a2406355f215cd645a6309879cc29950N[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

a2406355f215cd645a6309879cc29950N.exe
Size

62KB
MD5

a2406355f215cd645a6309879cc29950
SHA1

02d292b4e80ebe4edb9e4bfdb554aa2431a49c8d
SHA256

8e2d89c289978a5b284afcf9c1335dd79bc884712442bf2e1d0dc35caf1f1d37
SHA512

8718d412776736ec3e98c84e95785680b3df27b3807334f12b97ac90945ea066478aea9f06bc3bcb7da01ac680380da4ef66b1ae67047604157ca2d84a223294
SSDEEP

1536:Orw/8YCpFcsQmdmNID8nlpdJT8/ON/sB7lPlxX:Orx55INID8nlpv8/ON/sBh

Score

1^/10

Malware Config

Signatures

Files

a2406355f215cd645a6309879cc29950N.exe
.dll windows:6 windows x86 arch:x86

0cf241520b80d0905507b2342ad042a0

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

06:0e:2f:8f:9e:1b:8b:e5:18:d5:fe:2b:69:cf:cc:b1
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

09/03/2023, 00:00

Not After

11/03/2025, 23:59

Subject

CN=Oracle America\, Inc.,O=Oracle America\, Inc.,L=Redwood City,ST=California,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

76:7a:19:9e:df:7e:2f:b2:c5:03:ba:d3:0c:55:70:a8:c6:7f:db:e3:d3:a3:99:7c:17:75:9d:16:b8:b9:e1:bd
Signer

Actual PE Digest

76:7a:19:9e:df:7e:2f:b2:c5:03:ba:d3:0c:55:70:a8:c6:7f:db:e3:d3:a3:99:7c:17:75:9d:16:b8:b9:e1:bd

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

advapi32

RegCloseKey
RegEnumValueW
RegOpenKeyExA
RegOpenKeyExW
RegQueryInfoKeyW
RegQueryValueExW

gdi32

GetDeviceCaps
EnumFontFamiliesExW

user32

GetDC
ReleaseDC
GetDesktopWindow
SystemParametersInfoW
SystemParametersInfoA

ole32

CoUninitialize
CoInitializeEx
CoCreateInstance

msvcp140

?_Xlength_error@std@@YAXPBD@Z

kernel32

IsDebuggerPresent
InitializeSListHead
DisableThreadLibraryCalls
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
GetProcAddress
LoadLibraryA
GetSystemDirectoryW
GetWindowsDirectoryW
GetVersionExA
GetLocaleInfoW
GetSystemDefaultLangID
GetSystemDefaultLCID
UnhandledExceptionFilter
SetUnhandledExceptionFilter

vcruntime140

_except_handler4_common
__std_type_info_destroy_list
__std_terminate
__std_exception_copy
__std_exception_destroy
_CxxThrowException
__CxxFrameHandler3
memmove
memset
wcsrchr
wcsstr

api-ms-win-crt-runtime-l1-1-0

_execute_onexit_table
_initialize_onexit_table
_initialize_narrow_environment
_configure_narrow_argv
_invalid_parameter_noinfo_noreturn
_cexit
_initterm
_initterm_e
_seh_filter_dll

