Photo_12[.]01[.]2024[.]scr

Sharing

Copy URL Twitter E-mail

General

Target

Photo_12.01.2024.scr
Size

677.5MB
MD5

cf556209a637c6cca0c990eb0b4ecfc0
SHA1

7e6d133fc15f4f5624390e093611ed387ba23b6c
SHA256

508aa5e89a1e466682416f39ad2b751a3e074972fddcb0c75bb1883db0b146f4
SHA512

16ab341012fdcfa669b1ae6eb0f8ee893d698e4eb1ce9608e86e0c606b9eeeae8d474eeb52d8d249a03400b841e16c907d0799e2a6f0f5b0c2cc266d253ab463
SSDEEP

12288:p4uLvVGQexptR1HU7t+BU2U3STvGobLIy:KmgQezxGQBUwH3n

Score

1^/10

Malware Config

Signatures

Files

Photo_12.01.2024.scr
.exe windows:5 windows x86 arch:x86

Password: 123456

afe9d238e315d9482832f52d54aeafe0

Code Sign

15:b7:d2:56:4f:a1:c2:22:00:75:41:11:c9:44:46:df
Certificate

Issuer

CN=SSL.com EV Code Signing Intermediate CA RSA R3,O=SSL Corp,L=Houston,ST=Texas,C=US

Not Before

18/12/2023, 20:19

Not After

17/12/2024, 20:19

Subject

SERIALNUMBER=50103549581,CN=GL Solutions SIA,O=GL Solutions SIA,L=Lielvārde,ST=Lielvārde Municipality,C=LV,1.3.6.1.4.1.311.60.2.1.3=#13024c56,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

42:4b:6a:53:ce:c7:66:14:1c:2a:63:b1:a5:1c:41:04
Certificate

Issuer

CN=SSL.com EV Root Certification Authority RSA R2,O=SSL Corporation,L=Houston,ST=Texas,C=US

Not Before

26/03/2019, 17:44

Not After

22/03/2034, 17:44

Subject

CN=SSL.com EV Code Signing Intermediate CA RSA R3,O=SSL Corp,L=Houston,ST=Texas,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

1a:d6:08:a7:d6:34:b5:cd:de:97:cb:a3:cc:f0:d0:4b
Certificate

Issuer

CN=SSL.com Timestamping Issuing RSA CA R1,O=SSL Corp,L=Houston,ST=Texas,C=US

Not Before

09/12/2022, 18:30

Not After

06/12/2032, 18:30

Subject

CN=SSL.com Timestamping Unit 2022,O=SSL Corp,L=Houston,ST=Texas,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

6d:52:18:70:87:e8:23:4d:85:60:00:d0:80:8f:93:56
Certificate

Issuer

CN=SSL.com Root Certification Authority RSA,O=SSL Corporation,L=Houston,ST=Texas,C=US

Not Before

13/11/2019, 18:50

Not After

12/11/2034, 18:50

Subject

CN=SSL.com Timestamping Issuing RSA CA R1,O=SSL Corp,L=Houston,ST=Texas,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

c6:e1:6c:8d:b0:a6:20:a8:6d:83:8f:02:ef:ad:33:b3:d8:23:14:01:77:1d:77:d8:21:e0:74:d7:a7:dc:73:dd
Signer

Actual PE Digest

c6:e1:6c:8d:b0:a6:20:a8:6d:83:8f:02:ef:ad:33:b3:d8:23:14:01:77:1d:77:d8:21:e0:74:d7:a7:dc:73:dd

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetConsoleAliasExesLengthA
LocalCompact
GetTickCount
LocalFlags
GetConsoleAliasesA
LoadLibraryW
GetLocaleInfoW
HeapDestroy
GetAtomNameW
IsBadStringPtrA
SetConsoleTitleA
WritePrivateProfileStringW
RaiseException
InterlockedExchange
GetLastError
SetLastError
TlsGetValue
SetComputerNameA
LoadLibraryA
OpenWaitableTimerW
LocalAlloc
GetTapeParameters
GetModuleFileNameA
EraseTape
FreeEnvironmentStringsW
CompareStringA
SetCalendarInfoA
LocalFree
SetFileAttributesW
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
GetStringTypeW
GetProcAddress
GetEnvironmentVariableW
EncodePointer
DecodePointer
GetCommandLineA
HeapSetInformation
GetStartupInfoW
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapAlloc
HeapFree
IsProcessorFeaturePresent
Sleep
HeapSize
GetModuleHandleW
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameW
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
InitializeCriticalSectionAndSpinCount
GetFileType
DeleteCriticalSection
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
GetCurrentThreadId
InterlockedDecrement
GetCurrentThread
HeapCreate
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
HeapReAlloc
LeaveCriticalSection
FatalAppExitA
EnterCriticalSection
SetConsoleCtrlHandler
FreeLibrary
RtlUnwind
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
LCMapStringW
MultiByteToWideChar
IsValidLocale

user32

GetKeyNameTextA
GetMonitorInfoA
SetActiveWindow

advapi32

OpenEventLogA

Sections

.text
Size: 418KB - Virtual size: 417KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 43KB - Virtual size: 135KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Password: 123456

afe9d238e315d9482832f52d54aeafe0

Code Sign

15:b7:d2:56:4f:a1:c2:22:00:75:41:11:c9:44:46:dfCertificate

Extended Key Usages

Key Usages

42:4b:6a:53:ce:c7:66:14:1c:2a:63:b1:a5:1c:41:04Certificate

Extended Key Usages

Key Usages

1a:d6:08:a7:d6:34:b5:cd:de:97:cb:a3:cc:f0:d0:4bCertificate

Extended Key Usages

Key Usages

6d:52:18:70:87:e8:23:4d:85:60:00:d0:80:8f:93:56Certificate

Extended Key Usages

Key Usages

c6:e1:6c:8d:b0:a6:20:a8:6d:83:8f:02:ef:ad:33:b3:d8:23:14:01:77:1d:77:d8:21:e0:74:d7:a7:dc:73:ddSigner

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

Sections

.text Size: 418KB - Virtual size: 417KB

.rdata Size: 17KB - Virtual size: 17KB

.data Size: 7KB - Virtual size: 14KB

.tls Size: 2KB - Virtual size: 2KB

.rsrc Size: 43KB - Virtual size: 135KB

15:b7:d2:56:4f:a1:c2:22:00:75:41:11:c9:44:46:df
Certificate

42:4b:6a:53:ce:c7:66:14:1c:2a:63:b1:a5:1c:41:04
Certificate

1a:d6:08:a7:d6:34:b5:cd:de:97:cb:a3:cc:f0:d0:4b
Certificate

6d:52:18:70:87:e8:23:4d:85:60:00:d0:80:8f:93:56
Certificate

c6:e1:6c:8d:b0:a6:20:a8:6d:83:8f:02:ef:ad:33:b3:d8:23:14:01:77:1d:77:d8:21:e0:74:d7:a7:dc:73:dd
Signer

.text
Size: 418KB - Virtual size: 417KB

.rdata
Size: 17KB - Virtual size: 17KB

.data
Size: 7KB - Virtual size: 14KB

.tls
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 43KB - Virtual size: 135KB