06de55c057b8778e494903b3da7588e4c9d1cec766f969000d7986ed31f213cb

Sharing

Copy URL Twitter E-mail

General

Target

06de55c057b8778e494903b3da7588e4c9d1cec766f969000d7986ed31f213cb
Size

5.2MB
MD5

3e478dcc2a01b6115012627f06045690
SHA1

c55cebd0cae4f5cf4136e9f83c0c33164a45412f
SHA256

06de55c057b8778e494903b3da7588e4c9d1cec766f969000d7986ed31f213cb
SHA512

57f30a826eba4ff69540d83f18cbe35f5756065fa62264881a7c832a750f8761e47e9bc16c6becec133e2555951dad8e4b7ab9c8048a77feb942f4703f50b305
SSDEEP

98304:y6fw/xdWJY6iIF7yKZm4deNzzt2ydOt7FECnxInG99CW:Tw/xzwGGdIDYpFwnCL

Score

1^/10

Malware Config

Signatures

Files

06de55c057b8778e494903b3da7588e4c9d1cec766f969000d7986ed31f213cb
.exe windows:6 windows x86

9ed5ffd9aebf2f772057cbc7c4430e2b

Code Sign

63:24:4d:30:d2:a1:4a:b4:4a:ad:bd:9a:36:e4:da:5a
Certificate

Issuer

CN=HDD Toshiba SATA-III 10Tb HDWG460EZSTA N300 (7200rpm) 4096Mb 2.5 Rtl

Not Before

10/12/2022, 12:00

Not After

11/12/2032, 12:00

Subject

CN=HDD Toshiba SATA-III 10Tb HDWG460EZSTA N300 (7200rpm) 4096Mb 2.5 Rtl

39:4c:25:e1:7c:a0:6d:27:a8:65:e2:3b:d9:1d:22:d4
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

03/05/2023, 00:00

Not After

02/08/2034, 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #4,O=Sectigo Limited,ST=Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02/05/2019, 00:00

Not After

18/01/2038, 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

47:86:23:2c:a6:2f:e0:ba:4d:dc:bb:8c:4a:30:d0:85:ae:c6:39:c0:7d:fe:04:8e:61:aa:bb:3e:26:e7:a5:98
Signer

Actual PE Digest

47:86:23:2c:a6:2f:e0:ba:4d:dc:bb:8c:4a:30:d0:85:ae:c6:39:c0:7d:fe:04:8e:61:aa:bb:3e:26:e7:a5:98

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetVersionExW
GetSystemTimeAsFileTime
HeapAlloc
HeapFree
ExitProcess
LoadLibraryA
GetModuleHandleA
GetProcAddress

advapi32

RegCloseKey

shell32

SHGetFolderPathA

wininet

HttpOpenRequestA

ws2_32

closesocket

Sections

.text
Size: - Virtual size: 292KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.zip#**.
Size: - Virtual size: 2.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.zip#**.
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.zip#**.
Size: 5.0MB - Virtual size: 5.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 132KB - Virtual size: 354KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9ed5ffd9aebf2f772057cbc7c4430e2b

Code Sign

63:24:4d:30:d2:a1:4a:b4:4a:ad:bd:9a:36:e4:da:5aCertificate

39:4c:25:e1:7c:a0:6d:27:a8:65:e2:3b:d9:1d:22:d4Certificate

Extended Key Usages

Key Usages

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9Certificate

Extended Key Usages

Key Usages

47:86:23:2c:a6:2f:e0:ba:4d:dc:bb:8c:4a:30:d0:85:ae:c6:39:c0:7d:fe:04:8e:61:aa:bb:3e:26:e7:a5:98Signer

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

advapi32

shell32

wininet

ws2_32

Sections

.text Size: - Virtual size: 292KB

.rdata Size: - Virtual size: 78KB

.data Size: - Virtual size: 18KB

.zip#**. Size: - Virtual size: 2.7MB

.zip#**. Size: 1KB - Virtual size: 1KB

.zip#**. Size: 5.0MB - Virtual size: 5.0MB

.reloc Size: 7KB - Virtual size: 6KB

.rsrc Size: 132KB - Virtual size: 354KB

63:24:4d:30:d2:a1:4a:b4:4a:ad:bd:9a:36:e4:da:5a
Certificate

39:4c:25:e1:7c:a0:6d:27:a8:65:e2:3b:d9:1d:22:d4
Certificate

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

47:86:23:2c:a6:2f:e0:ba:4d:dc:bb:8c:4a:30:d0:85:ae:c6:39:c0:7d:fe:04:8e:61:aa:bb:3e:26:e7:a5:98
Signer

.text
Size: - Virtual size: 292KB

.rdata
Size: - Virtual size: 78KB

.data
Size: - Virtual size: 18KB

.zip#**.
Size: - Virtual size: 2.7MB

.zip#**.
Size: 1KB - Virtual size: 1KB

.zip#**.
Size: 5.0MB - Virtual size: 5.0MB

.reloc
Size: 7KB - Virtual size: 6KB

.rsrc
Size: 132KB - Virtual size: 354KB