api-ms-win-crt-stdio-l1-1-0

fflush
__stdio_common_vfprintf
__acrt_iob_func

api-ms-win-crt-string-l1-1-0

_wcsnicmp
wcsnlen
wcsncpy_s
wcsncat_s
_wcsicmp

api-ms-win-crt-heap-l1-1-0

free
malloc
calloc
_callnewh

api-ms-win-crt-environment-l1-1-0

_wgetenv

Exports

Exports

_Java_com_sun_javafx_font_PrismFontFactory_getEUDCFontFile@8
_Java_com_sun_javafx_font_PrismFontFactory_getFontPath@8
_Java_com_sun_javafx_font_PrismFontFactory_getLCDContrastWin32@8
_Java_com_sun_javafx_font_PrismFontFactory_getSystemFontNative@8
_Java_com_sun_javafx_font_PrismFontFactory_getSystemFontSizeNative@12
_Java_com_sun_javafx_font_PrismFontFactory_getSystemLCID@8
_Java_com_sun_javafx_font_PrismFontFactory_populateFontFileNameMap@24
_Java_com_sun_javafx_font_PrismFontFactory_regReadFontLink@12
_Java_com_sun_javafx_font_directwrite_OS_AddRef@16
_Java_com_sun_javafx_font_directwrite_OS_Analyze@32
_Java_com_sun_javafx_font_directwrite_OS_AnalyzeScript@40
_Java_com_sun_javafx_font_directwrite_OS_BeginDraw@16
_Java_com_sun_javafx_font_directwrite_OS_Clear@20
_Java_com_sun_javafx_font_directwrite_OS_CoInitializeEx@12
_Java_com_sun_javafx_font_directwrite_OS_CoUninitialize@8
_Java_com_sun_javafx_font_directwrite_OS_CreateAlphaTexture@24
_Java_com_sun_javafx_font_directwrite_OS_CreateBitmap@32
_Java_com_sun_javafx_font_directwrite_OS_CreateFontFace__J@16
_Java_com_sun_javafx_font_directwrite_OS_CreateFontFace__JIJII@36
_Java_com_sun_javafx_font_directwrite_OS_CreateFontFileReference@20
_Java_com_sun_javafx_font_directwrite_OS_CreateGlyphRunAnalysis@44
_Java_com_sun_javafx_font_directwrite_OS_CreateSolidColorBrush@20
_Java_com_sun_javafx_font_directwrite_OS_CreateTextAnalyzer@16
_Java_com_sun_javafx_font_directwrite_OS_CreateTextFormat@48
_Java_com_sun_javafx_font_directwrite_OS_CreateTextLayout@44
_Java_com_sun_javafx_font_directwrite_OS_CreateWicBitmapRenderTarget@28
_Java_com_sun_javafx_font_directwrite_OS_Draw@40
_Java_com_sun_javafx_font_directwrite_OS_DrawGlyphRun@36
_Java_com_sun_javafx_font_directwrite_OS_EndDraw@16
_Java_com_sun_javafx_font_directwrite_OS_FindFamilyName@20
_Java_com_sun_javafx_font_directwrite_OS_FindLocaleName@20
_Java_com_sun_javafx_font_directwrite_OS_GetAlphaTextureBounds@20
_Java_com_sun_javafx_font_directwrite_OS_GetAnalysis@16
_Java_com_sun_javafx_font_directwrite_OS_GetDataPointer@16
_Java_com_sun_javafx_font_directwrite_OS_GetDesignGlyphMetrics@24
_Java_com_sun_javafx_font_directwrite_OS_GetFaceNames@16
_Java_com_sun_javafx_font_directwrite_OS_GetFamilyNames@16
_Java_com_sun_javafx_font_directwrite_OS_GetFirstMatchingFont@28
_Java_com_sun_javafx_font_directwrite_OS_GetFont@20
_Java_com_sun_javafx_font_directwrite_OS_GetFontCount@16
_Java_com_sun_javafx_font_directwrite_OS_GetFontFamilyCount@16
_Java_com_sun_javafx_font_directwrite_OS_GetFontFamily__J@16
_Java_com_sun_javafx_font_directwrite_OS_GetFontFamily__JI@20
_Java_com_sun_javafx_font_directwrite_OS_GetFontFromFontFace@24
_Java_com_sun_javafx_font_directwrite_OS_GetGlyphPlacements@96
_Java_com_sun_javafx_font_directwrite_OS_GetGlyphRunOutline@28
_Java_com_sun_javafx_font_directwrite_OS_GetGlyphs@96
_Java_com_sun_javafx_font_directwrite_OS_GetInformationalStrings@20
_Java_com_sun_javafx_font_directwrite_OS_GetLength@16
_Java_com_sun_javafx_font_directwrite_OS_GetSimulations@16
_Java_com_sun_javafx_font_directwrite_OS_GetStart@16
_Java_com_sun_javafx_font_directwrite_OS_GetStretch@16
_Java_com_sun_javafx_font_directwrite_OS_GetStride@16
_Java_com_sun_javafx_font_directwrite_OS_GetString@24
_Java_com_sun_javafx_font_directwrite_OS_GetStringLength@20
_Java_com_sun_javafx_font_directwrite_OS_GetStyle@16
_Java_com_sun_javafx_font_directwrite_OS_GetSystemFontCollection@20
_Java_com_sun_javafx_font_directwrite_OS_GetWeight@16
_Java_com_sun_javafx_font_directwrite_OS_JFXTextRendererGetClusterMap@28
_Java_com_sun_javafx_font_directwrite_OS_JFXTextRendererGetFontFace@16
_Java_com_sun_javafx_font_directwrite_OS_JFXTextRendererGetGlyphAdvances@24
_Java_com_sun_javafx_font_directwrite_OS_JFXTextRendererGetGlyphCount@16
_Java_com_sun_javafx_font_directwrite_OS_JFXTextRendererGetGlyphIndices@28
_Java_com_sun_javafx_font_directwrite_OS_JFXTextRendererGetGlyphOffsets@24
_Java_com_sun_javafx_font_directwrite_OS_JFXTextRendererGetLength@16
_Java_com_sun_javafx_font_directwrite_OS_JFXTextRendererGetStart@16
_Java_com_sun_javafx_font_directwrite_OS_JFXTextRendererGetTotalGlyphCount@16
_Java_com_sun_javafx_font_directwrite_OS_JFXTextRendererNext@16
_Java_com_sun_javafx_font_directwrite_OS_Lock@36
_Java_com_sun_javafx_font_directwrite_OS_Next@16
_Java_com_sun_javafx_font_directwrite_OS_Release@16
_Java_com_sun_javafx_font_directwrite_OS_SetTextAntialiasMode@20
_Java_com_sun_javafx_font_directwrite_OS_SetTransform@20
_Java_com_sun_javafx_font_directwrite_OS__1D2D1CreateFactory@12
_Java_com_sun_javafx_font_directwrite_OS__1DWriteCreateFactory@12
_Java_com_sun_javafx_font_directwrite_OS__1NewJFXTextAnalysisSink@36
_Java_com_sun_javafx_font_directwrite_OS__1NewJFXTextRenderer@8
_Java_com_sun_javafx_font_directwrite_OS__1WICCreateImagingFactory@8

