11a240b53cda875e3a37b88bd49adbad309fb5fa7d2dc86e6d7b51d51c0a512b

Sharing

Copy URL Twitter E-mail

General

Target

11a240b53cda875e3a37b88bd49adbad309fb5fa7d2dc86e6d7b51d51c0a512b
Size

5.9MB
MD5

7452f6b298984fd85c4249072a3d365c
SHA1

fd219ddb895efc07be29b78eeba87a1c1cf07ec2
SHA256

11a240b53cda875e3a37b88bd49adbad309fb5fa7d2dc86e6d7b51d51c0a512b
SHA512

d6f1ed10cac829b861724bc4cbfc741307ebbb12e0891e1788ade20274155606231cf922063c30ed8150707924176b28656e4439c4dc77e82d5e6682523b9059
SSDEEP

98304:7gjyti511nPfRYoF7+mFAbunygNC02ONICnYZ9qyW6OwFthGY6mBwCSVHxMv5SzO:7gjPRb7+jOy+9zYDFFfhfjpSVHxMDpPD

Score

1^/10

Malware Config

Signatures

Files

11a240b53cda875e3a37b88bd49adbad309fb5fa7d2dc86e6d7b51d51c0a512b
.exe windows:6 windows x86

ba2991e5c9e1444512517351adde0b01

Code Sign

7c:59:e8:80:56:bd:27:65:b4:6f:9e:c4:29:37:86:e5
Certificate

Issuer

CN=Root Agency

Not Before

16/08/2023, 07:35

Not After

31/12/2039, 23:59

Subject

CN=Tuo,O=DBOGXN,1.2.840.113549.1.9.1=#0c11313034313435323332314071712e636f6d

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

gdiplus

GdipAlloc

winmm

timeGetTime

fmod

FMOD_System_Create

d3dx9_43

D3DXMatrixMultiplyTranspose

devil

ilInit

kernel32

GetStartupInfoW

user32

SendMessageW

gdi32

TextOutW

shell32

DragAcceptFiles

ole32

CoInitialize

oleaut32

VariantInit

bugtrap

BT_SetDialogMessage

discord-rpc

Discord_UpdatePresence

netapi32

NetApiBufferFree

dinput8

DirectInput8Create

imm32

ImmSetConversionStatus

ws2_32

htons

ddraw

DirectDrawCreateEx

d3d9

Direct3DCreate9

msvcrt

strncpy

iphlpapi

GetInterfaceInfo

psapi

GetMappedFileNameW

advapi32

RegDeleteKeyA

Sections

.text
Size: 4.8MB - Virtual size: 12.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sedata
Size: 968KB - Virtual size: 968KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 155KB - Virtual size: 156KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sedata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ba2991e5c9e1444512517351adde0b01

Code Sign

7c:59:e8:80:56:bd:27:65:b4:6f:9e:c4:29:37:86:e5Certificate

Signer

Headers

DLL Characteristics

File Characteristics

Imports

gdiplus

winmm

fmod

d3dx9_43

devil

kernel32

user32

gdi32

shell32

ole32

oleaut32

bugtrap

discord-rpc

netapi32

dinput8

imm32

ws2_32

ddraw

d3d9

msvcrt

iphlpapi

psapi

advapi32

Sections

.text Size: 4.8MB - Virtual size: 12.6MB

.sedata Size: 968KB - Virtual size: 968KB

.idata Size: 1KB - Virtual size: 4KB

.rsrc Size: 155KB - Virtual size: 156KB

.sedata Size: 4KB - Virtual size: 4KB

7c:59:e8:80:56:bd:27:65:b4:6f:9e:c4:29:37:86:e5
Certificate

.text
Size: 4.8MB - Virtual size: 12.6MB

.sedata
Size: 968KB - Virtual size: 968KB

.idata
Size: 1KB - Virtual size: 4KB

.rsrc
Size: 155KB - Virtual size: 156KB

.sedata
Size: 4KB - Virtual size: 4KB