b4bcb4be0d1e839942b9ebc99b74130414aad5a6cfea54ba20b78627257c169e

Sharing

Copy URL

Twitter E-mail

General

Target

b4bcb4be0d1e839942b9ebc99b74130414aad5a6cfea54ba20b78627257c169e
Size

4.2MB
MD5

cfb2a07f74e7066981fd803175c32d3e
SHA1

d8758110235c0932447c2301f098d2b3928db127
SHA256

b4bcb4be0d1e839942b9ebc99b74130414aad5a6cfea54ba20b78627257c169e
SHA512

6fdb9cdb6d75024c1503de0672d585619ddec8acb41f1a331ab022a88b8722a41d6c9cbdd898923b5075859bbdb14b802620497180a7812a239dd4d7eb36e96a
SSDEEP

98304:T3UN1y4PtTqeKJ1o9JsE9ljpsu4uoB66tSj1xv44:oN0gi+9JP9ljifEb1a4

Score

1^/10

Malware Config

Signatures

Files

b4bcb4be0d1e839942b9ebc99b74130414aad5a6cfea54ba20b78627257c169e
.exe windows:5 windows x86

4fb0bcf26b1d5a4b99e9053f9366e05e

Code Sign

3d:a0:a0:02:d7:52:22:66:75:93:bf:41:9e:ab:81:a5
Certificate

Issuer

CN=522b0300053323224d0036132e0352222e2216260b17250f343c151c22001a3b0d00,POSTALCODE=10700,ST=0b1c1115005f5c4e130a09061b01101e15030d1400004d071702+ST=0b1c1115494a5c0a405601000f17134502120d431112025a0d5102560055050452040c11020709125303081f0a5b1f1d400c1808040a15195a101d060a1a055b0c0b0a070b

Not Before

17-10-2023 16:04

Not After

16-10-2024 16:04

Subject

CN=522b0300053323224d0036132e0352222e2216260b17250f343c151c22001a3b0d00,POSTALCODE=10700,ST=0b1c1115005f5c4e130a09061b01101e15030d1400004d071702+ST=0b1c1115494a5c0a405601000f17134502120d431112025a0d5102560055050452040c11020709125303081f0a5b1f1d400c1808040a15195a101d060a1a055b0c0b0a070b

6e:ae:fc:78:a9:15:0c:e5:c3:fd:ac:fc:92:bd:77:53:31:e1:9f:9e:d1:2d:36:c4:52:1b:dc:33:cc:fd:31:47
Signer

Actual PE Digest

6e:ae:fc:78:a9:15:0c:e5:c3:fd:ac:fc:92:bd:77:53:31:e1:9f:9e:d1:2d:36:c4:52:1b:dc:33:cc:fd:31:47

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

PeekNamedPipe
GetConsoleAliasExesA
SetComputerNameExA
GetCommState
GetModuleHandleExW
WriteConsoleInputA
CreateHardLinkA
GetTickCount
GetConsoleAliasesLengthA
GetWindowsDirectoryA
GetPriorityClass
GetVolumePathNameW
WideCharToMultiByte
LoadLibraryW
SizeofResource
SetVolumeMountPointA
GetSystemWindowsDirectoryA
GetConsoleAliasExesLengthW
GetNamedPipeInfo
InterlockedExchange
GetLastError
SetLastError
GetProcAddress
VirtualAlloc
PeekConsoleInputW
WriteConsoleOutputCharacterW
BackupWrite
RemoveDirectoryA
EnumSystemCodePagesW
LoadLibraryA
LocalAlloc
SetCalendarInfoW
SetConsoleCtrlHandler
GetNumberFormatW
BeginUpdateResourceA
AddAtomA
FoldStringW
GetOEMCP
FindFirstChangeNotificationA
FreeEnvironmentStringsW
GlobalAddAtomW
AddConsoleAliasA
SetFileAttributesW
CloseHandle
CreateFileA
FindFirstFileW
SetDefaultCommConfigA
BeginUpdateResourceW
FillConsoleOutputCharacterA
SetStdHandle
UnhandledExceptionFilter
SetUnhandledExceptionFilter
HeapFree
HeapAlloc
GetModuleHandleW
Sleep
ExitProcess
GetCommandLineA
GetStartupInfoA
WriteFile
GetStdHandle
GetModuleFileNameA
GetCPInfo
InterlockedIncrement
InterlockedDecrement
GetACP
IsValidCodePage
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
GetCurrentThreadId
HeapCreate
VirtualFree
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
HeapReAlloc
GetConsoleCP
GetConsoleMode
FlushFileBuffers
HeapSize
SetHandleCount
GetFileType
SetFilePointer
TerminateProcess
GetCurrentProcess
IsDebuggerPresent
InitializeCriticalSectionAndSpinCount
FreeEnvironmentStringsA
GetEnvironmentStrings
GetEnvironmentStringsW
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
LCMapStringA
MultiByteToWideChar
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
GetModuleHandleA
RtlUnwind
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW

user32

ChangeDisplaySettingsW
LoadMenuA
CharToOemBuffW
GetWindowTextLengthW

gdi32

GetCharABCWidthsFloatA
GetBitmapDimensionEx

advapi32

RegOpenKeyA

shell32

ExtractAssociatedIconW

Sections

.text
Size: 4.0MB - Virtual size: 4.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 5.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 95KB - Virtual size: 95KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 29KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4fb0bcf26b1d5a4b99e9053f9366e05e

Code Sign

3d:a0:a0:02:d7:52:22:66:75:93:bf:41:9e:ab:81:a5Certificate

6e:ae:fc:78:a9:15:0c:e5:c3:fd:ac:fc:92:bd:77:53:31:e1:9f:9e:d1:2d:36:c4:52:1b:dc:33:cc:fd:31:47Signer

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

Sections

.text Size: 4.0MB - Virtual size: 4.0MB

.data Size: 7KB - Virtual size: 5.3MB

.rsrc Size: 95KB - Virtual size: 95KB

.reloc Size: 29KB - Virtual size: 29KB

3d:a0:a0:02:d7:52:22:66:75:93:bf:41:9e:ab:81:a5
Certificate

6e:ae:fc:78:a9:15:0c:e5:c3:fd:ac:fc:92:bd:77:53:31:e1:9f:9e:d1:2d:36:c4:52:1b:dc:33:cc:fd:31:47
Signer

.text
Size: 4.0MB - Virtual size: 4.0MB

.data
Size: 7KB - Virtual size: 5.3MB

.rsrc
Size: 95KB - Virtual size: 95KB

.reloc
Size: 29KB - Virtual size: 29KB