#JSFS-Setup-Pa$$W0rd-2024[.]zip

Resubmissions

18/07/2023, 16:35

230718-t3ym5acc55 10

18/07/2023, 16:30

230718-t1bqkscb94 10

Sharing

Copy URL Twitter E-mail

General

Target

#JSFS-Setup-Pa$$W0rd-2024.zip
Size

21.3MB
MD5

955d2e1c77cab778e8b137635f934136
SHA1

5c9f423c107ce5ab9d3f01583e4b26212d320ddf
SHA256

208315be1fd0baa195330eabc839fa3ff70e810a17fdc0a1bfa60d1bec1994ed
SHA512

7756a48afe757bc411d36e0f4b9648fccb7cea3c187286d62db67325df78966dcc87b998658f4a4cbc6c38ac9da65a5f0f5055bb8ace17fdb94a0afe8c437b00
SSDEEP

393216:PD0rSaKI75nWEcA8rFkvp6cAmr/2jwtGd32YmDG2EIGHnqj5dF:b0rSU75ntMFGp6BQzDlEIHtH

Score

1^/10

Malware Config

Signatures

Files

#JSFS-Setup-Pa$$W0rd-2024.zip
.zip

Password: 2024
#JSFS-Setup-Pa$$W0rd-2024/!@#Setups-Pa$$W0rd-2024.rar
.rar

Password: 2024
!@#Setup-Pa$$W0rd-2024/The-Activated-Setup1.exe
.exe windows x64

Password: 2024

349ad6ed7592b66bc5d63a8931001fa9

Code Sign

0a:91:f3:b6:84:1e:24:78:6b:a2:68:d1:45:dc:a1:44
Certificate

Issuer

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

31/07/2020, 00:00

Not After

09/08/2023, 12:00

Subject

SERIALNUMBER=1027739867473,CN=Kaspersky Lab JSC,OU=Kaspersky Lab,O=Kaspersky Lab JSC,L=Moscow,C=RU,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.3=#13025255

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5a
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

21/09/2022, 00:00

Not After

21/11/2033, 23:59

Subject

CN=DigiCert Timestamp 2022 - 2,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

1a:cc:0c:ca:0c:2c:b1:40:61:6e:db:ac:81:b9:6e
Certificate

Issuer

CN=Kaspersky Lab,O=Kaspersky Lab,L=Moscow,C=RU

Not Before

25/08/2021, 14:06

Not After

25/08/2036, 14:06

Subject

CN=Kaspersky Lab,O=Kaspersky Lab,L=Moscow,C=RU

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5a
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

21/09/2022, 00:00

Not After

21/11/2033, 23:59

Subject

CN=DigiCert Timestamp 2022 - 2,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

b5:63:b0:42:e3:c5:c5:54:00:da:6c:5f:b0:09:10:d6:bf:5a:f3:cc:88:10:35:c3:7d:55:f6:1c:8e:38:08:8c
Signer

Actual PE Digest

b5:63:b0:42:e3:c5:c5:54:00:da:6c:5f:b0:09:10:d6:bf:5a:f3:cc:88:10:35:c3:7d:55:f6:1c:8e:38:08:8c

Digest Algorithm

sha256

PE Digest Matches

false

b5:63:b0:42:e3:c5:c5:54:00:da:6c:5f:b0:09:10:d6:bf:5a:f3:cc:88:10:35:c3:7d:55:f6:1c:8e:38:08:8c
Signer

Actual PE Digest

b5:63:b0:42:e3:c5:c5:54:00:da:6c:5f:b0:09:10:d6:bf:5a:f3:cc:88:10:35:c3:7d:55:f6:1c:8e:38:08:8c

Digest Algorithm

sha256

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

DeleteCriticalSection
AcquireSRWLockExclusive
GetSystemTimeAsFileTime
HeapAlloc
HeapFree
ExitProcess
GetModuleHandleA
LoadLibraryA
GetProcAddress

msvcrt

__getmainargs

ntdll

NtCancelIoFileEx
NtCreateFile

advapi32

AllocateAndInitializeSid

bcrypt

BCryptGenRandom

crypt32

CertAddCertificateContextToStore

iphlpapi

FreeMibTable

netapi32

NetApiBufferFree

ole32

CoCreateInstance

oleaut32

GetErrorInfo

pdh

PdhAddEnglishCounterW

powrprof

CallNtPowerInformation

secur32

AcceptSecurityContext

shell32

CommandLineToArgvW

user32

MessageBoxW

ws2_32

WSACleanup

psapi

GetModuleFileNameExW

Sections

.text
Size: - Virtual size: 1.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 624B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: - Virtual size: 407KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pdata
Size: - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 736B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: - Virtual size: 112B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.obam0
Size: - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.obam1
Size: - Virtual size: 15.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.obam2
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.obam3
Size: 25.6MB - Virtual size: 25.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 240B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
#JSFS-Setup-Pa$$W0rd-2024/Readme.txt

