49:4e:a4:df:1c
Certificate

6d:52:18:70:87:e8:23:4d:85:60:00:d0:80:8f:93:56
Certificate

1e:9b:72:09:8e:0b:60:a4:37:bc:f0:35:4f:cf:7a:6b:96:53:b7:d5:bc:a1:b5:a1:fe:aa:2f:b4:a6:73:06:c5
Signer

19-04-2023 15:51
Valid: true

.text
Size: 739KB - Virtual size: 739KB

.rdata
Size: 239KB - Virtual size: 238KB

.data
Size: 17KB - Virtual size: 40KB

.pdata
Size: 56KB - Virtual size: 55KB

.rsrc
Size: 41KB - Virtual size: 40KB