8390c9aff9b8f652c36252270d51fb30

Sharing

Copy URL

Twitter E-mail

General

Target

8390c9aff9b8f652c36252270d51fb30
Size

529KB
MD5

8390c9aff9b8f652c36252270d51fb30
SHA1

919ce33025c1901a2088b77c8543eb729fccf17a
SHA256

f41d351cba690cf05e4b5e5597b71697eb2e9125b656927aaf93edba25fbc8cd
SHA512

c1d5326f0a40d673aa1647842915d6eab70a34383238387bc2b7b4027d38d6d07676b71ff0a7e3d71d884c080f315714792459aaf49f90c3970404f032fe1a19
SSDEEP

12288:ntCE7dSeqW+MNurWAFKlJejMSH6nimDC2t:bdSeSvrWAFK7ejNa/e0

Score

1^/10

Malware Config

Signatures

Files

8390c9aff9b8f652c36252270d51fb30
.dll windows:5 windows x86 arch:x86

893b3c6ab75c9d2e34ac699ab426df7b

Code Sign

0c:e7:e0:e5:17:d8:46:fe:8f:e5:60:fc:1b:f0:30:39
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

10-11-2006 00:00

Not After

10-11-2031 00:00

Subject

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22-10-2013 12:00

Not After

22-10-2028 12:00

Subject

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

04:07:ab:b6:4e:99:90:18:07:89:ea:cb:81:f5:f9:14
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

14-12-2020 00:00

Not After

18-12-2023 23:59

Subject

CN=VideoLAN,O=VideoLAN,L=Paris,C=FR

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07-01-2016 12:00

Not After

07-01-2031 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01-01-2021 00:00

Not After

06-01-2031 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0c:e7:e0:e5:17:d8:46:fe:8f:e5:60:fc:1b:f0:30:39
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

10-11-2006 00:00

Not After

10-11-2031 00:00

Subject

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22-10-2013 12:00

Not After

22-10-2028 12:00

Subject

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

04:07:ab:b6:4e:99:90:18:07:89:ea:cb:81:f5:f9:14
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

14-12-2020 00:00

Not After

18-12-2023 23:59

Subject

CN=VideoLAN,O=VideoLAN,L=Paris,C=FR

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07-01-2016 12:00

Not After

07-01-2031 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01-01-2021 00:00

Not After

06-01-2031 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

5e:f4:bc:cf:62:77:7b:d9:08:fd:cc:03:5c:ab:ca:6d:f7:2d:da:e8:e0:50:e0:89:a6:79:59:29:05:d6:4f:ec
Signer

Actual PE Digest

5e:f4:bc:cf:62:77:7b:d9:08:fd:cc:03:5c:ab:ca:6d:f7:2d:da:e8:e0:50:e0:89:a6:79:59:29:05:d6:4f:ec

Digest Algorithm

sha256

PE Digest Matches

false

5d:7d:9a:f1:0d:19:e1:21:47:14:ae:0a:98:11:22:59:c8:cc:06:d6
Signer

Actual PE Digest

5d:7d:9a:f1:0d:19:e1:21:47:14:ae:0a:98:11:22:59:c8:cc:06:d6

Digest Algorithm

sha1

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

c:\new\Kept\Especially\act m\home.pdb

Imports

kernel32

WaitForSingleObject
SetEvent
LoadLibraryW
Sleep
GetModuleFileNameW
GetTempPathW
GetCurrentDirectoryW
GetProcAddress
VirtualProtect
FlushFileBuffers
CloseHandle
CreateFileA
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
GetConsoleMode
GetConsoleCP
SetFilePointer
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
MultiByteToWideChar
LoadLibraryA
RtlUnwind
OutputDebugStringW
WriteConsoleW
OutputDebugStringA
DebugBreak
WriteFile
InitializeCriticalSectionAndSpinCount
IsValidCodePage
GetCPInfo
GetOEMCP
GetACP
VirtualAlloc
HeapReAlloc
HeapSize
HeapAlloc
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
VirtualFree
HeapFree
HeapCreate
HeapDestroy
GetEnvironmentStringsW
WideCharToMultiByte
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetModuleFileNameA
GetStartupInfoA
GetFileType
GetStdHandle
SetHandleCount
ExitProcess
InterlockedDecrement
GetLastError
SetLastError
InterlockedIncrement
TlsFree
TlsSetValue
GetCurrentThreadId
GetCommandLineA
HeapValidate
IsBadReadPtr
RaiseException
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
TlsGetValue
GetModuleHandleW
TlsAlloc

