samples1 (1)[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

samples1 (1).exe
Size

962KB
MD5

4e7b7edca70f8be32e3168ee55dc505c
SHA1

9d0ffb63b35e00bf1b9a914e5dabf6a46bc9982a
SHA256

0ac6c480140e9422a1bdfd7367211529c559fd7eba9934cbcea5c2a8e2049c60
SHA512

d63727df5cefd86ff523d1ed42d481047457923051f258376afa489285b417c4509396c7f19cc654df60bece66496a3a9a26e144866923010cb1f83fa38fa5d9
SSDEEP

24576:BSXIVAUKhBAsKQjOo6J/kCKJ5mn1Df+1fmPvX98RQypcLrw2:UTUfsJj/o/kCKWVf+5EX98RQ1

Score

1^/10

Malware Config

Signatures

Files

samples1 (1).exe
.exe windows x86

8d9db6b6122e9660c9caebe183f9306f

Code Sign

Certificate

Issuer

CN=Thinkst Root CA,OU=Thinkst Applied Research CA,O=Thinkst Applied Research,C=ZA

Not Before

07/06/2023, 10:41

Not After

06/06/2033, 10:41

Subject

CN=Microsoft Windows,O=Microsoft Corporation,C=US

Extended Key Usages

ExtKeyUsageServerAuth
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageKeyEncipherment
KeyUsageDataEncipherment
KeyUsageKeyAgreement

94:f2:d0:80:44:ae:ba:ad:51:d3:5c:3d:77:66:a9:74:68:99:13:79
Signer

Actual PE Digest

94:f2:d0:80:44:ae:ba:ad:51:d3:5c:3d:77:66:a9:74:68:99:13:79

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

CreatePropertySheetPageA
ord17
PropertySheetA

kernel32

GetComputerNameA
WriteFile
MoveFileA
SetFileTime
SetEndOfFile
SetFilePointer
GetModuleFileNameA
lstrcatA
CreateDirectoryA
MulDiv
GetCurrentDirectoryA
GetProcAddress
LoadLibraryA
FindClose
FindFirstFileA
FormatMessageA
ReadFile
GetCurrentProcess
GetVersionExA
GetTempPathA
UnmapViewOfFile
MapViewOfFile
CreateFileMappingA
GetFileSize
GetWindowsDirectoryA
GetShortPathNameA
MoveFileExA
GetVersion
LocalFileTimeToFileTime
GetFileAttributesA
lstrcmpiA
SetEnvironmentVariableA
CompareStringW
CompareStringA
GetOEMCP
GetACP
GetCPInfo
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
FlushFileBuffers
RtlUnwind
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
HeapSize
SetStdHandle
WideCharToMultiByte
GetFileType
GetStdHandle
SetHandleCount
HeapReAlloc
VirtualAlloc
VirtualFree
GetDriveTypeA
CreateFileA
GetFileTime
CloseHandle
CompareFileTime
SetFileAttributesA
DeleteFileA
lstrcpyA
lstrlenA
GetTempFileNameA
GetLastError
SetLastError
DosDateTimeToFileTime
HeapCreate
HeapDestroy
GetEnvironmentVariableA
GetCommandLineA
GetStartupInfoA
HeapAlloc
HeapFree
GetTimeZoneInformation
GetSystemTime
GetLocalTime
MultiByteToWideChar
ExitProcess
TerminateProcess
GetModuleHandleA

user32

GetWindowTextA
MessageBoxA
IsWindow
PeekMessageA
IsDialogMessageA
TranslateMessage
ExitWindowsEx
UpdateWindow
GetDlgCtrlID
GetSysColor
GetSysColorBrush
SetWindowLongA
CheckDlgButton
wsprintfA
ShowWindow
GetParent
PostMessageA
LoadStringA
SetDlgItemTextA
GetDlgItemTextA
SendMessageA
GetDC
ReleaseDC
SendDlgItemMessageA
DestroyWindow
GetDlgItem
DispatchMessageA

gdi32

SetBkColor
GetDeviceCaps
CreateFontA
DeleteObject
SetTextColor

advapi32

RegQueryValueExA
RegOpenKeyExA
RegQueryValueA
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
RegCloseKey

shell32

SHBrowseForFolderA
SHGetDesktopFolder
SHGetPathFromIDListA
SHGetMalloc

Sections

.text
Size: 56KB - Virtual size: 53KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8d9db6b6122e9660c9caebe183f9306f

Code Sign

Certificate

Extended Key Usages

Key Usages

94:f2:d0:80:44:ae:ba:ad:51:d3:5c:3d:77:66:a9:74:68:99:13:79Signer

Headers

File Characteristics

Imports

comctl32

kernel32

user32

gdi32

advapi32

shell32

Sections

.text Size: 56KB - Virtual size: 53KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 16KB - Virtual size: 67KB

.rsrc Size: 8KB - Virtual size: 5KB

94:f2:d0:80:44:ae:ba:ad:51:d3:5c:3d:77:66:a9:74:68:99:13:79
Signer

.text
Size: 56KB - Virtual size: 53KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 16KB - Virtual size: 67KB

.rsrc
Size: 8KB - Virtual size: 5KB