bf32e333d663fe20ab1c77d2f3f3af946fb159c51b1cd3b4b2afd6fc3e1897bb

Sharing

Copy URL

Twitter E-mail

General

Target

bf32e333d663fe20ab1c77d2f3f3af946fb159c51b1cd3b4b2afd6fc3e1897bb
Size

1.5MB
MD5

695a0d416cdccad008acb2369b0165a2
SHA1

c9002f65273ac587f5753f50cf61911885d92521
SHA256

bf32e333d663fe20ab1c77d2f3f3af946fb159c51b1cd3b4b2afd6fc3e1897bb
SHA512

e92a53c963f5aacf94cbbda3da097d1f29140459ff552d5659ecca3f6c33aec6063c13ce16d3ff6c0046ee88400c6bc5bf410aa9fbc4513c478c0bc0423de051
SSDEEP

24576:kcDD3THmsmB7K1k52fzgtv0HqIYG3yC3Q1KbeRho7KWU8RKDyAlAY:bTHmsq72zgtv0HYG37bD7KWU8UhV

Score

1^/10

Malware Config

Signatures

Files

bf32e333d663fe20ab1c77d2f3f3af946fb159c51b1cd3b4b2afd6fc3e1897bb
.exe windows:4 windows x86 arch:x86

3d5653e951869b517f5970bc8af2ea09

Code Sign

6c:a5:71:23:eb:72:2a:ba:4c:17:c3:5c:1a:0d:6d:83
Certificate

Issuer

CN=AEQATRXK

Not Before

12-02-2019 19:09

Not After

31-12-2039 23:59

Subject

CN=AEQATRXK

Extended Key Usages

ExtKeyUsageCodeSigning

16:88:f0:39:25:5e:63:8e:69:14:39:07:e6:33:0b
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

31-12-2015 00:00

Not After

09-07-2019 18:40

Subject

CN=COMODO SHA-1 Time Stamping Signer,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

88:ba:7f:ed:80:21:50:4b:b0:7a:f2:86:37:78:a0:01:99:56:f9:9c
Signer

Actual PE Digest

88:ba:7f:ed:80:21:50:4b:b0:7a:f2:86:37:78:a0:01:99:56:f9:9c

Digest Algorithm

sha1

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LocalAlloc
ExitProcess
WriteFile
SetFilePointer
GetCurrentProcessId
GetCurrentThreadId
GetCommandLineW
GlobalFree
FreeLibrary
GetProcAddress
GetLastError
LoadLibraryW
GlobalAlloc
lstrcpynW
lstrcpyW
GetPrivateProfileStringW
GetVersionExW
lstrcmpiW
GetModuleHandleW
FindClose
FindNextFileW
DeleteFileW
SetFileAttributesW
FindFirstFileW
lstrcatW
CompareStringW
GetFullPathNameW
GetPrivateProfileIntW
CreateSemaphoreW
QueryPerformanceCounter
GetTickCount
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
CloseHandle
GetCommandLineA
GetVersionExA
GetModuleHandleA
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
GetFileType
HeapDestroy
HeapCreate
VirtualFree
HeapFree
HeapAlloc
LCMapStringA
MultiByteToWideChar
LCMapStringW
GetCPInfo
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
IsValidCodePage
GetStringTypeA
GetStringTypeW
LoadLibraryA
GetACP
GetOEMCP
VirtualAlloc
HeapReAlloc
RtlUnwind
InterlockedExchange
VirtualQuery
VirtualProtect
GetSystemInfo
SetStdHandle
GetLocaleInfoW
FlushFileBuffers
Sleep
LocalFree
lstrcmpW
lstrlenW
GetStartupInfoA
GetModuleFileNameW

user32

GetSubMenu
GetMenu
IsWindowEnabled
GetLastActivePopup
GetForegroundWindow
RegisterClassA
CreateWindowExW
GetClassInfoA
GetClassInfoW
GetDlgCtrlID
GetTopWindow
AdjustWindowRectEx
SystemParametersInfoA
GetMonitorInfoA
MonitorFromWindow
RemovePropA
GetPropA
SetPropA
SetWindowLongW
GetWindowTextA
BeginDeferWindowPos
EndDeferWindowPos
DeferWindowPos
GetAsyncKeyState
SendDlgItemMessageA
DrawFocusRect
DrawIcon
CharPrevA
DestroyWindow
IsCharAlphaNumericA
CharNextA
GetDC
ReleaseDC
MapDialogRect
MessageBoxW
ShowWindow
LoadMenuW
GetSysColorBrush
InSendMessage
CharUpperW
GetMenuContextHelpId
GetDialogBaseUnits

gdi32

CreateMetaFileA
GetBkColor
SaveDC
DeleteMetaFile
UpdateColors

advapi32

RegOpenKeyExA
RegQueryValueExW

Sections

.text
Size: 153KB - Virtual size: 152KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 523KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

3d5653e951869b517f5970bc8af2ea09

Code Sign

6c:a5:71:23:eb:72:2a:ba:4c:17:c3:5c:1a:0d:6d:83Certificate

Extended Key Usages

16:88:f0:39:25:5e:63:8e:69:14:39:07:e6:33:0bCertificate

Extended Key Usages

Key Usages

88:ba:7f:ed:80:21:50:4b:b0:7a:f2:86:37:78:a0:01:99:56:f9:9cSigner

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

Sections

.text Size: 153KB - Virtual size: 152KB

.rdata Size: 1.4MB - Virtual size: 1.4MB

.data Size: 4KB - Virtual size: 523KB

6c:a5:71:23:eb:72:2a:ba:4c:17:c3:5c:1a:0d:6d:83
Certificate

16:88:f0:39:25:5e:63:8e:69:14:39:07:e6:33:0b
Certificate

88:ba:7f:ed:80:21:50:4b:b0:7a:f2:86:37:78:a0:01:99:56:f9:9c
Signer

.text
Size: 153KB - Virtual size: 152KB

.rdata
Size: 1.4MB - Virtual size: 1.4MB

.data
Size: 4KB - Virtual size: 523KB