34b39ea9010131343325a0a60b420cee9ec17fff0fd1807aaf1c0b48d79c1169

Sharing

Copy URL

Twitter E-mail

General

Target

34b39ea9010131343325a0a60b420cee9ec17fff0fd1807aaf1c0b48d79c1169
Size

98KB
MD5

e381c9a39bf49ce6a045d106ac8dad63
SHA1

d95d573c17b512d28bf24dfff43f45345fd2faf0
SHA256

34b39ea9010131343325a0a60b420cee9ec17fff0fd1807aaf1c0b48d79c1169
SHA512

36d3e86ba5677f6cf49b6f3afd7a5cac1ee1db177ada1a7afd5b97aa34bcca127cbc383acae90c32f9026ba5357ee98e8bfab12397fde88eb6a3fb6f8bb2ebfd
SSDEEP

1536:qTXSYCipNeBYbR8fFegKhEj/mwExhHN3gLsWRcdZLlBcRVe2zhSgN6p1x:qTiY4BGR8fAhEs9g+ZLlBc3e2zN6pP

Score

1^/10

Malware Config

Signatures

Files

34b39ea9010131343325a0a60b420cee9ec17fff0fd1807aaf1c0b48d79c1169
.dll windows x86

8fa75f7afb42b40de04bff3ee798506a

Code Sign

23:b7:6d:e3:c1:bb:2b:1a:51:96:1e:08:ea:b7:64:e8
Certificate

Issuer

CN=USERTrust ECC Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

30/01/2020, 00:00

Not After

29/01/2030, 23:59

Subject

CN=ZeroSSL ECC Domain Secure Site CA,O=ZeroSSL,C=AT

Extended Key Usages

ExtKeyUsageServerAuth
ExtKeyUsageClientAuth

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

56:67:1d:04:ea:4f:99:4c:6f:10:81:47:59:d2:75:94
Certificate

Issuer

CN=AAA Certificate Services,O=Comodo CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

12/03/2019, 00:00

Not After

31/12/2028, 23:59

Subject

CN=USERTrust ECC Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

3c:ba:f9:47:e5:bb:3c:96:0a:95:d2:3d:7c:43:8a:c0
Certificate

Issuer

CN=ZeroSSL ECC Domain Secure Site CA,O=ZeroSSL,C=AT

Not Before

14/08/2023, 00:00

Not After

12/11/2023, 23:59

Subject

CN=cajkvkababva.com

Extended Key Usages

ExtKeyUsageServerAuth
ExtKeyUsageClientAuth

Key Usages

KeyUsageDigitalSignature

75:9d:3e:d7:cf:b8:8f:73:42:e0:a0:2a:56:a7:2b:88:c6:40:61:a4:48:88:8b:4b:88:fb:78:68:de:21:68:09
Signer

Actual PE Digest

75:9d:3e:d7:cf:b8:8f:73:42:e0:a0:2a:56:a7:2b:88:c6:40:61:a4:48:88:8b:4b:88:fb:78:68:de:21:68:09

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

MultiByteToWideChar
GetCommandLineA
GetModuleFileNameA
Process32NextW
ExitProcess
Sleep
WriteConsoleW
CloseHandle
Process32FirstW
CreateProcessA
CreateToolhelp32Snapshot
CreateFileW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
GetModuleHandleW
InterlockedFlushSList
RtlUnwind
GetLastError
SetLastError
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
GetProcAddress
LoadLibraryExW
EncodePointer
RaiseException
GetModuleHandleExW
GetModuleFileNameW
HeapAlloc
HeapFree
FindClose
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetCommandLineW
WideCharToMultiByte
GetEnvironmentStringsW
FreeEnvironmentStringsW
LCMapStringW
GetProcessHeap
GetStdHandle
GetFileType
GetStringTypeW
HeapSize
HeapReAlloc
SetStdHandle
FlushFileBuffers
WriteFile
GetConsoleOutputCP
GetConsoleMode
SetFilePointerEx
DecodePointer

