22e2bcca5afd5e52dd8c3f38733f0536

Sharing

Copy URL

Twitter E-mail

General

Target

22e2bcca5afd5e52dd8c3f38733f0536
Size

2.0MB
MD5

22e2bcca5afd5e52dd8c3f38733f0536
SHA1

daa357db2376cd8bacf90ec54d463ae01285a0d7
SHA256

ebc65a0de1181cf74562042be9a2c87fadc0e3982fb5c15d27a58570ed155746
SHA512

a657978d60524ffae6635a946b534c2c9001035d54ca0d1ed53cd9e3c5abbcdd93b65dd9f1c947fb3de32ee9286f766b5cf971ac337dc3d4bca0a6508fd35d49
SSDEEP

3072:RrUbfrh/TP/lpDbIqUKQ0yzMrPye1TMhj4fujyaVzm28NaU:ybFLP/bXHUFzAae1bujL9d8Nd

Score

1^/10

Malware Config

Signatures

Files

22e2bcca5afd5e52dd8c3f38733f0536
.dll windows:4 windows x86 arch:x86

9f218d386c5c8cb163315c801b4de4d7

Code Sign

f6:75:13:9e:a6:8b:89:7a:86:5a:98:f8:e4:61:1f:00
Certificate

Issuer

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

03-12-2020 00:00

Not After

03-12-2021 23:59

Subject

CN=BS TEHNIK d.o.o.,O=BS TEHNIK d.o.o.,POSTALCODE=1225,STREET=Vevrov trg 1,L=Lukovica,C=SI

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

01
Certificate

Issuer

CN=AAA Certificate Services,O=Comodo CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

01-01-2004 00:00

Not After

31-12-2028 23:59

Subject

CN=AAA Certificate Services,O=Comodo CA Limited,L=Salford,ST=Greater Manchester,C=GB

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

39:72:44:3a:f9:22:b7:51:d7:d3:6c:10:dd:31:35:95
Certificate

Issuer

CN=AAA Certificate Services,O=Comodo CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

12-03-2019 00:00

Not After

31-12-2028 23:59

Subject

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-11-2018 00:00

Not After

31-12-2030 23:59

Subject

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

dc:a5:ed:01:11:b0:11:f2:9f:c8:2c:85:d7:d5:33:58:39:8e:43:53
Signer

Actual PE Digest

dc:a5:ed:01:11:b0:11:f2:9f:c8:2c:85:d7:d5:33:58:39:8e:43:53

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetModuleHandleW
GetLastError
VirtualAllocEx
GetCurrentProcessId
SetUnhandledExceptionFilter
GetSystemTimeAsFileTime
TerminateProcess
UnhandledExceptionFilter
lstrcmpiW
lstrlenW
GetTickCount
lstrcpyW
lstrcatW
OpenEventW
SetEvent
CreateEventW
CloseHandle
CreateProcessW
GetModuleFileNameW
ExitProcess
GetCommandLineW
QueryPerformanceCounter
GetCurrentThreadId
GetCurrentProcess

user32

LoadIconA
GetMenuContextHelpId
GetLastActivePopup
GetWindowTextLengthA
IsClipboardFormatAvailable
GetListBoxInfo
GetInputState
IsCharLowerW
IsMenu
IsCharUpperA
GetCapture
VkKeyScanW
CountClipboardFormats
GetOpenClipboardWindow
OpenIcon
CharUpperW
GetClipboardData
LoadCursorFromFileW
GetKeyboardLayout
GetWindowTextLengthW
CloseWindowStation
GetClipboardSequenceNumber
GetMenuCheckMarkDimensions
IsCharAlphaNumericA
GetMessageTime
PaintDesktop
GetParent
CharNextA
GetSystemMetrics
IsCharUpperW
CharUpperA
IsCharAlphaNumericW
WindowFromDC
DestroyMenu
DestroyIcon
IsWindowUnicode
IsCharLowerA
GetDC
IsCharAlphaW
VkKeyScanA
EndMenu
IsWindowVisible
DrawMenuBar
GetDialogBaseUnits
CreatePopupMenu
GetFocus
GetWindowContextHelpId
GetKeyboardType
IsCharAlphaA
GetDlgCtrlID
DestroyCursor
GetQueueStatus
GetCaretBlinkTime
GetThreadDesktop
GetShellWindow
ShowCaret
CloseClipboard
CopyIcon
GetDesktopWindow
GetDoubleClickTime
GetForegroundWindow
OemKeyScan
LoadStringA
MessageBoxA
SetThreadDesktop
ReleaseDC
OpenInputDesktop
GetWindowRect
GetWindowDC
GetUserObjectInformationA
GetSysColor
GetIconInfo
FillRect
DrawTextA
DrawIconEx
CreateIcon
CloseDesktop
CharLowerBuffA
CharToOemA

