AMS_8[.]5[.]3[.]0_Unpacker[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

AMS_8.5.3.0_Unpacker.exe
Size

379KB
MD5

0fba0d6e8acbf0e4446405b3d2704cf6
SHA1

cf2cf3d86f9866e63d0b07f57aac6443af0ff4d2
SHA256

07effc5077bde6c1d8e2481b7caf2085562fdbec21f5112a9c172354c6f64787
SHA512

2d903a042daeda87ff498e50503d5f8b995c203113c60140d9dd2f5496ff50741ceb0e8d08f862bff653cac9c8d875a4dba18395e719073e6ffbbc14a262b81b
SSDEEP

6144:4U4i2j7H92GeQA4W//5u85cb/VNsRB0g3avKEuANHNUAJVHtES4A5049awJ5cOk9:4pj7NAt//5t5uXu35vOtUATHtD4Ai4Hw

Score

1^/10

Malware Config

Signatures

Files

AMS_8.5.3.0_Unpacker.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Code Sign

7f:24:5f:80:47:fe:cd:65
Certificate

Issuer

CN=Adler SignKey CA,O=Adler Soft Development,L=Luhansk

Not Before

02/12/2018, 00:00

Not After

02/12/2021, 00:00

Subject

CN=Adler SignKey CA,O=Adler Soft Development,L=Luhansk

03:70:4e:92:07:28:61:a3
Certificate

Issuer

CN=Adler SignKey CA,O=Adler Soft Development,L=Luhansk

Not Before

05/05/2019, 00:00

Not After

05/05/2022, 00:00

Subject

CN=Adler,O=Adler Development,L=Luhansk,C=LPR

Extended Key Usages

ExtKeyUsageCodeSigning

42:1a:f2:94:09:84:19:1f:52:0a:4b:c6:24:26:a7:4b
Certificate

Issuer

CN=AddTrust External CA Root,OU=AddTrust External TTP Network,O=AddTrust AB,C=SE

Not Before

07/06/2005, 08:09

Not After

30/05/2020, 10:48

Subject

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

62:5c:4d:90:8c:d5:42:fb:ab:2e:a5:73:3f:f1:54:19
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

27/04/2011, 00:00

Not After

30/05/2020, 10:48

Subject

CN=COMODO Time Stamping CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

2b:73:db:74:63:11:4c:5a:5b:32:4a:f2:30:57:72:49
Certificate

Issuer

CN=COMODO Time Stamping CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

02/05/2019, 00:00

Not After

30/05/2020, 10:48

Subject

CN=Sectigo SHA-1 Time Stamping Signer,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

7f:24:5f:80:47:fe:cd:65
Certificate

Issuer

CN=Adler SignKey CA,O=Adler Soft Development,L=Luhansk

Not Before

02/12/2018, 00:00

Not After

02/12/2021, 00:00

Subject

CN=Adler SignKey CA,O=Adler Soft Development,L=Luhansk

03:70:4e:92:07:28:61:a3
Certificate

Issuer

CN=Adler SignKey CA,O=Adler Soft Development,L=Luhansk

Not Before

05/05/2019, 00:00

Not After

05/05/2022, 00:00

Subject

CN=Adler,O=Adler Development,L=Luhansk,C=LPR

Extended Key Usages

ExtKeyUsageCodeSigning

3d:1a:35:72:30:15:82:63:30:d0:13:71:7e:82:41:08
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

02/05/2019, 00:00

Not After

01/08/2030, 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #1,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02/05/2019, 00:00

Not After

18/01/2038, 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

ae:15:e1:d9:23:e4:f1:6e:9e:8d:66:64:3c:2d:1a:2a:b6:db:e2:be:b8:19:84:26:59:8a:33:a7:0b:78:6f:c0
Signer

Actual PE Digest

ae:15:e1:d9:23:e4:f1:6e:9e:8d:66:64:3c:2d:1a:2a:b6:db:e2:be:b8:19:84:26:59:8a:33:a7:0b:78:6f:c0

Digest Algorithm

sha256

PE Digest Matches

true

7b:4e:e0:24:6d:dc:08:72:98:5c:46:e8:38:ce:63:56:58:34:b8:0e
Signer

Actual PE Digest

7b:4e:e0:24:6d:dc:08:72:98:5c:46:e8:38:ce:63:56:58:34:b8:0e

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 328KB - Virtual size: 327KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f34d5f2d4577ed6d9ceec516c1f5a744

Code Sign

7f:24:5f:80:47:fe:cd:65Certificate

03:70:4e:92:07:28:61:a3Certificate

Extended Key Usages

42:1a:f2:94:09:84:19:1f:52:0a:4b:c6:24:26:a7:4bCertificate

Key Usages

62:5c:4d:90:8c:d5:42:fb:ab:2e:a5:73:3f:f1:54:19Certificate

Extended Key Usages

Key Usages

2b:73:db:74:63:11:4c:5a:5b:32:4a:f2:30:57:72:49Certificate

Extended Key Usages

Key Usages

7f:24:5f:80:47:fe:cd:65Certificate

03:70:4e:92:07:28:61:a3Certificate

Extended Key Usages

3d:1a:35:72:30:15:82:63:30:d0:13:71:7e:82:41:08Certificate

Extended Key Usages

Key Usages

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9Certificate

Extended Key Usages

Key Usages

ae:15:e1:d9:23:e4:f1:6e:9e:8d:66:64:3c:2d:1a:2a:b6:db:e2:be:b8:19:84:26:59:8a:33:a7:0b:78:6f:c0Signer

7b:4e:e0:24:6d:dc:08:72:98:5c:46:e8:38:ce:63:56:58:34:b8:0eSigner

Headers

DLL Characteristics

File Characteristics

Imports

mscoree

Sections

.text Size: 328KB - Virtual size: 327KB

.rsrc Size: 36KB - Virtual size: 35KB

.reloc Size: 512B - Virtual size: 12B

7f:24:5f:80:47:fe:cd:65
Certificate

03:70:4e:92:07:28:61:a3
Certificate

42:1a:f2:94:09:84:19:1f:52:0a:4b:c6:24:26:a7:4b
Certificate

62:5c:4d:90:8c:d5:42:fb:ab:2e:a5:73:3f:f1:54:19
Certificate

2b:73:db:74:63:11:4c:5a:5b:32:4a:f2:30:57:72:49
Certificate

7f:24:5f:80:47:fe:cd:65
Certificate

03:70:4e:92:07:28:61:a3
Certificate

3d:1a:35:72:30:15:82:63:30:d0:13:71:7e:82:41:08
Certificate

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

ae:15:e1:d9:23:e4:f1:6e:9e:8d:66:64:3c:2d:1a:2a:b6:db:e2:be:b8:19:84:26:59:8a:33:a7:0b:78:6f:c0
Signer

7b:4e:e0:24:6d:dc:08:72:98:5c:46:e8:38:ce:63:56:58:34:b8:0e
Signer

.text
Size: 328KB - Virtual size: 327KB

.rsrc
Size: 36KB - Virtual size: 35KB

.reloc
Size: 512B - Virtual size: 12B