malware_8CC02B721683F8B880C8D086ED055006DCF6155A6CD19435F74DD9296B74F5FC

Resubmissions

24-01-2024 21:38

240124-1hatwshef5 5

24-01-2024 21:31

240124-1cz7lahdf5 5

Sharing

Copy URL

Twitter E-mail

General

Target

malware_8CC02B721683F8B880C8D086ED055006DCF6155A6CD19435F74DD9296B74F5FC
Size

456KB
MD5

c6b57e042ceadb60d6fab217d3523e17
SHA1

d7c2599b2e7c68212b59c319440d27387a641650
SHA256

8cc02b721683f8b880c8d086ed055006dcf6155a6cd19435f74dd9296b74f5fc
SHA512

b73d655a49c07bf7cc6d75134a2bacf11bede80ab546ba86726def299303a7a66a516bfabd9f2d49fafee02d10bff09d0c55db25349397a80abd07680fcdaaa6
SSDEEP

6144:wEB03MbatmtkhU6f2eGpwxpUXZKIWGimc3KFHB5UNn/mRL6pXd0p9UcZY:T5atmEU6z2sgpWLsBuu1GgycO

Score

1^/10

Malware Config

Signatures

Files

malware_8CC02B721683F8B880C8D086ED055006DCF6155A6CD19435F74DD9296B74F5FC
.exe windows:5 windows x86 arch:x86

98d8603cee4c1716538d9bfe1c8dd334

Code Sign

16:88:f0:39:25:5e:63:8e:69:14:39:07:e6:33:0b
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

31-12-2015 00:00

Not After

09-07-2019 18:40

Subject

CN=COMODO SHA-1 Time Stamping Signer,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

1d:27:53:76:a1:db:6b:fe:c5:17:9e:52:7e:1d:3a:6b
Certificate

Issuer

CN=COMODO RSA Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

25-12-2015 00:00

Not After

24-12-2016 23:59

Subject

CN=Extrusion Machinery Ltd,O=Extrusion Machinery Ltd,POSTALCODE=SE18 6LF,STREET=14-16 Powis Street,L=London,ST=London,C=GB,2.5.4.18=#13085345313820364c46

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

2e:7c:87:cc:0e:93:4a:52:fe:94:fd:1c:b7:cd:34:af
Certificate

Issuer

CN=COMODO RSA Certification Authority,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

09-05-2013 00:00

Not After

08-05-2028 23:59

Subject

CN=COMODO RSA Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

28:26:65:4d:7c:fe:cd:3a:b0:28:27:7a:b9:2d:20:08:58:5d:a2:8d
Signer

Actual PE Digest

28:26:65:4d:7c:fe:cd:3a:b0:28:27:7a:b9:2d:20:08:58:5d:a2:8d

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

oleaut32

VarCat

kernel32

ExitProcess
CreateProcessA
HeapCreate
DisableThreadLibraryCalls
AreFileApisANSI
HeapSetInformation
GetFileAttributesExA
IsProcessorFeaturePresent
HeapReAlloc
HeapAlloc
GetStringTypeW
MultiByteToWideChar
LCMapStringW
HeapSize
RtlUnwind
Sleep
HeapFree
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
GetCurrentProcess
TerminateProcess
IsDebuggerPresent
UnhandledExceptionFilter
GetLocaleInfoW
LoadLibraryW
InterlockedExchange
FreeLibrary
SetConsoleCtrlHandler
EnterCriticalSection
FatalAppExitA
LeaveCriticalSection
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
HeapDestroy
GetCurrentThread
InterlockedDecrement
GetLastError
GetCurrentThreadId
SetLastError
InterlockedIncrement
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
EncodePointer
DeleteCriticalSection
GetFileType
InitializeCriticalSectionAndSpinCount
SetHandleCount
GetEnvironmentStringsW
WideCharToMultiByte
FreeEnvironmentStringsW
GetModuleFileNameA
GetModuleFileNameW
GetStdHandle
WriteFile
DecodePointer
GetModuleHandleW
GetProcAddress
SetUnhandledExceptionFilter
GetStartupInfoW
GetCommandLineA

