LAPTOP-LU3D0RQ9_2023-06-08_13_36_41[.]zip

Sharing

Copy URL Twitter E-mail

General

Target

LAPTOP-LU3D0RQ9_2023-06-08_13_36_41.zip
Size

11KB
MD5

4e9ad22f78293610972c653b03837213
SHA1

4d305042542589ffb701879aa08c9418fb330d1c
SHA256

ed66ed0cd2ddd0cfb8f946f7dd3d6f2a7b40caef09ae7e605f19fba9815acee0
SHA512

a7d23a1daf0092d768874aa23f9b4b6d20e51b9f85e385a21c719a3b2b83d18a8f554836ee06c11e53a542d1877a2f2c9f9f2cea2235d5b742aecc99b5447366
SSDEEP

192:NshWSn2skqzPe1aimfKNW8PKzCCAAAohvqg/SMwzECb0AqUDJTOCiGLBVQFZMwWN:NshW2RfefAAo8g/nAD9TLYVhFrDxCPck

Score

1^/10

Malware Config

Signatures

Files

LAPTOP-LU3D0RQ9_2023-06-08_13_36_41.zip
.zip

Password: Infected1234
Device/HarddiskVolume3/Users/RozaFitriawati.LOGOS/AppData/Local/OEM/Hermes/adunits/12209a3301-230527/adunit/FoEAdHoc.exe
.exe windows x86

Password: Infected1234

f34d5f2d4577ed6d9ceec516c1f5a744

Code Sign

77:bd:0e:05:b7:59:0b:b6:1d:47:61:53:1e:3f:75:ed
Certificate

Issuer

CN=GlobalSign Code Signing Root R45,O=GlobalSign nv-sa,C=BE

Not Before

28/07/2020, 00:00

Not After

28/07/2030, 00:00

Subject

CN=GlobalSign GCC R45 EV CodeSigning CA 2020,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

35:b3:1c:79:09:3d:ee:6b:91:d3:d6:b2
Certificate

Issuer

CN=GlobalSign GCC R45 EV CodeSigning CA 2020,O=GlobalSign nv-sa,C=BE

Not Before

27/10/2022, 07:54

Not After

25/12/2023, 07:46

Subject

SERIALNUMBER=20828393,CN=Acer Incorporated,O=Acer Incorporated,STREET=7F.-5\, No. 369\, Fuxing N. Rd.\, Minfu Vil.\, Songshan Dist.,L=Taipei,ST=Taipei,C=TW,1.3.6.1.4.1.311.60.2.1.3=#13025457,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

39:4c:25:e1:7c:a0:6d:27:a8:65:e2:3b:d9:1d:22:d4
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

03/05/2023, 00:00

Not After

02/08/2034, 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #4,O=Sectigo Limited,ST=Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02/05/2019, 00:00

Not After

18/01/2038, 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

de:82:87:d6:45:6a:ea:18:36:e6:14:b4:9d:d9:fe:0d:56:7f:65:46:bc:6a:fc:7c:1b:9f:c7:05:e9:65:15:8a
Signer

Actual PE Digest

de:82:87:d6:45:6a:ea:18:36:e6:14:b4:9d:d9:fe:0d:56:7f:65:46:bc:6a:fc:7c:1b:9f:c7:05:e9:65:15:8a

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
manifest.json

Sharing

General

Malware Config

Signatures

Files

Password: Infected1234

Password: Infected1234

f34d5f2d4577ed6d9ceec516c1f5a744

Code Sign

77:bd:0e:05:b7:59:0b:b6:1d:47:61:53:1e:3f:75:edCertificate

Extended Key Usages

Key Usages

35:b3:1c:79:09:3d:ee:6b:91:d3:d6:b2Certificate

Extended Key Usages

Key Usages

39:4c:25:e1:7c:a0:6d:27:a8:65:e2:3b:d9:1d:22:d4Certificate

Extended Key Usages

Key Usages

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9Certificate

Extended Key Usages

Key Usages

de:82:87:d6:45:6a:ea:18:36:e6:14:b4:9d:d9:fe:0d:56:7f:65:46:bc:6a:fc:7c:1b:9f:c7:05:e9:65:15:8aSigner

Headers

DLL Characteristics

File Characteristics

Imports

mscoree

Sections

.text Size: 5KB - Virtual size: 5KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 512B - Virtual size: 12B

77:bd:0e:05:b7:59:0b:b6:1d:47:61:53:1e:3f:75:ed
Certificate

35:b3:1c:79:09:3d:ee:6b:91:d3:d6:b2
Certificate

39:4c:25:e1:7c:a0:6d:27:a8:65:e2:3b:d9:1d:22:d4
Certificate

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

de:82:87:d6:45:6a:ea:18:36:e6:14:b4:9d:d9:fe:0d:56:7f:65:46:bc:6a:fc:7c:1b:9f:c7:05:e9:65:15:8a
Signer

.text
Size: 5KB - Virtual size: 5KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 12B