EED_2[.]21[.]1 (1)[.]exe

Resubmissions

23/01/2024, 19:51

240123-yks25sgdan 7

23/01/2024, 19:19

240123-x1n8fsgab8 7

23/01/2024, 18:21

240123-wzsc2sehg5 1

Sharing

Copy URL Twitter E-mail

General

Target

EED_2.21.1 (1).exe
Size

191.8MB
MD5

45e3c65c6638856ab9beadd728106ea4
SHA1

b3f0ead8851a7478ac75feaf4fd9477d44a4e4d2
SHA256

c352abe08b1088648a4023cf762be1e897361f901c513fea6ee642a2b72563cb
SHA512

e615f50d30dc64460a867fb7d53aef64bf33b34b1286551dc6122ae0d2f3cd19327521f21ea20d7ad49459e9386df40f42c3bd3a42c70b5ba7750fd6c7e96017
SSDEEP

3145728:86Hef79CQVwdP3u1IJRn+87sDzpf/S9OdtRAlO3r/qTTlS1hWA5m4GTG:l+fAQWdP+6n++sDz1a6tL3LqFCh55mJ

Score

1^/10

Malware Config

Signatures

Files

EED_2.21.1 (1).exe
.exe windows:4 windows x86 arch:x86

23c22ba8cc2a21a5dc13e55d6ed68008

Code Sign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5a
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

21/09/2022, 00:00

Not After

21/11/2033, 23:59

Subject

CN=DigiCert Timestamp 2022 - 2,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:73:be:a2:11:5f:02:7e:4a:66:c0:39:22:8d:de:a0
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

09/09/2022, 00:00

Not After

30/09/2023, 23:59

Subject

CN=SEIKO EPSON CORPORATION,OU=IT PLANNING & DESIGN DEPARTMENT,O=SEIKO EPSON CORPORATION,L=Suwa-Shi,ST=Nagano,C=JP

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

ed:99:fb:20:cb:99:06:03:5e:0b:09:bf:17:c7:22:9b:4b:b5:a2:bb
Signer

Actual PE Digest

ed:99:fb:20:cb:99:06:03:5e:0b:09:bf:17:c7:22:9b:4b:b5:a2:bb

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateFileA
GetWindowsDirectoryA
GlobalFree
GlobalUnlock
GlobalHandle
_lclose
_llseek
_lread
_lopen
GlobalLock
GlobalAlloc
GlobalMemoryStatus
GetVersion
GetModuleFileNameA
WriteFile
GetSystemTime
LocalFree
ExitProcess
FormatMessageA
GetLastError
GetModuleHandleA
GetVolumeInformationA
WideCharToMultiByte
CreateProcessA
CloseHandle
FindNextFileA
DeleteFileA
GetTickCount
GetLongPathNameA
GetTempPathA
GetCommandLineA
lstrcmpiA
WaitForSingleObject
CopyFileA
GetFileAttributesA
LoadLibraryExA
GetSystemDirectoryA
SetErrorMode
MultiByteToWideChar
GetLocalTime
lstrlenA
CreateFileW
ReadFile
SetFilePointer
GetEnvironmentVariableA
GetDriveTypeA
LocalAlloc
DosDateTimeToFileTime
GetVersionExA
LocalFileTimeToFileTime
SetFileTime
CreateDirectoryA
SetCurrentDirectoryA
GetCurrentDirectoryA
FindFirstFileA
FindClose
RemoveDirectoryA
GetProcAddress
FreeLibrary
InterlockedExchange
LoadLibraryA
RaiseException
RtlUnwind
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapAlloc
HeapFree
HeapReAlloc
GetProcessHeap
GetStartupInfoA
GetCPInfo
InterlockedIncrement
InterlockedDecrement
GetACP
GetOEMCP
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
GetCurrentThreadId
Sleep
HeapSize
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
VirtualFree
VirtualAlloc
HeapDestroy
HeapCreate
GetStdHandle
LCMapStringA
LCMapStringW
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
GetConsoleCP
GetConsoleMode
InitializeCriticalSection
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
FlushFileBuffers

gdi32

SetBkColor
SetTextColor
SetTextAlign
GetBkColor
GetTextExtentPoint32A
CreateDCA
GetDeviceCaps
CreateFontIndirectA
DeleteDC
SelectObject
DeleteObject
ExtTextOutA

advapi32

RegQueryValueA

Sections

.text
Size: 84KB - Virtual size: 80KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 58KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 40KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_winzip_
Size: 191.7MB - Virtual size: 191.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Resubmissions

Sharing

General

Malware Config

Signatures

Files

23c22ba8cc2a21a5dc13e55d6ed68008

Code Sign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5aCertificate

Key Usages

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5bCertificate

Extended Key Usages

Key Usages

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9Certificate

Extended Key Usages

Key Usages

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5aCertificate

Extended Key Usages

Key Usages

07:73:be:a2:11:5f:02:7e:4a:66:c0:39:22:8d:de:a0Certificate

Extended Key Usages

Key Usages

ed:99:fb:20:cb:99:06:03:5e:0b:09:bf:17:c7:22:9b:4b:b5:a2:bbSigner

Headers

File Characteristics

Imports

kernel32

gdi32

advapi32

Sections

.text Size: 84KB - Virtual size: 80KB

.rdata Size: 16KB - Virtual size: 15KB

.data Size: 8KB - Virtual size: 58KB

.rsrc Size: 40KB - Virtual size: 37KB

_winzip_ Size: 191.7MB - Virtual size: 191.7MB

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5a
Certificate

07:73:be:a2:11:5f:02:7e:4a:66:c0:39:22:8d:de:a0
Certificate

ed:99:fb:20:cb:99:06:03:5e:0b:09:bf:17:c7:22:9b:4b:b5:a2:bb
Signer

.text
Size: 84KB - Virtual size: 80KB

.rdata
Size: 16KB - Virtual size: 15KB

.data
Size: 8KB - Virtual size: 58KB

.rsrc
Size: 40KB - Virtual size: 37KB

_winzip_
Size: 191.7MB - Virtual size: 191.7MB