Sections

.text
Size: 29KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 936B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0cf241520b80d0905507b2342ad042a0

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9Certificate

Extended Key Usages

Key Usages

06:0e:2f:8f:9e:1b:8b:e5:18:d5:fe:2b:69:cf:cc:b1Certificate

Extended Key Usages

Key Usages

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16Certificate

Extended Key Usages

Key Usages

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5bCertificate

Extended Key Usages

Key Usages

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5aCertificate

Key Usages

76:7a:19:9e:df:7e:2f:b2:c5:03:ba:d3:0c:55:70:a8:c6:7f:db:e3:d3:a3:99:7c:17:75:9d:16:b8:b9:e1:bdSigner

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

gdi32

user32

ole32

msvcp140

kernel32

vcruntime140

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-environment-l1-1-0

Exports

Exports

Sections

.text Size: 29KB - Virtual size: 28KB

.rdata Size: 18KB - Virtual size: 17KB

.data Size: 512B - Virtual size: 1KB

.rsrc Size: 1024B - Virtual size: 936B

.reloc Size: 2KB - Virtual size: 2KB

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

06:0e:2f:8f:9e:1b:8b:e5:18:d5:fe:2b:69:cf:cc:b1
Certificate

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

76:7a:19:9e:df:7e:2f:b2:c5:03:ba:d3:0c:55:70:a8:c6:7f:db:e3:d3:a3:99:7c:17:75:9d:16:b8:b9:e1:bd
Signer

.text
Size: 29KB - Virtual size: 28KB

.rdata
Size: 18KB - Virtual size: 17KB

.data
Size: 512B - Virtual size: 1KB

.rsrc
Size: 1024B - Virtual size: 936B

.reloc
Size: 2KB - Virtual size: 2KB