gdi32

GetStockObject
GetEnhMetaFileW
GetEnhMetaFileBits
StrokePath
DeleteEnhMetaFile
CloseMetaFile
GetTextCharset
DeleteObject
GetStretchBltMode
CreateSolidBrush
GetObjectType
CancelDC
CreatePatternBrush
GetColorSpace
CloseEnhMetaFile
CreateHalftonePalette
FlattenPath
EndPath
GetPixelFormat
EndPage
GetEnhMetaFileA
GetBkColor
UpdateColors
UnrealizeObject
GetGraphicsMode
DeleteMetaFile
GetDCBrushColor
GetBkMode
CreateMetaFileA
GetMapMode
SaveDC
GdiGetBatchLimit
WidenPath
RealizePalette
CreateMetaFileW
GetSystemPaletteUse
BeginPath
DeleteDC
GetLayout

advapi32

RegOpenKeyA

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text8
Size: 512B - Virtual size: 300B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text7
Size: 512B - Virtual size: 300B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text6
Size: 512B - Virtual size: 300B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text5
Size: 512B - Virtual size: 300B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text4
Size: 512B - Virtual size: 300B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text3
Size: 512B - Virtual size: 300B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text2
Size: 512B - Virtual size: 300B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 573B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2.0MB - Virtual size: 2.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 884B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9f218d386c5c8cb163315c801b4de4d7

Code Sign

f6:75:13:9e:a6:8b:89:7a:86:5a:98:f8:e4:61:1f:00Certificate

Extended Key Usages

Key Usages

01Certificate

Key Usages

39:72:44:3a:f9:22:b7:51:d7:d3:6c:10:dd:31:35:95Certificate

Key Usages

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6aCertificate

Extended Key Usages

Key Usages

dc:a5:ed:01:11:b0:11:f2:9f:c8:2c:85:d7:d5:33:58:39:8e:43:53Signer

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

Sections

.text Size: 5KB - Virtual size: 5KB

.text8 Size: 512B - Virtual size: 300B

.text7 Size: 512B - Virtual size: 300B

.text6 Size: 512B - Virtual size: 300B

.text5 Size: 512B - Virtual size: 300B

.text4 Size: 512B - Virtual size: 300B

.text3 Size: 512B - Virtual size: 300B

.text2 Size: 512B - Virtual size: 300B

.rdata Size: 1024B - Virtual size: 573B

.data Size: 2.0MB - Virtual size: 2.0MB

.rsrc Size: 5KB - Virtual size: 4KB

.reloc Size: 1024B - Virtual size: 884B

f6:75:13:9e:a6:8b:89:7a:86:5a:98:f8:e4:61:1f:00
Certificate

01
Certificate

39:72:44:3a:f9:22:b7:51:d7:d3:6c:10:dd:31:35:95
Certificate

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

dc:a5:ed:01:11:b0:11:f2:9f:c8:2c:85:d7:d5:33:58:39:8e:43:53
Signer

.text
Size: 5KB - Virtual size: 5KB

.text8
Size: 512B - Virtual size: 300B

.text7
Size: 512B - Virtual size: 300B

.text6
Size: 512B - Virtual size: 300B

.text5
Size: 512B - Virtual size: 300B

.text4
Size: 512B - Virtual size: 300B

.text3
Size: 512B - Virtual size: 300B

.text2
Size: 512B - Virtual size: 300B

.rdata
Size: 1024B - Virtual size: 573B

.data
Size: 2.0MB - Virtual size: 2.0MB

.rsrc
Size: 5KB - Virtual size: 4KB

.reloc
Size: 1024B - Virtual size: 884B