Malwarebytes Checker By PJ v1[.]1[.]rar

Sharing

Copy URL

Twitter E-mail

General

Target

Malwarebytes Checker By PJ v1.1.rar
Size

955KB
MD5

8bf2405ce79ecd6d4674973561dea1ee
SHA1

8554911db848f7ba27e175766a510f45d5113d4e
SHA256

301037e5a2b2da3f692ec0c269be54d88350740c42c4c059929457850f9edcc1
SHA512

5a03c12183b6d3cebdd1abd1f10c903b7a6204074d45331d76c2c06d9f00fff21b7f7dc867cb75457b6080f4fed69a61b417cb596be24578fc8104f8693f67a5
SSDEEP

24576:Mbqqp4Rg8o8C5eFyIMxtMoqGb0iKegm5G843:Qqqp04PgMcc09egSo

Score

7^/10

agilenet

Malware Config

Signatures

Obfuscated with Agile.Net obfuscator 1 IoCs

Detects use of the Agile.Net commercial obfuscator, which is capable of entity renaming and control flow obfuscation.

agilenet

resource	yara_rule
static1/unpack001/Malwarebytes Checker By PJ v1.1/Guna.UI2.dll	agile_net

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Malwarebytes Checker By PJ v1.1/Leaf.xNet.dll
unpack001/Malwarebytes Checker By PJ v1.1/Malwarebytes Checker By PJ v1.1.exe

Files

Malwarebytes Checker By PJ v1.1.rar
.rar

Password: vdrx6zdysxrxy75rst7u6u6
Malwarebytes Checker By PJ v1.1/Guna.UI2.dll
.dll windows x86

Password: vdrx6zdysxrxy75rst7u6u6

dae02f32a21e03ce65412f6e56942daa

Code Sign

7a:98:1b:7d:3e:b4:86:bb:45:84:c4:3c:c9:a8:3f:db
Certificate

Issuer

CN=Sobatdata Root CA

Not Before

23/10/2019, 05:22

Not After

22/10/2025, 17:00

Subject

CN=Sobatdata Software

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

2b:c7:ea:b4:68:dc:cc:69:de:29:26:72:00:01:f2:82:5e:cb:27:08
Signer

Actual PE Digest

2b:c7:ea:b4:68:dc:cc:69:de:29:26:72:00:01:f2:82:5e:cb:27:08

Digest Algorithm

sha1

PE Digest Matches

true

Signature Validations

Trusted

false

Verification

Signing Certificate

CN=Sobatdata Software

09/08/2021, 13:05
Valid: false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

mscoree

_CorDllMain

Sections

.text
Size: 2.1MB - Virtual size: 2.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Malwarebytes Checker By PJ v1.1/Leaf.xNet.dll
.dll windows x86

Password: vdrx6zdysxrxy75rst7u6u6

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

mscoree

_CorDllMain

Sections

.text
Size: 127KB - Virtual size: 126KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Malwarebytes Checker By PJ v1.1/Malwarebytes Checker By PJ v1.1.exe
.exe windows x86

Password: vdrx6zdysxrxy75rst7u6u6

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 415KB - Virtual size: 415KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sdata
Size: 512B - Virtual size: 312B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 111KB - Virtual size: 110KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Malwarebytes Checker By PJ v1.1/Result/Free[11-24-11_54].txt
Malwarebytes Checker By PJ v1.1/Screenshots/screenshots[psgy0sbf.ppd].png
.png

Sharing

General

Malware Config

Signatures

Files

Password: vdrx6zdysxrxy75rst7u6u6

Password: vdrx6zdysxrxy75rst7u6u6

dae02f32a21e03ce65412f6e56942daa

Code Sign

7a:98:1b:7d:3e:b4:86:bb:45:84:c4:3c:c9:a8:3f:dbCertificate

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:ddCertificate

Extended Key Usages

Key Usages

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15Certificate

Extended Key Usages

Key Usages

2b:c7:ea:b4:68:dc:cc:69:de:29:26:72:00:01:f2:82:5e:cb:27:08Signer

Signature Validations

Verification

09/08/2021, 13:05 Valid: false

Headers

DLL Characteristics

File Characteristics

Imports

mscoree

Sections

.text Size: 2.1MB - Virtual size: 2.1MB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 512B - Virtual size: 12B

Password: vdrx6zdysxrxy75rst7u6u6

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

File Characteristics

Imports

mscoree

Sections

.text Size: 127KB - Virtual size: 126KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 512B - Virtual size: 12B

Password: vdrx6zdysxrxy75rst7u6u6

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

File Characteristics

Imports

mscoree

Sections

.text Size: 415KB - Virtual size: 415KB

.sdata Size: 512B - Virtual size: 312B

.rsrc Size: 111KB - Virtual size: 110KB

.reloc Size: 512B - Virtual size: 12B

7a:98:1b:7d:3e:b4:86:bb:45:84:c4:3c:c9:a8:3f:db
Certificate

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

2b:c7:ea:b4:68:dc:cc:69:de:29:26:72:00:01:f2:82:5e:cb:27:08
Signer

09/08/2021, 13:05
Valid: false

.text
Size: 2.1MB - Virtual size: 2.1MB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 127KB - Virtual size: 126KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 415KB - Virtual size: 415KB

.sdata
Size: 512B - Virtual size: 312B

.rsrc
Size: 111KB - Virtual size: 110KB

.reloc
Size: 512B - Virtual size: 12B