78fab4bae86bece1734504414dfc3b35838f7f831d48e7fa1b4c51531666d7b1

Sharing

Copy URL Twitter E-mail

General

Target

78fab4bae86bece1734504414dfc3b35838f7f831d48e7fa1b4c51531666d7b1
Size

83KB
MD5

85432c099d2a9c2397b61e96486fa181
SHA1

4fd8c06933f082ba7eeb20fb49e31390809c82cb
SHA256

78fab4bae86bece1734504414dfc3b35838f7f831d48e7fa1b4c51531666d7b1
SHA512

593eb3be7ac1cee6144ccd2fb152c9a96d22df399716e2d170a089d754fa706606e7275ef94138582cce6c0cbd13d2e92de46a61c5a2e045c439022ab9ba4278
SSDEEP

1536:2eqMdN8dkMCsyD9+kT0iw7qUEYzd+CgEqTIm4gKN2PjCgYVvOm7:Luah8KUEYzITKN8Ysm7

Score

1^/10

Malware Config

Signatures

Files

78fab4bae86bece1734504414dfc3b35838f7f831d48e7fa1b4c51531666d7b1
.exe windows:4 windows x64 arch:x64

ed574644da9c7946c3c9067061bc1a5e

Code Sign

33:00:00:01:df:6b:f0:2e:92:a7:4a:b4:d0:00:00:00:00:01:df
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

15/12/2020, 21:31

Not After

02/12/2021, 21:31

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08/07/2011, 20:59

Not After

08/07/2026, 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

41:71:a9:5f:52:27:17:72:5a:68:f1:14:81:49:cd:89:5a:85:a7:30:28:42:13:2e:d3:5b:3c:b2:3a:6f:2d:d5
Signer

Actual PE Digest

41:71:a9:5f:52:27:17:72:5a:68:f1:14:81:49:cd:89:5a:85:a7:30:28:42:13:2e:d3:5b:3c:b2:3a:6f:2d:d5

Digest Algorithm

sha256

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

CreateThread
DeleteCriticalSection
EnterCriticalSection
GetConsoleWindow
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetLastError
GetStartupInfoA
GetSystemTimeAsFileTime
GetTickCount
InitializeCriticalSection
IsDBCSLeadByteEx
LeaveCriticalSection
MultiByteToWideChar
QueryPerformanceCounter
RtlAddFunctionTable
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
SetUnhandledExceptionFilter
Sleep
TerminateProcess
TlsGetValue
UnhandledExceptionFilter
VirtualAlloc
VirtualProtect
VirtualQuery
WaitForSingleObject
WideCharToMultiByte

msvcrt

__C_specific_handler
___lc_codepage_func
___mb_cur_max_func
__getmainargs
__initenv
__iob_func
__lconv_init
__set_app_type
__setusermatherr
_acmdln
_amsg_exit
_cexit
_errno
_fmode
_initterm
_lock
_onexit
_unlock
abort
calloc
exit
fopen
fprintf
fputc
fread
free
fseek
ftell
fwrite
localeconv
malloc
memcpy
memmove
signal
strerror
strlen
strncmp
vfprintf
wcslen

user32

ShowWindow

Sections

.text
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 272B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 104B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

/4
Size: 512B - Virtual size: 144B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/19
Size: 29KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/31
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/45
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/57
Size: 512B - Virtual size: 256B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/70
Size: 512B - Virtual size: 269B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/81
Size: 512B - Virtual size: 48B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 796B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ed574644da9c7946c3c9067061bc1a5e

Code Sign

33:00:00:01:df:6b:f0:2e:92:a7:4a:b4:d0:00:00:00:00:01:dfCertificate

Extended Key Usages

61:0e:90:d2:00:00:00:00:00:03Certificate

Key Usages

41:71:a9:5f:52:27:17:72:5a:68:f1:14:81:49:cd:89:5a:85:a7:30:28:42:13:2e:d3:5b:3c:b2:3a:6f:2d:d5Signer

Headers

File Characteristics

Imports

kernel32

msvcrt

user32

Sections

.text Size: 27KB - Virtual size: 27KB

.data Size: 512B - Virtual size: 272B

.rdata Size: 2KB - Virtual size: 2KB

.pdata Size: 1KB - Virtual size: 1KB

.xdata Size: 1KB - Virtual size: 1KB

.bss Size: - Virtual size: 4KB

.idata Size: 3KB - Virtual size: 2KB

.CRT Size: 512B - Virtual size: 104B

.tls Size: 512B - Virtual size: 16B

/4 Size: 512B - Virtual size: 144B

/19 Size: 29KB - Virtual size: 29KB

/31 Size: 1KB - Virtual size: 1KB

/45 Size: 2KB - Virtual size: 1KB

/57 Size: 512B - Virtual size: 256B

/70 Size: 512B - Virtual size: 269B

/81 Size: 512B - Virtual size: 48B

.rsrc Size: 1024B - Virtual size: 796B

33:00:00:01:df:6b:f0:2e:92:a7:4a:b4:d0:00:00:00:00:01:df
Certificate

61:0e:90:d2:00:00:00:00:00:03
Certificate

41:71:a9:5f:52:27:17:72:5a:68:f1:14:81:49:cd:89:5a:85:a7:30:28:42:13:2e:d3:5b:3c:b2:3a:6f:2d:d5
Signer

.text
Size: 27KB - Virtual size: 27KB

.data
Size: 512B - Virtual size: 272B

.rdata
Size: 2KB - Virtual size: 2KB

.pdata
Size: 1KB - Virtual size: 1KB

.xdata
Size: 1KB - Virtual size: 1KB

.bss
Size: - Virtual size: 4KB

.idata
Size: 3KB - Virtual size: 2KB

.CRT
Size: 512B - Virtual size: 104B

.tls
Size: 512B - Virtual size: 16B

/4
Size: 512B - Virtual size: 144B

/19
Size: 29KB - Virtual size: 29KB

/31
Size: 1KB - Virtual size: 1KB

/45
Size: 2KB - Virtual size: 1KB

/57
Size: 512B - Virtual size: 256B

/70
Size: 512B - Virtual size: 269B

/81
Size: 512B - Virtual size: 48B

.rsrc
Size: 1024B - Virtual size: 796B