4332bb07339c3096997fbb89b695afeb3b1e21632c8ecb4e144ec883d61ab066_JC[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

4332bb07339c3096997fbb89b695afeb3b1e21632c8ecb4e144ec883d61ab066_JC.exe
Size

330KB
MD5

5be0349cfd478100b67fa4a867cfc516
SHA1

ad95587989a7bdeb80380a9e8b179f7e11db53a8
SHA256

4332bb07339c3096997fbb89b695afeb3b1e21632c8ecb4e144ec883d61ab066
SHA512

4a942340eaa75f5a98caf8073c2acc1c8c9310113d4d9e5b76cd4d91d87baa913c250caab657bc374f20233fc79d75dc6e29c74b4e301634934593dc86eb8534
SSDEEP

1536:OphmidUnwrFnOATLZ+ZlDD44444444444444444444444444444444444444444t:sJUGpU1T83KvqAwsiYQmwf

Score

1^/10

Malware Config

Signatures

Files

4332bb07339c3096997fbb89b695afeb3b1e21632c8ecb4e144ec883d61ab066_JC.exe
.exe windows x86

5b16cc14a39a823edb97dacf08b8d418

Code Sign

02:ac:5c:26:6a:0b:40:9b:8f:0b:79:f2:ae:46:25:77
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

10-11-2006 00:00

Not After

10-11-2031 00:00

Subject

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

08:d4:35:21:85:31:72:71:c1:ce:c9:d0:5c:27:9a:f7
Certificate

Issuer

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

05-08-2020 00:00

Not After

12-07-2021 12:00

Subject

SERIALNUMBER=1177847253540,CN=Retalit LLC,O=Retalit LLC,L=Saint Petersburg,C=RU,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.3=#13025255

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18-04-2012 12:00

Not After

18-04-2027 12:00

Subject

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

d8:4f:d3:69:66:d1:f8:56:0d:4d:7f:5b:77:d4:99:aa:11:91:ec:d1
Signer

Actual PE Digest

d8:4f:d3:69:66:d1:f8:56:0d:4d:7f:5b:77:d4:99:aa:11:91:ec:d1

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

advapi32

CryptAcquireContextA

kernel32

DeleteCriticalSection
EnterCriticalSection
ExitProcess
FreeConsole
GetLastError
GetModuleHandleA
GetProcAddress
GlobalAlloc
GlobalFree
InitializeCriticalSection
LeaveCriticalSection
SetUnhandledExceptionFilter
TlsGetValue
VirtualAlloc
VirtualProtect
VirtualQuery

msvcrt

__getmainargs
__p__environ
__p__fmode
__set_app_type
_cexit
_iob
_onexit
_setmode
abort
atexit
atoi
calloc
free
fwrite
memcpy
signal
vfprintf

shell32

SHGetDesktopFolder
SHGetFileInfoA
SHGetMalloc
SHGetSpecialFolderLocation

user32

CheckMenuItem
CheckMenuRadioItem
ChildWindowFromPoint
CreatePopupMenu
CreateWindowExA
DefWindowProcA
DestroyMenu
DestroyWindow
DispatchMessageA
GetClientRect
GetDlgItem
GetKeyState
GetMenuItemID
GetMessageA
GetParent
GetSubMenu
GetSysColorBrush
GetWindowLongA
LoadAcceleratorsA
LoadCursorA
LoadIconA
LoadMenuA
MoveWindow
PostQuitMessage
RegisterClassA
ReleaseCapture
ScreenToClient
SendMessageA
SetCapture
SetClassLongA
SetCursor
SetFocus
SetWindowLongA
ShowWindow
TrackPopupMenu
TranslateAcceleratorA
TranslateMessage
UpdateWindow

comctl32

InitCommonControls

gdi32

DeleteObject

ole32

CoInitialize
CoUninitialize

Sections

.text
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.eh_fram
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 152B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 301KB - Virtual size: 301KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

5b16cc14a39a823edb97dacf08b8d418

Code Sign

02:ac:5c:26:6a:0b:40:9b:8f:0b:79:f2:ae:46:25:77Certificate

Key Usages

08:d4:35:21:85:31:72:71:c1:ce:c9:d0:5c:27:9a:f7Certificate

Extended Key Usages

Key Usages

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5cCertificate

Extended Key Usages

Key Usages

d8:4f:d3:69:66:d1:f8:56:0d:4d:7f:5b:77:d4:99:aa:11:91:ec:d1Signer

Headers

File Characteristics

Imports

advapi32

kernel32

msvcrt

shell32

user32

comctl32

gdi32

ole32

Sections

.text Size: 12KB - Virtual size: 11KB

.data Size: 2KB - Virtual size: 2KB

.rdata Size: 2KB - Virtual size: 1KB

.eh_fram Size: 3KB - Virtual size: 2KB

.bss Size: - Virtual size: 152B

.idata Size: 3KB - Virtual size: 2KB

.CRT Size: 512B - Virtual size: 24B

.tls Size: 512B - Virtual size: 32B

.rsrc Size: 301KB - Virtual size: 301KB

02:ac:5c:26:6a:0b:40:9b:8f:0b:79:f2:ae:46:25:77
Certificate

08:d4:35:21:85:31:72:71:c1:ce:c9:d0:5c:27:9a:f7
Certificate

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

d8:4f:d3:69:66:d1:f8:56:0d:4d:7f:5b:77:d4:99:aa:11:91:ec:d1
Signer

.text
Size: 12KB - Virtual size: 11KB

.data
Size: 2KB - Virtual size: 2KB

.rdata
Size: 2KB - Virtual size: 1KB

.eh_fram
Size: 3KB - Virtual size: 2KB

.bss
Size: - Virtual size: 152B

.idata
Size: 3KB - Virtual size: 2KB

.CRT
Size: 512B - Virtual size: 24B

.tls
Size: 512B - Virtual size: 32B

.rsrc
Size: 301KB - Virtual size: 301KB