advapi32

CheckTokenMembership
AllocateAndInitializeSid
FreeSid

shlwapi

PathRemoveFileSpecA

Exports

Exports

CreateIUriBuilder
CreateStringHashN
CreateUri
CreateUriFromMultiByteString
CreateUriPriv
CreateUriWithFragment
DllCanUnloadNow
DllGetActivationFactory
DllGetClassObject
DoBroadcastSystemMessage
DoCommandLinePrompt
DoPasswordDialog
DoProfileErrorDialog
FastMimeGetFileExtension
FastMimeGetIsMimeFilterEnabled
FastMimeLookupKnownType
FastMimeSetIsMimeFilterEnabled
GetIDNSettingsForIE
GetIUriPriv
GetIUriPriv2
GetPortFromUrlScheme
GetPropertyFromName
GetPropertyName
IEGetFrameUtilExports
IEGetProcessModule
IEGetTabWindowExports
IUriBuilderInternalCreateDomain
I_MprSaveConn
ImpersonateUser
IntlPercentEncodeNormalize
IsDWORDProperty
IsStringProperty
MultinetGetConnectionPerformanceA
MultinetGetConnectionPerformanceW
MultinetGetErrorTextA
MultinetGetErrorTextW
OutOfProcessExceptionEventCallback
OutOfProcessExceptionEventDebuggerLaunchCallback
OutOfProcessExceptionEventSignatureCallback
PrivateCoInternetCanonicalizeIUri
PrivateCoInternetCombineIUri
PrivateCoInternetParseIUri
ResetIDNLanguageData
ResetIEExtensibility
ResetIERegistrySettings
RetiredOrdinal
RevertImpersonate
ShowReconnectDialog
ShowReconnectDialogEnd
ShowReconnectDialogUI
UriFromHostAndScheme
WNetAddConnection2A
WNetAddConnection2W
WNetAddConnection3A
WNetAddConnection3W
WNetAddConnection4A
WNetAddConnection4W
WNetAddConnectionA
WNetAddConnectionW
WNetCancelConnection2A
WNetCancelConnection2W
WNetCancelConnectionA
WNetCancelConnectionW
WNetClearConnections
WNetCloseEnum
WNetConnectionDialog
WNetConnectionDialog1A
WNetConnectionDialog1W
WNetConnectionDialog2
WNetDirectoryNotifyA
WNetDirectoryNotifyW
WNetDisconnectDialog
WNetDisconnectDialog1A
WNetDisconnectDialog1W
WNetDisconnectDialog2
WNetEnumResourceA
WNetEnumResourceW
WNetFormatNetworkNameA
WNetFormatNetworkNameW
WNetGetConnection2A
WNetGetConnection2W
WNetGetConnection3A
WNetGetConnection3W
WNetGetConnectionA
WNetGetConnectionW
WNetGetDirectoryTypeA
WNetGetDirectoryTypeW
WNetGetLastErrorA
WNetGetLastErrorW
WNetGetNetworkInformationA
WNetGetNetworkInformationW
WNetGetPropertyTextA
WNetGetPropertyTextW
WNetGetProviderNameA
WNetGetProviderNameW
WNetGetProviderTypeA
WNetGetProviderTypeW
WNetGetResourceInformationA
WNetGetResourceInformationW
WNetGetResourceParentA
WNetGetResourceParentW
WNetGetSearchDialog
WNetGetUniversalNameA
WNetGetUniversalNameW
WNetGetUserA
WNetGetUserW
WNetLogonNotify
WNetOpenEnumA
WNetOpenEnumW
WNetPasswordChangeNotify
WNetPropertyDialogA
WNetPropertyDialogW
WNetRestoreAllConnectionsW
WNetRestoreSingleConnectionW
WNetSetConnectionA
WNetSetConnectionW
WNetSetLastErrorA
WNetSetLastErrorW
WNetSupportGlobalEnum
WNetUseConnection4A
WNetUseConnection4W
WNetUseConnectionA
WNetUseConnectionW
a100
a101
a102
a110
a111
a112
a123
a124
a125
a126
a127
a128
a129
a130
a134
a135
a137
a138
a139
a140
a141
a142
a143
a144
a146
a147
a148
a149
a150
a151
a152
a153
a154
a155
a156
a157
a158
a159
a16
a160
a161
a162
a163
a164
a165
a166
a167
a168
a169
a17
a170
a171
a172
a173
a174
a175
a176
a177
a178
a18
a19
a20
a200
a201
a202
a203
a204
a205
a206
a207
a208
a209
a21
a210
a211
a230
a231
a232
a24
a25
a26
a28
a280
a281
a282
a29
a30
a300
a301
a302
a303
a304
a305
a311
a312
a314
a32
a325
a33
a34
a35
a36
a37
a38
a39
a397
a398
a40
a41
a42
a43
a44
a45
a46
a466
a48
a49
a50
a51
a52
a53
a54
a55
a56
a563
a564
a57
a58
a59
a594
a595
a596
a597
a60
a600
a601
a602
a603
a604
a605
a606
a607
a608
a609
a61
a62
a63
a64
a65
a650
a651
a652
a653
a654
a655
a656
a657
a658
a659
a66
a660
a661
a662
a663
a664
a665
a666
a667
a668
a669
a67
a670
a671
a672
a673
a674
a675
a676
a677
a678
a679
a68
a680
a681
a682
a683
a684
a685
a686
a687
a688
a689
a69
a690
a691
a692
a693
a70
a700
a701
a702
a703
a705
a706
a707
a71
a72
a73
a74
a75
a76
a763
a764
a765
a77
a771
a772
a774
a775
a776
a779
a78
a780
a781
a782
a783
a79
a790
a791
a792
a793
a794
a795
a796
a797
a798
a799
a80
a81
a810
a811
a82
a820
a83
a830
a84
a85
a850
a851
a852
a854
a855
a86
a87
a870
a88
a89
a90
a901
a902
a903
a91
a910
a911
a913
a914
a915
a916
a92
a93
a94
a95
a96
a97
a98
a99

