4f8220780e622a6dad95e65c4f24222b07b983918c82b654e47b02d3bfca774f

Sharing

Copy URL

Twitter E-mail

General

Target

4f8220780e622a6dad95e65c4f24222b07b983918c82b654e47b02d3bfca774f
Size

3.0MB
MD5

a9a7136b94d1907ced757cd3692cc053
SHA1

5911f9dd4d54a1914f1acf5cb922d78d71dda739
SHA256

4f8220780e622a6dad95e65c4f24222b07b983918c82b654e47b02d3bfca774f
SHA512

9fe09e56000a6f9e5a03cb0a0ffa51fb503e58024951f0de328adae4ce960465a02a514dd6ff0c126181d1fd1bba76da2d5eca127741260d4373db601d028172
SSDEEP

49152:Lihb/45IX2g/DJY2+3M+zBKjp5uV+8H3IKojqkJn4OrsuRliVpscMjTXhLd5/Sv/:LihhX2mJY2+3MIDV+gXonpbRluPMj7rE

Score

1^/10

Malware Config

Signatures

Files

4f8220780e622a6dad95e65c4f24222b07b983918c82b654e47b02d3bfca774f
.exe windows x86

36931dcefeb26f32aa1f4ff6c891684d

Code Sign

6e:c7:d0:b8:d8:e8:20:8e:42:35:f4:ae:ed:ad:59:27
Certificate

Issuer

CN=Acer Nitro USA AN517-58 [AN517-75-77M3]

Not Before

24/01/2023, 11:23

Not After

25/01/2033, 11:23

Subject

CN=Acer Nitro USA AN517-58 [AN517-75-77M3]

39:4c:25:e1:7c:a0:6d:27:a8:65:e2:3b:d9:1d:22:d4
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

03/05/2023, 00:00

Not After

02/08/2034, 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #4,O=Sectigo Limited,ST=Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02/05/2019, 00:00

Not After

18/01/2038, 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

cf:b4:02:95:8e:26:9b:a0:c1:3a:b7:71:9e:00:8a:f7:0f:45:69:93:2b:08:c9:da:f9:d8:28:6a:de:7d:97:82
Signer

Actual PE Digest

cf:b4:02:95:8e:26:9b:a0:c1:3a:b7:71:9e:00:8a:f7:0f:45:69:93:2b:08:c9:da:f9:d8:28:6a:de:7d:97:82

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
GetProcAddress

user32

GetSystemMetrics

gdi32

CreateCompatibleBitmap

advapi32

RegCloseKey

shell32

SHGetFolderPathA

wininet

HttpOpenRequestA

gdiplus

GdipSaveImageToFile

Sections

.MPRESS1
Size: 2.9MB - Virtual size: 4.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

36931dcefeb26f32aa1f4ff6c891684d

Code Sign

6e:c7:d0:b8:d8:e8:20:8e:42:35:f4:ae:ed:ad:59:27Certificate

39:4c:25:e1:7c:a0:6d:27:a8:65:e2:3b:d9:1d:22:d4Certificate

Extended Key Usages

Key Usages

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9Certificate

Extended Key Usages

Key Usages

cf:b4:02:95:8e:26:9b:a0:c1:3a:b7:71:9e:00:8a:f7:0f:45:69:93:2b:08:c9:da:f9:d8:28:6a:de:7d:97:82Signer

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

wininet

gdiplus

Sections

.MPRESS1 Size: 2.9MB - Virtual size: 4.7MB

.MPRESS2 Size: 3KB - Virtual size: 3KB

.rsrc Size: 28KB - Virtual size: 28KB

6e:c7:d0:b8:d8:e8:20:8e:42:35:f4:ae:ed:ad:59:27
Certificate

39:4c:25:e1:7c:a0:6d:27:a8:65:e2:3b:d9:1d:22:d4
Certificate

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

cf:b4:02:95:8e:26:9b:a0:c1:3a:b7:71:9e:00:8a:f7:0f:45:69:93:2b:08:c9:da:f9:d8:28:6a:de:7d:97:82
Signer

.MPRESS1
Size: 2.9MB - Virtual size: 4.7MB

.MPRESS2
Size: 3KB - Virtual size: 3KB

.rsrc
Size: 28KB - Virtual size: 28KB