Resubmissions

Sharing

General

Malware Config

Signatures

Files

Password: 2024

Password: 2024

Password: 2024

349ad6ed7592b66bc5d63a8931001fa9

Code Sign

0a:91:f3:b6:84:1e:24:78:6b:a2:68:d1:45:dc:a1:44Certificate

Extended Key Usages

Key Usages

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5cCertificate

Extended Key Usages

Key Usages

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5aCertificate

Extended Key Usages

Key Usages

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5bCertificate

Extended Key Usages

Key Usages

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5aCertificate

Key Usages

1a:cc:0c:ca:0c:2c:b1:40:61:6e:db:ac:81:b9:6eCertificate

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5aCertificate

Extended Key Usages

Key Usages

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5bCertificate

Extended Key Usages

Key Usages

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5aCertificate

Key Usages

b5:63:b0:42:e3:c5:c5:54:00:da:6c:5f:b0:09:10:d6:bf:5a:f3:cc:88:10:35:c3:7d:55:f6:1c:8e:38:08:8cSigner

b5:63:b0:42:e3:c5:c5:54:00:da:6c:5f:b0:09:10:d6:bf:5a:f3:cc:88:10:35:c3:7d:55:f6:1c:8e:38:08:8cSigner

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

msvcrt

ntdll

advapi32

bcrypt

crypt32

iphlpapi

netapi32

ole32

oleaut32

pdh

powrprof

secur32

shell32

user32

ws2_32

psapi

Sections

.text Size: - Virtual size: 1.0MB

.data Size: - Virtual size: 624B

.rdata Size: - Virtual size: 407KB

.pdata Size: - Virtual size: 29KB

.xdata Size: - Virtual size: 35KB

.bss Size: - Virtual size: 736B

.idata Size: - Virtual size: 9KB

.CRT Size: - Virtual size: 112B

.tls Size: - Virtual size: 16B

.obam0 Size: - Virtual size: 17KB

.obam1 Size: - Virtual size: 15.0MB

.obam2 Size: 4KB - Virtual size: 3KB

.obam3 Size: 25.6MB - Virtual size: 25.6MB

.reloc Size: 512B - Virtual size: 240B

.rsrc Size: 17KB - Virtual size: 17KB

0a:91:f3:b6:84:1e:24:78:6b:a2:68:d1:45:dc:a1:44
Certificate

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5a
Certificate

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

1a:cc:0c:ca:0c:2c:b1:40:61:6e:db:ac:81:b9:6e
Certificate

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5a
Certificate

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

b5:63:b0:42:e3:c5:c5:54:00:da:6c:5f:b0:09:10:d6:bf:5a:f3:cc:88:10:35:c3:7d:55:f6:1c:8e:38:08:8c
Signer

b5:63:b0:42:e3:c5:c5:54:00:da:6c:5f:b0:09:10:d6:bf:5a:f3:cc:88:10:35:c3:7d:55:f6:1c:8e:38:08:8c
Signer

.text
Size: - Virtual size: 1.0MB

.data
Size: - Virtual size: 624B

.rdata
Size: - Virtual size: 407KB

.pdata
Size: - Virtual size: 29KB

.xdata
Size: - Virtual size: 35KB

.bss
Size: - Virtual size: 736B

.idata
Size: - Virtual size: 9KB

.CRT
Size: - Virtual size: 112B

.tls
Size: - Virtual size: 16B

.obam0
Size: - Virtual size: 17KB

.obam1
Size: - Virtual size: 15.0MB

.obam2
Size: 4KB - Virtual size: 3KB

.obam3
Size: 25.6MB - Virtual size: 25.6MB

.reloc
Size: 512B - Virtual size: 240B

.rsrc
Size: 17KB - Virtual size: 17KB