46ac560bd41d788af8d2be6f23d2595d7eff45263904f86deced79bd2e1e883c

Sharing

Copy URL

Twitter E-mail

General

Target

46ac560bd41d788af8d2be6f23d2595d7eff45263904f86deced79bd2e1e883c
Size

3.1MB
MD5

cacb4dfc54ad9dd54fd382887551f1e3
SHA1

81d45cae7384d561baf2ec7e511bb2a740f881f8
SHA256

46ac560bd41d788af8d2be6f23d2595d7eff45263904f86deced79bd2e1e883c
SHA512

5a6096948b75dce8c895464da2b48009aa94a589ccbbf4308ed6643d7a612c47903b0d0bf940d806819d7ced23f4dc05f49a7ba70177f2d8c1de450ecf0a7477
SSDEEP

98304:L+a4kPqzbcj3eR0PmO40PvQ4q7IVH8eRjoM:WFbc9l40Q4tVH8WoM

Score

1^/10

Malware Config

Signatures

Files

46ac560bd41d788af8d2be6f23d2595d7eff45263904f86deced79bd2e1e883c
.exe windows:6 windows x86 arch:x86

e7a425b4a444d820f97f147fd0d11b17

Code Sign

67:6e:20:ee:07:fc:c9:49:aa:7e:95:78:32:b7:bd:ab
Certificate

Issuer

CN=ActiveReports RDF document API,OU=Active,O=GrapeCity Inc. All rights reserved,ST=CH,C=CH

Not Before

10-12-2023 16:06

Not After

10-09-2025 00:00

Subject

CN=ActiveReports RDF document API,OU=Active,O=GrapeCity Inc. All rights reserved,ST=CH,C=CH

39:4c:25:e1:7c:a0:6d:27:a8:65:e2:3b:d9:1d:22:d4
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

03-05-2023 00:00

Not After

02-08-2034 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #4,O=Sectigo Limited,ST=Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-05-2019 00:00

Not After

18-01-2038 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

d1:35:7d:f1:22:f2:a8:40:07:f0:ee:77:b9:23:e3:3d:bf:1f:63:d5:ec:42:0d:6c:4e:fb:90:5b:5e:cc:87:37
Signer

Actual PE Digest

d1:35:7d:f1:22:f2:a8:40:07:f0:ee:77:b9:23:e3:3d:bf:1f:63:d5:ec:42:0d:6c:4e:fb:90:5b:5e:cc:87:37

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateProcessW
GetSystemTimeAsFileTime
HeapAlloc
HeapFree
ExitProcess
LoadLibraryA
GetModuleHandleA
GetProcAddress

gdi32

BitBlt

user32

GetDC

Sections

.text
Size: - Virtual size: 268KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vmp%¥�
Size: - Virtual size: 1.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.vmp%¥�
Size: 1024B - Virtual size: 904B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vmp%¥�
Size: 3.0MB - Virtual size: 3.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 106KB - Virtual size: 106KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e7a425b4a444d820f97f147fd0d11b17

Code Sign

67:6e:20:ee:07:fc:c9:49:aa:7e:95:78:32:b7:bd:abCertificate

39:4c:25:e1:7c:a0:6d:27:a8:65:e2:3b:d9:1d:22:d4Certificate

Extended Key Usages

Key Usages

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9Certificate

Extended Key Usages

Key Usages

d1:35:7d:f1:22:f2:a8:40:07:f0:ee:77:b9:23:e3:3d:bf:1f:63:d5:ec:42:0d:6c:4e:fb:90:5b:5e:cc:87:37Signer

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

gdi32

user32

Sections

.text Size: - Virtual size: 268KB

.rdata Size: - Virtual size: 12KB

.data Size: - Virtual size: 70KB

.vmp%¥� Size: - Virtual size: 1.6MB

.vmp%¥� Size: 1024B - Virtual size: 904B

.vmp%¥� Size: 3.0MB - Virtual size: 3.0MB

.reloc Size: 7KB - Virtual size: 6KB

.rsrc Size: 106KB - Virtual size: 106KB

67:6e:20:ee:07:fc:c9:49:aa:7e:95:78:32:b7:bd:ab
Certificate

39:4c:25:e1:7c:a0:6d:27:a8:65:e2:3b:d9:1d:22:d4
Certificate

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

d1:35:7d:f1:22:f2:a8:40:07:f0:ee:77:b9:23:e3:3d:bf:1f:63:d5:ec:42:0d:6c:4e:fb:90:5b:5e:cc:87:37
Signer

.text
Size: - Virtual size: 268KB

.rdata
Size: - Virtual size: 12KB

.data
Size: - Virtual size: 70KB

.vmp%¥�
Size: - Virtual size: 1.6MB

.vmp%¥�
Size: 1024B - Virtual size: 904B

.vmp%¥�
Size: 3.0MB - Virtual size: 3.0MB

.reloc
Size: 7KB - Virtual size: 6KB

.rsrc
Size: 106KB - Virtual size: 106KB