96e65bac2f3905a35b3fdc79bcb1e607555e4980ea5767b46344a8a405faea96

Sharing

Copy URL Twitter E-mail

General

Target

96e65bac2f3905a35b3fdc79bcb1e607555e4980ea5767b46344a8a405faea96
Size

2.6MB
MD5

4ae3b492b94350e52c6dd98e5423c87c
SHA1

d828a64c58531d16d79a8daf2d71f7b909d217f3
SHA256

96e65bac2f3905a35b3fdc79bcb1e607555e4980ea5767b46344a8a405faea96
SHA512

04ac710a51c4fd7a6117c94e2b9019547aa0e15881a96314e6b5d0fc1aaa0cdf24afdacf66864df520834b7197335734bf0c94116ac5e21dd62b943e49da052f
SSDEEP

49152:VvH/K8AMNDjb3RXnwyU1vnggbRaiGcECiL:dH4MF3Yngg4i7Jm

Score

1^/10

Malware Config

Signatures

Files

96e65bac2f3905a35b3fdc79bcb1e607555e4980ea5767b46344a8a405faea96
.exe windows x86

4035d2883e01d64f3e7a9dccb1d63af5

Code Sign

26:c9:6a:4b:5d:b5:52:8e:47:ad:67:10:e4:a4:ca:12
Certificate

Issuer

CN=Integrity

Not Before

01/01/2023, 08:00

Not After

01/01/2029, 08:00

Subject

CN=Integrity

Extended Key Usages

ExtKeyUsageCodeSigning

96:4e:87:33:cd:4f:a1:d4:16:88:cc:ea:5a:d4:6d:1a:92:4e:6d:85
Signer

Actual PE Digest

96:4e:87:33:cd:4f:a1:d4:16:88:cc:ea:5a:d4:6d:1a:92:4e:6d:85

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

WriteFile
WriteConsoleW
WaitForMultipleObjects
WaitForSingleObject
VirtualQuery
VirtualFree
VirtualAlloc
SwitchToThread
SuspendThread
Sleep
SetWaitableTimer
SetUnhandledExceptionFilter
SetProcessPriorityBoost
SetEvent
SetErrorMode
SetConsoleCtrlHandler
ResumeThread
PostQueuedCompletionStatus
LoadLibraryA
LoadLibraryW
SetThreadContext
GetThreadContext
GetSystemInfo
GetSystemDirectoryA
GetStdHandle
GetQueuedCompletionStatusEx
GetProcessAffinityMask
GetProcAddress
GetEnvironmentStringsW
GetConsoleMode
FreeEnvironmentStringsW
ExitProcess
DuplicateHandle
CreateWaitableTimerExW
CreateThread
CreateIoCompletionPort
CreateEventA
CloseHandle
AddVectoredExceptionHandler

Sections

.text
Size: 853KB - Virtual size: 852KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 838KB - Virtual size: 838KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 89KB - Virtual size: 224KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

/4
Size: 512B - Virtual size: 281B

IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/19
Size: 166KB - Virtual size: 166KB

IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/32
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/46
Size: 512B - Virtual size: 48B

IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/65
Size: 270KB - Virtual size: 270KB

IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/78
Size: 170KB - Virtual size: 169KB

IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/90
Size: 56KB - Virtual size: 56KB

IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.idata
Size: 1024B - Virtual size: 982B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 66KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.symtab
Size: 134KB - Virtual size: 134KB

IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4035d2883e01d64f3e7a9dccb1d63af5

Code Sign

26:c9:6a:4b:5d:b5:52:8e:47:ad:67:10:e4:a4:ca:12Certificate

Extended Key Usages

96:4e:87:33:cd:4f:a1:d4:16:88:cc:ea:5a:d4:6d:1a:92:4e:6d:85Signer

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

Sections

.text Size: 853KB - Virtual size: 852KB

.rdata Size: 838KB - Virtual size: 838KB

.data Size: 89KB - Virtual size: 224KB

/4 Size: 512B - Virtual size: 281B

/19 Size: 166KB - Virtual size: 166KB

/32 Size: 32KB - Virtual size: 32KB

/46 Size: 512B - Virtual size: 48B

/65 Size: 270KB - Virtual size: 270KB

/78 Size: 170KB - Virtual size: 169KB

/90 Size: 56KB - Virtual size: 56KB

.idata Size: 1024B - Virtual size: 982B

.reloc Size: 66KB - Virtual size: 66KB

.symtab Size: 134KB - Virtual size: 134KB

26:c9:6a:4b:5d:b5:52:8e:47:ad:67:10:e4:a4:ca:12
Certificate

96:4e:87:33:cd:4f:a1:d4:16:88:cc:ea:5a:d4:6d:1a:92:4e:6d:85
Signer

.text
Size: 853KB - Virtual size: 852KB

.rdata
Size: 838KB - Virtual size: 838KB

.data
Size: 89KB - Virtual size: 224KB

/4
Size: 512B - Virtual size: 281B

/19
Size: 166KB - Virtual size: 166KB

/32
Size: 32KB - Virtual size: 32KB

/46
Size: 512B - Virtual size: 48B

/65
Size: 270KB - Virtual size: 270KB

/78
Size: 170KB - Virtual size: 169KB

/90
Size: 56KB - Virtual size: 56KB

.idata
Size: 1024B - Virtual size: 982B

.reloc
Size: 66KB - Virtual size: 66KB

.symtab
Size: 134KB - Virtual size: 134KB