General

Malware Config

Signatures

Files

• 240ff64b312acf203a1498a58801bf79ad99617e7dbf961c6a289531d1b7b39b

  .dll windows x64

  
  

  Code Sign

  1f:b8:fb:34:1b:ad:b8:8a:42:98:d8:3e:97:c5:85:21

  Certificate

  Issuer

  CN=SSD Western Digital Blue SA510 1 ТБ SATA (WDS100T3B0A)

  Not Before

  28-05-2023 12:56

  Not After

  29-05-2033 12:56

  Subject

  CN=SSD Western Digital Blue SA510 1 ТБ SATA (WDS100T3B0A)

  39:4c:25:e1:7c:a0:6d:27:a8:65:e2:3b:d9:1d:22:d4

  Certificate

  Issuer

  CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

  Not Before

  03-05-2023 00:00

  Not After

  02-08-2034 23:59

  Subject

  CN=Sectigo RSA Time Stamping Signer #4,O=Sectigo Limited,ST=Manchester,C=GB

  Extended Key Usages

  ExtKeyUsageTimeStamping

  Key Usages

  KeyUsageDigitalSignature

  KeyUsageContentCommitment

  30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9

  Certificate

  Issuer

  CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

  Not Before

  02-05-2019 00:00

  Not After

  18-01-2038 23:59

  Subject

  CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

  Extended Key Usages

  ExtKeyUsageTimeStamping

  Key Usages

  KeyUsageDigitalSignature

  KeyUsageCertSign

  KeyUsageCRLSign

  b2:ff:d9:28:86:32:15:60:7c:a2:6a:7f:7a:b3:b7:d7:86:2f:13:48:80:7f:f6:05:74:3a:5b:da:4b:9e:91:26

  Signer

  Actual PE Digest

  b2:ff:d9:28:86:32:15:60:7c:a2:6a:7f:7a:b3:b7:d7:86:2f:13:48:80:7f:f6:05:74:3a:5b:da:4b:9e:91:26

  Digest Algorithm

  sha256

  PE Digest Matches

  true

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

  File Characteristics

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_LARGE_ADDRESS_AWARE

  Exports

  Exports

  rundll

  Sections

  Size: 4KB - Virtual size: 11KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  Size: 512B - Virtual size: 2KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  Size: 512B - Virtual size: 595B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  Size: 512B - Virtual size: 432B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .edata

  Size: 512B - Virtual size: 4KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .idata

  Size: 512B - Virtual size: 4KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .themida

  Size: - Virtual size: 3.7MB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .boot

  Size: 1.4MB - Virtual size: 1.4MB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