MultiTool[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

MultiTool.exe
Size

45.6MB
MD5

683c558e66fac6c1c1e28817e0c9c870
SHA1

a9739602bd7c5794d02bf40d409d46d0c093e836
SHA256

45a0528c83d107f82f00308f3f91c902bf85fe7390614b51708e4d0206e33ae7
SHA512

660191074bdb8408a4992be93e390485af47398b4634b1e1e3b07543d7a1eb2cbd8187a2ce8b9376bb40c11c407124505e75849be6306a85d13c27906e03cb1e
SSDEEP

786432:b6gK5YgxgDg5gUgDg5gnrgR55EhNfaHlOwropez//5:b66gGY5GYQrC4h9aH/roY//5

Score

1^/10

Malware Config

Signatures

Files

MultiTool.exe
.exe windows:4 windows x64 arch:x64

Code Sign

24:4c:bc:25:3c:1f:60:0c
Certificate

Issuer

CN=9de6b3d1-2171-41d6-bbb1-24516f260a6c

Not Before

08/11/2023, 23:35

Not After

08/11/2024, 11:35

Subject

CN=9de6b3d1-2171-41d6-bbb1-24516f260a6c

39:4c:25:e1:7c:a0:6d:27:a8:65:e2:3b:d9:1d:22:d4
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

03/05/2023, 00:00

Not After

02/08/2034, 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #4,O=Sectigo Limited,ST=Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02/05/2019, 00:00

Not After

18/01/2038, 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

c3:8f:26:1a:5a:db:54:1a:dd:ad:0d:30:d9:ad:7d:8d:40:01:37:6c:32:00:31:ad:72:99:bf:23:b8:1e:0a:9e
Signer

Actual PE Digest

c3:8f:26:1a:5a:db:54:1a:dd:ad:0d:30:d9:ad:7d:8d:40:01:37:6c:32:00:31:ad:72:99:bf:23:b8:1e:0a:9e

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

.text
Size: 45.5MB - Virtual size: 45.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 116KB - Virtual size: 115KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Code Sign

24:4c:bc:25:3c:1f:60:0cCertificate

39:4c:25:e1:7c:a0:6d:27:a8:65:e2:3b:d9:1d:22:d4Certificate

Extended Key Usages

Key Usages

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9Certificate

Extended Key Usages

Key Usages

c3:8f:26:1a:5a:db:54:1a:dd:ad:0d:30:d9:ad:7d:8d:40:01:37:6c:32:00:31:ad:72:99:bf:23:b8:1e:0a:9eSigner

Headers

DLL Characteristics

File Characteristics

Sections

.text Size: 45.5MB - Virtual size: 45.5MB

.rsrc Size: 116KB - Virtual size: 115KB

24:4c:bc:25:3c:1f:60:0c
Certificate

39:4c:25:e1:7c:a0:6d:27:a8:65:e2:3b:d9:1d:22:d4
Certificate

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

c3:8f:26:1a:5a:db:54:1a:dd:ad:0d:30:d9:ad:7d:8d:40:01:37:6c:32:00:31:ad:72:99:bf:23:b8:1e:0a:9e
Signer

.text
Size: 45.5MB - Virtual size: 45.5MB

.rsrc
Size: 116KB - Virtual size: 115KB