user32

UnhookWinEvent
SetWinEventHook

ole32

OleUninitialize
OleSetContainedObject
OleInitialize

version

GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueW

oleacc

GetRoleTextW
GetOleaccVersionInfo
AccessibleObjectFromPoint

pdh

PdhLookupPerfNameByIndexW
PdhComputeCounterStatistics
PdhGetDefaultPerfObjectHW
PdhCollectQueryDataEx
PdhEnumObjectsHW
PdhGetDefaultPerfCounterHW
PdhGetCounterInfoW
PdhSetCounterScaleFactor
PdhEnumObjectItemsHW
PdhReadRawLogRecord
PdhLookupPerfIndexByNameW
PdhValidatePathW
PdhCreateSQLTablesW
PdhBrowseCountersHW
PdhGetRawCounterValue
PdhGetDllVersion
PdhAddCounterW
PdhEnumObjectItemsW
PdhRemoveCounter
PdhCalculateCounterFromRawValue
PdhParseCounterPathW
PdhGetDataSourceTimeRangeH
PdhOpenLogW
PdhGetDataSourceTimeRangeW
PdhOpenQueryW
PdhUpdateLogFileCatalog
PdhCloseLog
PdhGetLogSetGUID
PdhGetDefaultPerfCounterW
PdhConnectMachineW
PdhUpdateLogW
PdhGetCounterTimeBase
PdhGetDefaultPerfObjectW
PdhBrowseCountersW
PdhFormatFromRawValue
PdhBindInputDataSourceW
PdhEnumMachinesHW
PdhEnumMachinesW
PdhExpandWildCardPathW
PdhMakeCounterPathW
PdhSelectDataSourceW
PdhGetFormattedCounterValue
PdhSetLogSetRunID
PdhCloseQuery
PdhOpenQueryH
PdhVerifySQLDBW
PdhGetRawCounterArrayW
PdhParseInstanceNameW
PdhExpandWildCardPathHW
PdhEnumLogSetNamesW
PdhExpandCounterPathW
PdhSetDefaultRealTimeDataSource
PdhGetFormattedCounterArrayW
PdhEnumObjectsW
PdhSetQueryTimeRange
PdhGetLogFileSize

Exports

Exports

Edge
Lowof

Sections

.text
Size: 493KB - Virtual size: 492KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 98KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

893b3c6ab75c9d2e34ac699ab426df7b

Code Sign

0c:e7:e0:e5:17:d8:46:fe:8f:e5:60:fc:1b:f0:30:39Certificate

Key Usages

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08Certificate

Extended Key Usages

Key Usages

04:07:ab:b6:4e:99:90:18:07:89:ea:cb:81:f5:f9:14Certificate

Extended Key Usages

Key Usages

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15Certificate

Extended Key Usages

Key Usages

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:ddCertificate

Extended Key Usages

Key Usages

0c:e7:e0:e5:17:d8:46:fe:8f:e5:60:fc:1b:f0:30:39Certificate

Key Usages

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08Certificate

Extended Key Usages

Key Usages

04:07:ab:b6:4e:99:90:18:07:89:ea:cb:81:f5:f9:14Certificate

Extended Key Usages

Key Usages

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15Certificate

Extended Key Usages

Key Usages

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:ddCertificate

Extended Key Usages

Key Usages

5e:f4:bc:cf:62:77:7b:d9:08:fd:cc:03:5c:ab:ca:6d:f7:2d:da:e8:e0:50:e0:89:a6:79:59:29:05:d6:4f:ecSigner

5d:7d:9a:f1:0d:19:e1:21:47:14:ae:0a:98:11:22:59:c8:cc:06:d6Signer

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

ole32

version

oleacc

pdh

Exports

Exports

Sections

.text Size: 493KB - Virtual size: 492KB

.data Size: 4KB - Virtual size: 98KB

.reloc Size: 16KB - Virtual size: 15KB

0c:e7:e0:e5:17:d8:46:fe:8f:e5:60:fc:1b:f0:30:39
Certificate

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

04:07:ab:b6:4e:99:90:18:07:89:ea:cb:81:f5:f9:14
Certificate

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

0c:e7:e0:e5:17:d8:46:fe:8f:e5:60:fc:1b:f0:30:39
Certificate

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

04:07:ab:b6:4e:99:90:18:07:89:ea:cb:81:f5:f9:14
Certificate

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

5e:f4:bc:cf:62:77:7b:d9:08:fd:cc:03:5c:ab:ca:6d:f7:2d:da:e8:e0:50:e0:89:a6:79:59:29:05:d6:4f:ec
Signer

5d:7d:9a:f1:0d:19:e1:21:47:14:ae:0a:98:11:22:59:c8:cc:06:d6
Signer

.text
Size: 493KB - Virtual size: 492KB

.data
Size: 4KB - Virtual size: 98KB

.reloc
Size: 16KB - Virtual size: 15KB