General

Malware Config

Signatures

Files

• mm2_script.exe

  .exe windows:5 windows x86 arch:x86

  
  

  Code Sign

  04:00:00:00:00:01:2f:4e:e1:52:d7

  Certificate

  Issuer

  CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE

  Not Before

  13-04-2011 10:00

  Not After

  28-01-2028 12:00

  Subject

  CN=GlobalSign Timestamping CA - G2,O=GlobalSign nv-sa,C=BE

  Key Usages

  KeyUsageCertSign

  KeyUsageCRLSign

  04:00:00:00:00:01:25:07:1d:f9:af

  Certificate

  Issuer

  CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE

  Not Before

  18-11-2009 10:00

  Not After

  18-03-2019 10:00

  Subject

  CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

  Key Usages

  KeyUsageCertSign

  KeyUsageCRLSign

  48:1b:6a:07:26:d2:e8:3f:26:02:d4:82:5a:cd

  Certificate

  Issuer

  CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

  Not Before

  15-06-2016 00:00

  Not After

  15-06-2024 00:00

  Subject

  CN=GlobalSign CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

  Extended Key Usages

  ExtKeyUsageCodeSigning

  ExtKeyUsageOCSPSigning

  Key Usages

  KeyUsageCertSign

  KeyUsageCRLSign

  11:21:d6:99:a7:64:97:3e:f1:f8:42:7e:e9:19:cc:53:41:14

  Certificate

  Issuer

  CN=GlobalSign Timestamping CA - G2,O=GlobalSign nv-sa,C=BE

  Not Before

  24-05-2016 00:00

  Not After

  24-06-2027 00:00

  Subject

  CN=GlobalSign TSA for MS Authenticode - G2,O=GMO GlobalSign Pte Ltd,C=SG

  Extended Key Usages

  ExtKeyUsageTimeStamping

  Key Usages

  KeyUsageDigitalSignature

  63:f0:73:48:d0:f3:50:40:ad:b2:ec:28

  Certificate

  Issuer

  CN=GlobalSign CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

  Not Before

  02-09-2016 08:26

  Not After

  03-09-2018 08:26

  Subject

  CN=Acer Incorporated,O=Acer Incorporated,L=New Taipei,ST=New Taipei,C=TW

  Extended Key Usages

  ExtKeyUsageCodeSigning

  Key Usages

  KeyUsageDigitalSignature

  61:29:15:27:00:00:00:00:00:2a

  Certificate

  Issuer

  CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

  Not Before

  15-04-2011 19:55

  Not After

  15-04-2021 20:05

  Subject

  CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE

  Key Usages

  KeyUsageDigitalSignature

  KeyUsageCertSign

  KeyUsageCRLSign

  75:b8:d4:bb:d8:61:23:03:3a:f1:2e:62:26:e3:27:85:41:e9:42:b5:1e:b5:89:1c:d7:be:92:b3:96:39:13:3b

  Signer

  Actual PE Digest

  75:b8:d4:bb:d8:61:23:03:3a:f1:2e:62:26:e3:27:85:41:e9:42:b5:1e:b5:89:1c:d7:be:92:b3:96:39:13:3b

  Digest Algorithm

  sha256

  PE Digest Matches

  false

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

  IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

  File Characteristics

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_32BIT_MACHINE

  Sections

  Size: 54KB - Virtual size: 129KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  Size: 13KB - Virtual size: 45KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  Size: 2.1MB - Virtual size: 7.1MB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  Size: 8KB - Virtual size: 32KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_DISCARDABLE

  IMAGE_SCN_MEM_READ

  .rsrc

  Size: 356KB - Virtual size: 355KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .idata

  Size: 512B - Virtual size: 4KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .themida

  Size: - Virtual size: 3.1MB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .boot

  Size: 1.1MB - Virtual size: 1.1MB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