@Jelouad_easy[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

@Jelouad_easy.exe
Size

13.0MB
MD5

5f275cc6a9841b74b4364b63a778a1e8
SHA1

708c8789c5e979000e991e1160b0ef917c18f715
SHA256

d003e279d58c9251db13ce67984b6369862789bc75e78f06c54fdcfa5f282016
SHA512

6537a2912c7c24766d57ee1bec7408f3b3219de0ea38af76b97c92316783c16ed1f000c0773f851c9b88641a44981a461b03cc1d69b80bd0d30d95a1a898877a
SSDEEP

6144:aTJcGReSCcfSNB3t2wf9zV7Dgy0SxZZpWdqAX:oJcGReSCFB3Iwf9zVDR1ZwlX

Score

1^/10

Malware Config

Signatures

Files

@Jelouad_easy.exe
.exe windows x86

4702929088abf05768d9241bcca6fcd3

Code Sign

33:00:00:03:4e:b5:3c:7a:c1:84:6f:eb:2b:00:00:00:00:03:4e
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

16/03/2023, 18:43

Not After

14/03/2024, 18:43

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08/07/2011, 20:59

Not After

08/07/2026, 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

15:e2:29:fe:14:35:70:74:b6:6a:98:f8:0b:49:59:7c
Certificate

Issuer

CN=C2RService,O=C2RService,L=Redmond,ST=Washington,C=US

Not Before

17/02/2017, 00:12

Not After

31/12/2039, 23:59

Subject

CN=C2RService,O=C2RService,L=Redmond,ST=Washington,C=US

58:1b:31:9a:af:3d:1e:ff:b5:10:c0:e2:31:a1:47:7d:3d:2f:42:c9:f4:56:75:d7:d5:0b:00:5a:c3:28:ab:88
Signer

Actual PE Digest

58:1b:31:9a:af:3d:1e:ff:b5:10:c0:e2:31:a1:47:7d:3d:2f:42:c9:f4:56:75:d7:d5:0b:00:5a:c3:28:ab:88

Digest Algorithm

sha256

PE Digest Matches

false

58:1b:31:9a:af:3d:1e:ff:b5:10:c0:e2:31:a1:47:7d:3d:2f:42:c9:f4:56:75:d7:d5:0b:00:5a:c3:28:ab:88
Signer

Actual PE Digest

58:1b:31:9a:af:3d:1e:ff:b5:10:c0:e2:31:a1:47:7d:3d:2f:42:c9:f4:56:75:d7:d5:0b:00:5a:c3:28:ab:88

Digest Algorithm

sha256

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
GetModuleHandleA
MultiByteToWideChar
DeleteAtom
InterlockedIncrement
InterlockedDecrement
Sleep
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
RtlUnwind
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RaiseException
GetCommandLineA
GetLastError
HeapFree
LCMapStringA
WideCharToMultiByte
LCMapStringW
GetCPInfo
GetModuleHandleW
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
GetCurrentThreadId
HeapAlloc
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
GetStartupInfoA
HeapCreate
VirtualFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
VirtualAlloc
HeapReAlloc
GetConsoleCP
GetConsoleMode
FlushFileBuffers
ReadFile
SetFilePointer
CloseHandle
HeapSize
GetACP
GetOEMCP
IsValidCodePage
GetLocaleInfoA
GetStringTypeA
GetStringTypeW
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
LoadLibraryA
InitializeCriticalSectionAndSpinCount
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetStdHandle
GetLocaleInfoW
CreateFileA

Sections

.text
Size: 85KB - Virtual size: 84KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.kMJcf
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 144KB - Virtual size: 151KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4702929088abf05768d9241bcca6fcd3

Code Sign

33:00:00:03:4e:b5:3c:7a:c1:84:6f:eb:2b:00:00:00:00:03:4eCertificate

Extended Key Usages

61:0e:90:d2:00:00:00:00:00:03Certificate

Key Usages

15:e2:29:fe:14:35:70:74:b6:6a:98:f8:0b:49:59:7cCertificate

58:1b:31:9a:af:3d:1e:ff:b5:10:c0:e2:31:a1:47:7d:3d:2f:42:c9:f4:56:75:d7:d5:0b:00:5a:c3:28:ab:88Signer

58:1b:31:9a:af:3d:1e:ff:b5:10:c0:e2:31:a1:47:7d:3d:2f:42:c9:f4:56:75:d7:d5:0b:00:5a:c3:28:ab:88Signer

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

Sections

.text Size: 85KB - Virtual size: 84KB

.kMJcf Size: 16KB - Virtual size: 16KB

.rdata Size: 22KB - Virtual size: 21KB

.data Size: 144KB - Virtual size: 151KB

.rsrc Size: 2KB - Virtual size: 1KB

33:00:00:03:4e:b5:3c:7a:c1:84:6f:eb:2b:00:00:00:00:03:4e
Certificate

61:0e:90:d2:00:00:00:00:00:03
Certificate

15:e2:29:fe:14:35:70:74:b6:6a:98:f8:0b:49:59:7c
Certificate

58:1b:31:9a:af:3d:1e:ff:b5:10:c0:e2:31:a1:47:7d:3d:2f:42:c9:f4:56:75:d7:d5:0b:00:5a:c3:28:ab:88
Signer

58:1b:31:9a:af:3d:1e:ff:b5:10:c0:e2:31:a1:47:7d:3d:2f:42:c9:f4:56:75:d7:d5:0b:00:5a:c3:28:ab:88
Signer

.text
Size: 85KB - Virtual size: 84KB

.kMJcf
Size: 16KB - Virtual size: 16KB

.rdata
Size: 22KB - Virtual size: 21KB

.data
Size: 144KB - Virtual size: 151KB

.rsrc
Size: 2KB - Virtual size: 1KB