gdi32

GdiGetBatchLimit

comctl32

ImageList_SetBkColor

comdlg32

GetFileTitleA

advapi32

GetSidSubAuthority

user32

SetWindowTextW
SetScrollPos
ChangeDisplaySettingsW
CharUpperBuffA
EqualRect
ReuseDDElParam
SetClassWord
ModifyMenuW
CharToOemBuffW
DrawCaption
DlgDirSelectComboBoxExW
LoadCursorW
LoadAcceleratorsW
SetPropW
GetSysColorBrush
CreateWindowStationA
ReplyMessage
DialogBoxParamW
CreateAcceleratorTableA
SetWindowLongA
DlgDirSelectExW
IsCharUpperA
LoadKeyboardLayoutA
DestroyMenu
GetClassNameA
SetScrollInfo
ShowWindow
GetDC
CreateIcon
DdeInitializeA
UnhookWinEvent
LoadMenuA
SetClipboardViewer
GetWindowModuleFileNameW
SetRectEmpty
PostMessageA
SetCursorPos
GetMenu
CloseWindow
SetMenu
InsertMenuItemW
EnumWindows
SwapMouseButton
SetMenuItemBitmaps
EnumDesktopWindows
DlgDirListW
DeferWindowPos
CharToOemBuffA
DeleteMenu
DlgDirListComboBoxW
SystemParametersInfoW
ShowCursor
CopyAcceleratorTableA
GetClientRect
SetMenuContextHelpId
OemToCharBuffA
GetLastActivePopup
GetWindowModuleFileNameA
LookupIconIdFromDirectory
LoadCursorA
SetWindowsHookExW
DdeCmpStringHandles
EnumPropsExA
GetUpdateRect
DrawIcon
IsCharUpperW
IsDialogMessageW
GetForegroundWindow
GetClipboardFormatNameW

Sections

.text
Size: 271KB - Virtual size: 271KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 71KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 58KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Resubmissions

Sharing

General

Malware Config

Signatures

Files

98d8603cee4c1716538d9bfe1c8dd334

Code Sign

16:88:f0:39:25:5e:63:8e:69:14:39:07:e6:33:0bCertificate

Extended Key Usages

Key Usages

1d:27:53:76:a1:db:6b:fe:c5:17:9e:52:7e:1d:3a:6bCertificate

Extended Key Usages

Key Usages

2e:7c:87:cc:0e:93:4a:52:fe:94:fd:1c:b7:cd:34:afCertificate

Extended Key Usages

Key Usages

28:26:65:4d:7c:fe:cd:3a:b0:28:27:7a:b9:2d:20:08:58:5d:a2:8dSigner

Headers

DLL Characteristics

File Characteristics

Imports

oleaut32

kernel32

gdi32

comctl32

comdlg32

advapi32

user32

Sections

.text Size: 271KB - Virtual size: 271KB

.rdata Size: 26KB - Virtual size: 26KB

.data Size: 71KB - Virtual size: 74KB

.rsrc Size: 58KB - Virtual size: 57KB

.reloc Size: 23KB - Virtual size: 23KB

16:88:f0:39:25:5e:63:8e:69:14:39:07:e6:33:0b
Certificate

1d:27:53:76:a1:db:6b:fe:c5:17:9e:52:7e:1d:3a:6b
Certificate

2e:7c:87:cc:0e:93:4a:52:fe:94:fd:1c:b7:cd:34:af
Certificate

28:26:65:4d:7c:fe:cd:3a:b0:28:27:7a:b9:2d:20:08:58:5d:a2:8d
Signer

.text
Size: 271KB - Virtual size: 271KB

.rdata
Size: 26KB - Virtual size: 26KB

.data
Size: 71KB - Virtual size: 74KB

.rsrc
Size: 58KB - Virtual size: 57KB

.reloc
Size: 23KB - Virtual size: 23KB