DOC2839999[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

DOC2839999.exe
Size

638KB
MD5

e5f604759e71b4fedd9bc6f502484010
SHA1

63a0c6f6e171741c0ac1d97b34d0c8b78d52e3db
SHA256

46c3670d604938c14e181b4dd604ad2a46a49e09f49bb2ba32cd6ff56df69bb5
SHA512

154777b4b68bf4507dd480e1c2722c211a1e3efb4142f1b8fe47fca409ade174786c7bb0182ea26122af9499bdaddb88935bc0b78955a700c84c3caa0080fbe1
SSDEEP

12288:Vk3E/0SN6Rgzo6fM1ElKQ/FUT/0MZkaR3RTq/ICamrmiuP8wO8Df1kJSpl:Vj8NFcUT1ka9ZArpuPfNJl

Score

1^/10

Malware Config

Signatures

Files

DOC2839999.exe
.zip

Password: Sentinel1!
Device/HarddiskVolume3/WINDOWS/System32/DOC2839999.exe
.exe windows:4 windows x86

Password: Sentinel1!

f34d5f2d4577ed6d9ceec516c1f5a744

Code Sign

f6:9b:d7:84:14:ae:8b:ab:8b:58:65:9f:15:f8:43:6e
Certificate

Issuer

CN=Ebay,OU=adasdsadsas,O=Amazon,L=dasdadasd,2.5.4.12=#1309646173646173646173,1.2.840.113549.1.9.1=#130e7364617364617364616461736461

Not Before

20-06-2022 12:24

Not After

20-06-2023 12:24

Subject

CN=Ebay,OU=adasdsadsas,O=Amazon,L=dasdadasd,2.5.4.12=#1309646173646173646173,1.2.840.113549.1.9.1=#130e7364617364617364616461736461

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0a:7a:4a:88:9e:c9:99:42:90:06:63:38:4d:86:97:9d
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

29-03-2022 00:00

Not After

14-03-2033 23:59

Subject

CN=DigiCert Timestamp 2022 - 2,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23-03-2022 00:00

Not After

22-03-2037 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

01:24:0a:fb:1e:38:0b:8a:16:f1:4b:71:9d:f4:d3:c0
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

09-06-2022 00:00

Not After

09-11-2031 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

09:77:cf:63:f8:f4:7f:c0:d0:ea:58:bb:11:a1:b1:32:a3:1f:11:ff
Signer

Actual PE Digest

09:77:cf:63:f8:f4:7f:c0:d0:ea:58:bb:11:a1:b1:32:a3:1f:11:ff

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 958KB - Virtual size: 958KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 142KB - Virtual size: 142KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
manifest.json

Sharing

General

Malware Config

Signatures

Files

Password: Sentinel1!

Password: Sentinel1!

f34d5f2d4577ed6d9ceec516c1f5a744

Code Sign

f6:9b:d7:84:14:ae:8b:ab:8b:58:65:9f:15:f8:43:6eCertificate

Extended Key Usages

Key Usages

0a:7a:4a:88:9e:c9:99:42:90:06:63:38:4d:86:97:9dCertificate

Extended Key Usages

Key Usages

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5bCertificate

Extended Key Usages

Key Usages

01:24:0a:fb:1e:38:0b:8a:16:f1:4b:71:9d:f4:d3:c0Certificate

Extended Key Usages

Key Usages

09:77:cf:63:f8:f4:7f:c0:d0:ea:58:bb:11:a1:b1:32:a3:1f:11:ffSigner

Headers

DLL Characteristics

File Characteristics

Imports

mscoree

Sections

.text Size: 958KB - Virtual size: 958KB

.rsrc Size: 142KB - Virtual size: 142KB

.reloc Size: 512B - Virtual size: 12B

f6:9b:d7:84:14:ae:8b:ab:8b:58:65:9f:15:f8:43:6e
Certificate

0a:7a:4a:88:9e:c9:99:42:90:06:63:38:4d:86:97:9d
Certificate

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

01:24:0a:fb:1e:38:0b:8a:16:f1:4b:71:9d:f4:d3:c0
Certificate

09:77:cf:63:f8:f4:7f:c0:d0:ea:58:bb:11:a1:b1:32:a3:1f:11:ff
Signer

.text
Size: 958KB - Virtual size: 958KB

.rsrc
Size: 142KB - Virtual size: 142KB

.reloc
Size: 512B - Virtual size: 12B