bf32e333d663fe20ab1c77d2f3f3af946fb159c51b1cd3b4b2afd6fc3e1897bb[.]rar

Resubmissions

14-05-2023 23:14

230514-28eq7sgb8z 10

Sharing

Copy URL

Twitter E-mail

General

Target

bf32e333d663fe20ab1c77d2f3f3af946fb159c51b1cd3b4b2afd6fc3e1897bb.rar
Size

917KB
MD5

ce394be06f41a579a7f0ebebe0b61d3c
SHA1

7140c53ab25d95c2e031c3e546a5d69c72d3a77c
SHA256

88380436e1de1a6f4ad4c81131fd32734889e3cdf0a71029df19c1cad01fbc7a
SHA512

a218b58ad11f6f0ba4f6089fe2a3b3fd059426227d58bc1931e8a360e85d19fe95275e77c4e1ba56c04ebfeeefe284b5bdca82a2696bf644f73300c634a139b3
SSDEEP

24576:J69Yc1eaKpHsvQezkVfZzmckXNf5NklgfkGQppv9:81+3XqmGM

Score

1^/10

Malware Config

Signatures

Files

bf32e333d663fe20ab1c77d2f3f3af946fb159c51b1cd3b4b2afd6fc3e1897bb.rar
.rar
bf32e333d663fe20ab1c77d2f3f3af946fb159c51b1cd3b4b2afd6fc3e1897bb
.exe windows:4 windows x86 arch:x86

3d5653e951869b517f5970bc8af2ea09

Code Sign

6c:a5:71:23:eb:72:2a:ba:4c:17:c3:5c:1a:0d:6d:83
Certificate

Issuer

CN=AEQATRXK

Not Before

12-02-2019 19:09

Not After

31-12-2039 23:59

Subject

CN=AEQATRXK

Extended Key Usages

ExtKeyUsageCodeSigning

16:88:f0:39:25:5e:63:8e:69:14:39:07:e6:33:0b
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

31-12-2015 00:00

Not After

09-07-2019 18:40

Subject

CN=COMODO SHA-1 Time Stamping Signer,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

88:ba:7f:ed:80:21:50:4b:b0:7a:f2:86:37:78:a0:01:99:56:f9:9c
Signer

Actual PE Digest

88:ba:7f:ed:80:21:50:4b:b0:7a:f2:86:37:78:a0:01:99:56:f9:9c

Digest Algorithm

sha1

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LocalAlloc
ExitProcess
WriteFile
SetFilePointer
GetCurrentProcessId
GetCurrentThreadId
GetCommandLineW
GlobalFree
FreeLibrary
GetProcAddress
GetLastError
LoadLibraryW
GlobalAlloc
lstrcpynW
lstrcpyW
GetPrivateProfileStringW
GetVersionExW
lstrcmpiW
GetModuleHandleW
FindClose
FindNextFileW
DeleteFileW
SetFileAttributesW
FindFirstFileW
lstrcatW
CompareStringW
GetFullPathNameW
GetPrivateProfileIntW
CreateSemaphoreW
QueryPerformanceCounter
GetTickCount
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
CloseHandle
GetCommandLineA
GetVersionExA
GetModuleHandleA
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
GetFileType
HeapDestroy
HeapCreate
VirtualFree
HeapFree
HeapAlloc
LCMapStringA
MultiByteToWideChar
LCMapStringW
GetCPInfo
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
IsValidCodePage
GetStringTypeA
GetStringTypeW
LoadLibraryA
GetACP
GetOEMCP
VirtualAlloc
HeapReAlloc
RtlUnwind
InterlockedExchange
VirtualQuery
VirtualProtect
GetSystemInfo
SetStdHandle
GetLocaleInfoW
FlushFileBuffers
Sleep
LocalFree
lstrcmpW
lstrlenW
GetStartupInfoA
GetModuleFileNameW

user32

GetSubMenu
GetMenu
IsWindowEnabled
GetLastActivePopup
GetForegroundWindow
RegisterClassA
CreateWindowExW
GetClassInfoA
GetClassInfoW
GetDlgCtrlID
GetTopWindow
AdjustWindowRectEx
SystemParametersInfoA
GetMonitorInfoA
MonitorFromWindow
RemovePropA
GetPropA
SetPropA
SetWindowLongW
GetWindowTextA
BeginDeferWindowPos
EndDeferWindowPos
DeferWindowPos
GetAsyncKeyState
SendDlgItemMessageA
DrawFocusRect
DrawIcon
CharPrevA
DestroyWindow
IsCharAlphaNumericA
CharNextA
GetDC
ReleaseDC
MapDialogRect
MessageBoxW
ShowWindow
LoadMenuW
GetSysColorBrush
InSendMessage
CharUpperW
GetMenuContextHelpId
GetDialogBaseUnits

gdi32

CreateMetaFileA
GetBkColor
SaveDC
DeleteMetaFile
UpdateColors

advapi32

RegOpenKeyExA
RegQueryValueExW

Sections

.text
Size: 153KB - Virtual size: 152KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 523KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Resubmissions

Sharing

General

Malware Config

Signatures

Files

3d5653e951869b517f5970bc8af2ea09

Code Sign

6c:a5:71:23:eb:72:2a:ba:4c:17:c3:5c:1a:0d:6d:83Certificate

Extended Key Usages

16:88:f0:39:25:5e:63:8e:69:14:39:07:e6:33:0bCertificate

Extended Key Usages

Key Usages

88:ba:7f:ed:80:21:50:4b:b0:7a:f2:86:37:78:a0:01:99:56:f9:9cSigner

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

Sections

.text Size: 153KB - Virtual size: 152KB

.rdata Size: 1.4MB - Virtual size: 1.4MB

.data Size: 4KB - Virtual size: 523KB

6c:a5:71:23:eb:72:2a:ba:4c:17:c3:5c:1a:0d:6d:83
Certificate

16:88:f0:39:25:5e:63:8e:69:14:39:07:e6:33:0b
Certificate

88:ba:7f:ed:80:21:50:4b:b0:7a:f2:86:37:78:a0:01:99:56:f9:9c
Signer

.text
Size: 153KB - Virtual size: 152KB

.rdata
Size: 1.4MB - Virtual size: 1.4MB

.data
Size: 4KB - Virtual size: 523KB