Extended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
Overview
overview
9Static
static
3PlanSwift ...PT.zip
windows7-x64
1PlanSwift ...PT.zip
windows10-2004-x64
1MAYANPROPHECY.nfo
windows7-x64
1MAYANPROPHECY.nfo
windows10-2004-x64
1planswift....PT.exe
windows7-x64
7planswift....PT.exe
windows10-2004-x64
7PlanSwift ...me.txt
windows7-x64
1PlanSwift ...me.txt
windows10-2004-x64
1PlanSwift ...ro.exe
windows7-x64
7PlanSwift ...ro.exe
windows10-2004-x64
9Static task
static1
Behavioral task
behavioral1
Sample
PlanSwift Pro 11.0.0.129 Multilingual/Patch/PlanSwift.10.2.4.32.Patch-MPT.zip
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
PlanSwift Pro 11.0.0.129 Multilingual/Patch/PlanSwift.10.2.4.32.Patch-MPT.zip
Resource
win10v2004-20240419-en
Behavioral task
behavioral3
Sample
MAYANPROPHECY.nfo
Resource
win7-20240220-en
Behavioral task
behavioral4
Sample
MAYANPROPHECY.nfo
Resource
win10v2004-20240226-en
Behavioral task
behavioral5
Sample
planswift.10.2.4.32-MPT.exe
Resource
win7-20240419-en
Behavioral task
behavioral6
Sample
planswift.10.2.4.32-MPT.exe
Resource
win10v2004-20240426-en
Behavioral task
behavioral7
Sample
PlanSwift Pro 11.0.0.129 Multilingual/Readme.txt
Resource
win7-20240215-en
Behavioral task
behavioral8
Sample
PlanSwift Pro 11.0.0.129 Multilingual/Readme.txt
Resource
win10v2004-20240426-en
Behavioral task
behavioral9
Sample
PlanSwift Pro 11.0.0.129 Multilingual/ps11.0.0.129pro.exe
Resource
win7-20240221-en
Behavioral task
behavioral10
Sample
PlanSwift Pro 11.0.0.129 Multilingual/ps11.0.0.129pro.exe
Resource
win10v2004-20240419-en
Target
PlanSwiftPro11.0.0.129.h.taiwebs.com.zip
Size
52.4MB
MD5
0513b13f4526f633d44bed89de1948ce
SHA1
89f8ad623f5ff6fdb781b93e1e8dc9526e87839c
SHA256
a43d8cb0d062f4edd8cb01af15c982ef9bfb7116f2c79fda2338d4b369fcc3cc
SHA512
f929490fbd4c7dbee32023a6179457e367d6e2936e17e822fa7230b218c50c3b4eeb23e94312c1cce67ba1b59b31ca7c0cc7a398233737fb8e16fc915fa14f47
SSDEEP
786432:fIQAG7nTheCDLYZKzI7w92hkmtfkQwhFT+pE9SEgO1gbYgDPKXrIPJJWagf/PNcG:fI4rThVYoM7iYXMVcEUYKKCJa+G
Checks for missing Authenticode signature.
resource |
---|
unpack002/planswift.10.2.4.32-MPT.exe |
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
DeleteFileA
ExitProcess
FindResourceA
FreeLibrary
GetModuleHandleA
GetProcAddress
GetTempPathA
LoadLibraryA
LoadResource
RtlMoveMemory
SizeofResource
VirtualAlloc
lstrcatA
CloseHandle
CreateFileA
FlushFileBuffers
WriteFile
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ExtKeyUsageCodeSigning
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
ExtKeyUsageCodeSigning
KeyUsageDigitalSignature
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