ba00fdc92ceaa66612cda52a770bda7961f8cee511e714b6db208583e9f40729[.]rar

Sharing

Copy URL

Twitter E-mail

General

Target

ba00fdc92ceaa66612cda52a770bda7961f8cee511e714b6db208583e9f40729.rar
Size

563KB
MD5

ac91c9ee7a512e8664bf6a9558350779
SHA1

dc00210f7dcab517da0368c3ba0d869f268fc588
SHA256

f71e7fd0bc83b939fe7750785957982d55c11810d0ce254220ec42ab0b43ef22
SHA512

38677387acec48dac32f672f8e7b6f7abe768495dc854b6b5111f42f11e54e8a6be8d4d637271dece2fb1be2bb3c2739b2f5c918d3309b530808cd0c11aec322
SSDEEP

12288:89x/lLfKjOsCUKvkyeAqz+fxsI5qcHnfT4dYxVo/CPNKh9gW:WxdLfKjD4syL4+n5qcHfT4qxoCVKYW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
unpack001/install-x86_no_cert.exe.vir

Files

ba00fdc92ceaa66612cda52a770bda7961f8cee511e714b6db208583e9f40729.rar
.rar
install-x86_cert.exe.vir
.exe .ps1 windows:4 windows x64 arch:x64 polyglot

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29-04-2021 00:00

Not After

28-04-2036 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

03:ad:97:75:71:e5:07:9c:2a:d3:84:6d:61:ce:6e:54
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

28-05-2024 00:00

Not After

07-05-2025 23:59

Subject

SERIALNUMBER=1083756-3,CN=Plus 5 XP Corporation,O=Plus 5 XP Corporation,L=Montreal,ST=Quebec,C=CA,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.3=#13024341

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

de:5d:c9:c4:57:bf:f0:63:a2:48:0d:eb:f6:4a:45:59:8b:d1:14:9c:1c:b2:dc:4b:f7:d9:f2:b5:58:ab:51:5c
Signer

Actual PE Digest

de:5d:c9:c4:57:bf:f0:63:a2:48:0d:eb:f6:4a:45:59:8b:d1:14:9c:1c:b2:dc:4b:f7:d9:f2:b5:58:ab:51:5c

Digest Algorithm

sha256

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

.text
Size: 296KB - Virtual size: 296KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1.2MB - Virtual size: 305.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
install-x86_no_cert.exe.vir
.exe .ps1 windows:4 windows x64 arch:x64 polyglot

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

.text
Size: 296KB - Virtual size: 296KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1.2MB - Virtual size: 305.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9Certificate

Extended Key Usages

Key Usages

03:ad:97:75:71:e5:07:9c:2a:d3:84:6d:61:ce:6e:54Certificate

Extended Key Usages

Key Usages

de:5d:c9:c4:57:bf:f0:63:a2:48:0d:eb:f6:4a:45:59:8b:d1:14:9c:1c:b2:dc:4b:f7:d9:f2:b5:58:ab:51:5cSigner

Headers

DLL Characteristics

File Characteristics

Sections

.text Size: 296KB - Virtual size: 296KB

.rsrc Size: 1.2MB - Virtual size: 305.1MB

Headers

DLL Characteristics

File Characteristics

Sections

.text Size: 296KB - Virtual size: 296KB

.rsrc Size: 1.2MB - Virtual size: 305.1MB

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

03:ad:97:75:71:e5:07:9c:2a:d3:84:6d:61:ce:6e:54
Certificate

de:5d:c9:c4:57:bf:f0:63:a2:48:0d:eb:f6:4a:45:59:8b:d1:14:9c:1c:b2:dc:4b:f7:d9:f2:b5:58:ab:51:5c
Signer

.text
Size: 296KB - Virtual size: 296KB

.rsrc
Size: 1.2MB - Virtual size: 305.1MB

.text
Size: 296KB - Virtual size: 296KB

.rsrc
Size: 1.2MB - Virtual size: 305.1MB