7e58dde124aa4ad5df544d56b2bdcc6d

Sharing

Copy URL Twitter E-mail

General

Target

7e58dde124aa4ad5df544d56b2bdcc6d
Size

5.5MB
MD5

7e58dde124aa4ad5df544d56b2bdcc6d
SHA1

14eb977db59c5e89b642c6e87565676bfc28c1a7
SHA256

66a6cb1ee6df0dd524f9f7a0d2ba1e3e54efd554ef622e137333d27ab85d0a49
SHA512

549df43a9c7bc4eadf3b72dbd38e2549cf7d5a68218d7bd691fdbb1f835b8723a4efe92ae9d687a6ec24f1d1594edb33000b681bc0b6fabd625d70c2765f7db0
SSDEEP

98304:vjC1W1QQPd8b0rb3YYRRtOcNglutlfj/6LN7iafrCoglUdInSYENS3:LC1EvPSYrzRRyuT2LNnjLaHEA3

Score

1^/10

Malware Config

Signatures

Files

7e58dde124aa4ad5df544d56b2bdcc6d
.dll windows:5 windows x86 arch:x86

540fde2772bd220df6277bd213c21b59

Code Sign

01
Certificate

Issuer

CN=Microsoft Corporation,O=Microsoft Code Signing PCA,C=WA

Not Before

04/08/2021, 02:58

Not After

04/08/2022, 02:58

Subject

CN=Microsoft Corporation,O=Microsoft Code Signing PCA,C=WA

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02/05/2019, 00:00

Not After

18/01/2038, 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

8c:77:a0:00:8f:f4:d1:b0:c6:3d:9f:3a:48:83:8d:6b
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

23/10/2020, 00:00

Not After

22/01/2032, 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #2,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

01
Certificate

Issuer

CN=Microsoft Corporation,O=Microsoft Code Signing PCA,C=WA

Not Before

04/08/2021, 02:58

Not After

04/08/2022, 02:58

Subject

CN=Microsoft Corporation,O=Microsoft Code Signing PCA,C=WA

8c:77:a0:00:8f:f4:d1:b0:c6:3d:9f:3a:48:83:8d:6b
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

23/10/2020, 00:00

Not After

22/01/2032, 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #2,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02/05/2019, 00:00

Not After

18/01/2038, 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

92:78:02:9d:03:39:b1:1c:0c:3d:01:0f:9c:a8:fb:66:5d:a1:74:93:ce:ca:36:66:35:39:36:c9:33:82:69:ce
Signer

Actual PE Digest

92:78:02:9d:03:39:b1:1c:0c:3d:01:0f:9c:a8:fb:66:5d:a1:74:93:ce:ca:36:66:35:39:36:c9:33:82:69:ce

Digest Algorithm

sha256

PE Digest Matches

true

e5:b4:d2:12:d8:6a:b3:35:02:4d:2a:a6:43:fe:ce:dd:5a:a1:f9:3d
Signer

Actual PE Digest

e5:b4:d2:12:d8:6a:b3:35:02:4d:2a:a6:43:fe:ce:dd:5a:a1:f9:3d

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetModuleHandleA

user32

MessageBoxW

advapi32

RegQueryInfoKeyW

msvcrt

memset

urlmon

HlinkNavigateString

comctl32

ImageList_GetIconSize

gdi32

SetBrushOrgEx

shfolder

SHGetFolderPathW

winmm

timeGetTime

magnification

MagSetWindowFilterList

netapi32

NetWkstaGetInfo

wsock32

getsockname

version

GetFileVersionInfoSizeW

oleaut32

VariantChangeType

ole32

IsEqualGUID

shell32

SHGetDesktopFolder

Exports

Exports

HASH_Begin
HASH_Create
HASH_Destroy
HASH_End
HASH_Update
NSS_Initialize
TMethodImplementationIntercept
WNetAddConnection2A
__dbk_fcall_wrapper
dbkFCallWrapperAddr

Sections

Size: - Virtual size: 13.4MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3.2MB - Virtual size: 7.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 95KB - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

540fde2772bd220df6277bd213c21b59

Code Sign

01Certificate

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9Certificate

Extended Key Usages

Key Usages

8c:77:a0:00:8f:f4:d1:b0:c6:3d:9f:3a:48:83:8d:6bCertificate

Extended Key Usages

Key Usages

01Certificate

8c:77:a0:00:8f:f4:d1:b0:c6:3d:9f:3a:48:83:8d:6bCertificate

Extended Key Usages

Key Usages

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9Certificate

Extended Key Usages

Key Usages

92:78:02:9d:03:39:b1:1c:0c:3d:01:0f:9c:a8:fb:66:5d:a1:74:93:ce:ca:36:66:35:39:36:c9:33:82:69:ceSigner

e5:b4:d2:12:d8:6a:b3:35:02:4d:2a:a6:43:fe:ce:dd:5a:a1:f9:3dSigner

Headers

File Characteristics

Imports

kernel32

user32

advapi32

msvcrt

urlmon

comctl32

gdi32

shfolder

winmm

magnification

netapi32

wsock32

version

oleaut32

ole32

shell32

Exports

Exports

Sections

Size: - Virtual size: 13.4MB

Size: 512B - Virtual size: 4KB

Size: 512B - Virtual size: 4KB

Size: 1KB - Virtual size: 4KB

.rsrc Size: 3.2MB - Virtual size: 7.9MB

Size: 95KB - Virtual size: 96KB

01
Certificate

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

8c:77:a0:00:8f:f4:d1:b0:c6:3d:9f:3a:48:83:8d:6b
Certificate

01
Certificate

8c:77:a0:00:8f:f4:d1:b0:c6:3d:9f:3a:48:83:8d:6b
Certificate

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

92:78:02:9d:03:39:b1:1c:0c:3d:01:0f:9c:a8:fb:66:5d:a1:74:93:ce:ca:36:66:35:39:36:c9:33:82:69:ce
Signer

e5:b4:d2:12:d8:6a:b3:35:02:4d:2a:a6:43:fe:ce:dd:5a:a1:f9:3d
Signer

.rsrc
Size: 3.2MB - Virtual size: 7.9MB