b71ed1f09e16ce89c7ea9b64feba1e8d39b8103191062ec3f85dc8a689ac3525[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

b71ed1f09e16ce89c7ea9b64feba1e8d39b8103191062ec3f85dc8a689ac3525.exe
Size

294KB
MD5

358e8aca62af3968c2468ea48ab51666
SHA1

f56a9aeac008bbb6b7f55ab2724fb62ecf7141cf
SHA256

b71ed1f09e16ce89c7ea9b64feba1e8d39b8103191062ec3f85dc8a689ac3525
SHA512

c930f4d75ec28cbb3284e94133c727bd4dd3dc55ba1fc765b5c7bfd1a910289eec6e66345b936713f3ccb079675a137f6ddc941d15a678c1c85e6d71499d0f63
SSDEEP

6144:CDm7mfz+SOkynqxlZw3wWTEYZvjBNbGagbE567V9KKSwhOg:CDm7W+WpHZw3wYlZvNwK6B9K3w3

Score

1^/10

Malware Config

Signatures

Files

b71ed1f09e16ce89c7ea9b64feba1e8d39b8103191062ec3f85dc8a689ac3525.exe
.exe windows:4 windows x86 arch:x86

a3e64c26b46a2ec2368b17357b523427

Code Sign

33:00:00:03:a5:41:11:e8:f0:7f:be:0b:75:00:00:00:00:03:a5
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

19-10-2023 19:51

Not After

16-10-2024 19:51

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08-07-2011 20:59

Not After

08-07-2026 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

96:c2:9a:e8:21:84:4a:95:1e:4f:92:11:89:c3:f8:05:0e:df:bc:03:d9:16:e1:2f:db:83:66:1d:45:b2:ae:75
Signer

Actual PE Digest

96:c2:9a:e8:21:84:4a:95:1e:4f:92:11:89:c3:f8:05:0e:df:bc:03:d9:16:e1:2f:db:83:66:1d:45:b2:ae:75

Digest Algorithm

sha256

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

GetDeviceCaps
GetClipBox
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SetMapMode
SetTextColor
SetBkColor
GetStockObject
SelectObject
RestoreDC
SaveDC
DeleteDC
DeleteObject
CreateBitmap
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
GetObjectA
SelectPalette

kernel32

LCMapStringA
IsBadCodePtr
GetStringTypeW
GetStringTypeA
LCMapStringW
SetUnhandledExceptionFilter
IsBadWritePtr
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
GetVersionExA
GetEnvironmentVariableA
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetACP
HeapSize
RaiseException
TerminateProcess
RtlUnwind
GetCommandLineA
GetStartupInfoA
GetOEMCP
GetCPInfo
FlushFileBuffers
SetFilePointer
WriteFile
SetErrorMode
GetProcessVersion
GetVersion
GlobalGetAtomNameA
SetStdHandle
GlobalAddAtomA
GlobalFindAtomA
GetLastError
SetLastError
MultiByteToWideChar
InterlockedIncrement
lstrcpyA
lstrcatA
WritePrivateProfileStringA
InterlockedDecrement
GlobalFlags
lstrlenA
lstrcpynA
TlsGetValue
LocalReAlloc
TlsSetValue
EnterCriticalSection
GlobalReAlloc
LeaveCriticalSection
TlsFree
GlobalHandle
GlobalUnlock
GlobalFree
DeleteCriticalSection
TlsAlloc
InitializeCriticalSection
LocalFree
LocalAlloc
GetModuleFileNameA
GlobalLock
GlobalAlloc
GlobalDeleteAtom
lstrcmpA
lstrcmpiA
GetCurrentThread
GetCurrentThreadId
GetCurrentProcess
OpenProcess
CloseHandle
QueryDosDeviceW
lstrlenW
WideCharToMultiByte
GetProcessHeap
GetModuleHandleA
ExitProcess
HeapAlloc
HeapReAlloc
HeapFree
IsBadReadPtr
FreeLibrary
GetProcAddress
LoadLibraryA

psapi

GetProcessImageFileNameW

user32

SetCursor
EnableWindow
GetWindowLongA
IsWindowEnabled
GetLastActivePopup
GetParent
SetWindowsHookExA
GetCursorPos
PeekMessageA
IsWindowVisible
ValidateRect
CallNextHookEx
GetKeyState
GetActiveWindow
DispatchMessageA
TranslateMessage
GetMessageA
GetNextDlgTabItem
SendMessageA
EnableMenuItem
CheckMenuItem
SetMenuItemBitmaps
ModifyMenuA
GetMenuState
LoadBitmapA
GetMenuCheckMarkDimensions
GetClassNameA
PtInRect
GetWindowRect
GetDlgCtrlID
GetWindow
ClientToScreen
SetWindowTextA
GetWindowTextA
UnhookWindowsHookEx
GetMenuItemCount
PostMessageA
PostQuitMessage
wsprintfA
GetFocus
GrayStringA
GetDC
ReleaseDC
TabbedTextOutA
DrawTextA
DestroyMenu
LoadStringA
GetSysColorBrush
LoadCursorA
LoadIconA
MapWindowPoints
GetSysColor
AdjustWindowRectEx
GetClientRect
CopyRect
GetTopWindow
GetCapture
WinHelpA
GetClassInfoA
RegisterClassA
GetMenu
GetSubMenu
GetMenuItemID
DestroyWindow
CreateWindowExA
GetClassLongA
SetPropA
GetPropA
CallWindowProcA
RemovePropA
DefWindowProcA
GetMessageTime
GetMessagePos
GetForegroundWindow
SetForegroundWindow
RegisterWindowMessageA
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetSystemMetrics
SetFocus
ShowWindow
SetWindowPos
SetWindowLongA
GetDlgItem
MessageBoxA
UnregisterClassA

winspool.drv

DocumentPropertiesA
ClosePrinter
OpenPrinterA

advapi32

RegCloseKey
RegOpenKeyExA
RegSetValueExA
RegCreateKeyExA

comctl32

ord17

oleaut32

VariantTimeToSystemTime

Sections

.text
Size: 84KB - Virtual size: 83KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 144KB - Virtual size: 202KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 36KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

a3e64c26b46a2ec2368b17357b523427

Code Sign

33:00:00:03:a5:41:11:e8:f0:7f:be:0b:75:00:00:00:00:03:a5Certificate

Extended Key Usages

61:0e:90:d2:00:00:00:00:00:03Certificate

Key Usages

96:c2:9a:e8:21:84:4a:95:1e:4f:92:11:89:c3:f8:05:0e:df:bc:03:d9:16:e1:2f:db:83:66:1d:45:b2:ae:75Signer

Headers

File Characteristics

Imports

gdi32

kernel32

psapi

user32

winspool.drv

advapi32

comctl32

oleaut32

Sections

.text Size: 84KB - Virtual size: 83KB

.rdata Size: 16KB - Virtual size: 14KB

.data Size: 144KB - Virtual size: 202KB

.rsrc Size: 36KB - Virtual size: 33KB

33:00:00:03:a5:41:11:e8:f0:7f:be:0b:75:00:00:00:00:03:a5
Certificate

61:0e:90:d2:00:00:00:00:00:03
Certificate

96:c2:9a:e8:21:84:4a:95:1e:4f:92:11:89:c3:f8:05:0e:df:bc:03:d9:16:e1:2f:db:83:66:1d:45:b2:ae:75
Signer

.text
Size: 84KB - Virtual size: 83KB

.rdata
Size: 16KB - Virtual size: 14KB

.data
Size: 144KB - Virtual size: 202KB

.rsrc
Size: 36KB - Virtual size: 33KB