2762368c616f67afc9000f7ce2384b2771cbc23603062f2b8b013c5253d05536

Sharing

Copy URL Twitter E-mail

General

Target

2762368c616f67afc9000f7ce2384b2771cbc23603062f2b8b013c5253d05536
Size

30KB
MD5

d6191e12ba77587cea35235729119a93
SHA1

7b56c89ff44b6c75adbb26e0393f76837a89ab60
SHA256

2762368c616f67afc9000f7ce2384b2771cbc23603062f2b8b013c5253d05536
SHA512

32b6944f6f418a8120e8229fe7019d6b409d0023a18177488006194aa429f5f697528aca8a980d53241f9674000678a59d2595442637744289debe8c06c14e2c
SSDEEP

384:08dQ+hLJNbtsW05IgfK9r61LEL9paZKnMDGoGCJEF8ZpHuz:08vdN5GTe8LELEmM3EFiRm

Score

1^/10

Malware Config

Signatures

Files

2762368c616f67afc9000f7ce2384b2771cbc23603062f2b8b013c5253d05536
.exe windows x86

34e4990544e6af329049bfefb2c51ec8

Code Sign

22:d6:05:52:5f:df:27:a2:4d:d2:6e:0d:52:68:d2:23
Certificate

Issuer

CN=Kinco,O=HMI,1.2.840.113549.1.9.1=#0c0e6c696e7979406b696e636f2e636e

Not Before

28/04/2023, 01:52

Not After

31/12/2039, 23:59

Subject

CN=Kinco,O=HMI,1.2.840.113549.1.9.1=#0c0e6c696e7979406b696e636f2e636e

39:4c:25:e1:7c:a0:6d:27:a8:65:e2:3b:d9:1d:22:d4
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

03/05/2023, 00:00

Not After

02/08/2034, 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #4,O=Sectigo Limited,ST=Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02/05/2019, 00:00

Not After

18/01/2038, 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

11:d5:10:4b:2d:7b:7c:d2:50:f6:54:91:4f:31:0c:a6:b4:94:e0:79:83:4d:27:d6:d4:e0:fc:39:63:49:d5:39
Signer

Actual PE Digest

11:d5:10:4b:2d:7b:7c:d2:50:f6:54:91:4f:31:0c:a6:b4:94:e0:79:83:4d:27:d6:d4:e0:fc:39:63:49:d5:39

Digest Algorithm

sha256

PE Digest Matches

true

Signature Validations

Trusted

false

Verification

Signing Certificate

CN=Kinco,O=HMI,1.2.840.113549.1.9.1=#0c0e6c696e7979406b696e636f2e636e

03/05/2023, 12:01
Valid: false

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcp60

?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
??0logic_error@std@@QAE@ABV01@@Z
??0out_of_range@std@@QAE@ABV01@@Z
??Hstd@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBDABV10@@Z
??_7out_of_range@std@@6B@
?_Split@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXXZ
?_Xran@std@@YAXXZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBDABV?$allocator@D@1@@Z
??Hstd@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@ABV10@PBD@Z
?_Grow@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAE_NI_N@Z
?_Eos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXI@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z
?_C@?1??_Nullstr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@CAPBDXZ@4DB
?find@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
?substr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV12@II@Z
?_Tidy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEX_N@Z
??1out_of_range@std@@UAE@XZ
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ

user32

DefWindowProcA
BeginPaint
EndPaint
PostQuitMessage
CreateWindowExA
LoadIconA
LoadCursorA
RegisterClassExA
LoadStringA
LoadAcceleratorsA
GetMessageA
TranslateAcceleratorA
TranslateMessage
DispatchMessageA
PostMessageA
DestroyWindow

msvcrt

__getmainargs
_onexit
__dllonexit
_controlfp
__CxxFrameHandler
strrchr
_except_handler3
atoi
_access
strncpy
??2@YAPAXI@Z
??0exception@@QAE@ABV0@@Z
??1exception@@UAE@XZ
??0exception@@QAE@ABQBD@Z
_CxxThrowException
memmove
free
??1type_info@@UAE@XZ
_exit
_XcptFilter
exit
_acmdln
sprintf
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type

kernel32

LoadLibraryA
FreeLibrary
OutputDebugStringA
Sleep
GetProcAddress
WaitForSingleObject
OpenProcess
CreateThread
GetModuleHandleA
GetStartupInfoA
GetModuleFileNameA

Sections

.text
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 940B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

34e4990544e6af329049bfefb2c51ec8

Code Sign

22:d6:05:52:5f:df:27:a2:4d:d2:6e:0d:52:68:d2:23Certificate

39:4c:25:e1:7c:a0:6d:27:a8:65:e2:3b:d9:1d:22:d4Certificate

Extended Key Usages

Key Usages

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9Certificate

Extended Key Usages

Key Usages

11:d5:10:4b:2d:7b:7c:d2:50:f6:54:91:4f:31:0c:a6:b4:94:e0:79:83:4d:27:d6:d4:e0:fc:39:63:49:d5:39Signer

Signature Validations

Verification

03/05/2023, 12:01 Valid: false

Headers

File Characteristics

Imports

msvcp60

user32

msvcrt

kernel32

Sections

.text Size: 8KB - Virtual size: 5KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 4KB - Virtual size: 940B

.rsrc Size: 4KB - Virtual size: 3KB

22:d6:05:52:5f:df:27:a2:4d:d2:6e:0d:52:68:d2:23
Certificate

39:4c:25:e1:7c:a0:6d:27:a8:65:e2:3b:d9:1d:22:d4
Certificate

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

11:d5:10:4b:2d:7b:7c:d2:50:f6:54:91:4f:31:0c:a6:b4:94:e0:79:83:4d:27:d6:d4:e0:fc:39:63:49:d5:39
Signer

03/05/2023, 12:01
Valid: false

.text
Size: 8KB - Virtual size: 5KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 4KB - Virtual size: 940B

.rsrc
Size: 4KB - Virtual size: 3KB