Sections

.text
Size: 49KB - Virtual size: 49KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 37KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 248B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8fa75f7afb42b40de04bff3ee798506a

Code Sign

23:b7:6d:e3:c1:bb:2b:1a:51:96:1e:08:ea:b7:64:e8Certificate

Extended Key Usages

Key Usages

56:67:1d:04:ea:4f:99:4c:6f:10:81:47:59:d2:75:94Certificate

Key Usages

3c:ba:f9:47:e5:bb:3c:96:0a:95:d2:3d:7c:43:8a:c0Certificate

Extended Key Usages

Key Usages

75:9d:3e:d7:cf:b8:8f:73:42:e0:a0:2a:56:a7:2b:88:c6:40:61:a4:48:88:8b:4b:88:fb:78:68:de:21:68:09Signer

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

advapi32

shlwapi

Exports

Exports

Sections

.text Size: 49KB - Virtual size: 49KB

.rdata Size: 37KB - Virtual size: 37KB

.data Size: 2KB - Virtual size: 4KB

.rsrc Size: 512B - Virtual size: 248B

.reloc Size: 4KB - Virtual size: 3KB

23:b7:6d:e3:c1:bb:2b:1a:51:96:1e:08:ea:b7:64:e8
Certificate

56:67:1d:04:ea:4f:99:4c:6f:10:81:47:59:d2:75:94
Certificate

3c:ba:f9:47:e5:bb:3c:96:0a:95:d2:3d:7c:43:8a:c0
Certificate

75:9d:3e:d7:cf:b8:8f:73:42:e0:a0:2a:56:a7:2b:88:c6:40:61:a4:48:88:8b:4b:88:fb:78:68:de:21:68:09
Signer

.text
Size: 49KB - Virtual size: 49KB

.rdata
Size: 37KB - Virtual size: 37KB

.data
Size: 2KB - Virtual size: 4KB

.rsrc
Size: 512B - Virtual size: 248B

.reloc
Size: 4KB - Virtual size: 3KB