1b1edb197bddcf5803a90260a5a23cdd

Sharing

Copy URL Twitter E-mail

General

Target

1b1edb197bddcf5803a90260a5a23cdd
Size

4.8MB
MD5

1b1edb197bddcf5803a90260a5a23cdd
SHA1

fa371821da93993b93f8b74c6a57881770a9ec4f
SHA256

eb13ff483eafa528c0db629ec445c7b64ffbcbe1da35bcbbc6145685c68b731f
SHA512

e8d504f3d9a4d41901c071e43798a72efe8aa9465d4952235069b73c5a1fe789e92ddb0bb09a97fe20c70c7b8c48b5fee38a8bb9ce48f1f3c7cc7b2e01a885ab
SSDEEP

3072:YhbMSibVgKRB5TmINGszuKG8VCZ0Qpj5HPh4fj4GCJ0HYmGltsQdOOITHTzQcI64:YhIoP

Score

1^/10

Malware Config

Signatures

Files

1b1edb197bddcf5803a90260a5a23cdd
.exe windows:4 windows x64 arch:x64

Code Sign

6b:00:00:03:f4:e3:a6:7a:23:48:55:0c:33:00:00:00:00:03:f4
Certificate

Issuer

CN=Microsoft RSA TLS CA 01,O=Microsoft Corporation,C=US

Not Before

28/08/2020, 22:17

Not After

28/08/2021, 22:17

Subject

CN=www.microsoft.com,OU=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=WA,C=US

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12
Certificate

Issuer

CN=VeriSign Universal Root Certification Authority,OU=VeriSign Trust Network+OU=(c) 2008 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

12/01/2016, 00:00

Not After

11/01/2031, 23:59

Subject

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

7b:d4:e5:af:ba:cc:07:3f:a1:01:23:04:22:41:4d:12
Certificate

Issuer

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

23/12/2017, 00:00

Not After

22/03/2029, 23:59

Subject

CN=Symantec SHA256 TimeStamping Signer - G3,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

e3:57:a4:54:3e:82:72:b2:b4:fe:51:77:85:77:a8:41:4f:e4:fa:7b:a3:9e:63:8a:41:b9:d2:29:26:7d:2c:7f
Signer

Actual PE Digest

e3:57:a4:54:3e:82:72:b2:b4:fe:51:77:85:77:a8:41:4f:e4:fa:7b:a3:9e:63:8a:41:b9:d2:29:26:7d:2c:7f

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

.text
Size: 4.8MB - Virtual size: 4.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Code Sign

6b:00:00:03:f4:e3:a6:7a:23:48:55:0c:33:00:00:00:00:03:f4Certificate

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12Certificate

Extended Key Usages

Key Usages

7b:d4:e5:af:ba:cc:07:3f:a1:01:23:04:22:41:4d:12Certificate

Extended Key Usages

Key Usages

e3:57:a4:54:3e:82:72:b2:b4:fe:51:77:85:77:a8:41:4f:e4:fa:7b:a3:9e:63:8a:41:b9:d2:29:26:7d:2c:7fSigner

Headers

DLL Characteristics

File Characteristics

Sections

.text Size: 4.8MB - Virtual size: 4.8MB

.rsrc Size: 1KB - Virtual size: 1KB

6b:00:00:03:f4:e3:a6:7a:23:48:55:0c:33:00:00:00:00:03:f4
Certificate

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12
Certificate

7b:d4:e5:af:ba:cc:07:3f:a1:01:23:04:22:41:4d:12
Certificate

e3:57:a4:54:3e:82:72:b2:b4:fe:51:77:85:77:a8:41:4f:e4:fa:7b:a3:9e:63:8a:41:b9:d2:29:26:7d:2c:7f
Signer

.text
Size: 4.8MB - Virtual size: 4.8MB

.rsrc
Size: 1KB - Virtual size: 1KB