ba85a8b17d6f55a3b5bd74d3d3a98570N[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

ba85a8b17d6f55a3b5bd74d3d3a98570N.exe
Size

9.4MB
MD5

ba85a8b17d6f55a3b5bd74d3d3a98570
SHA1

8359e9619103e4f80e08158749093315d2dd579b
SHA256

cef4875b93d64c4faf1308e416504696f64263dc9f790f5736d5a1273977082a
SHA512

70275e0b398d9877820e3b1a7344e8c7a627018c2e031944d9c72eb5a177e57a082e1b852bac29eba76c34375e1c1b975fe420548ea5f79091e08ce591928f93
SSDEEP

196608:6s5nTuypxBRJxo85pTdvbN0Xx06IVT4B8iXt3b8r0xnaMw1oMyj73:6s5nCqBz5/x0BXIOr8rye3GT

Score

1^/10

Malware Config

Signatures

Files

ba85a8b17d6f55a3b5bd74d3d3a98570N.exe
.exe windows:4 windows x86 arch:x86

cc000e0a56358759c95f653af1246259

Code Sign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:86:04:2c:e3:96:2b:e7:6a:63:df:f9:e1:40:77:6d
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

02/05/2023, 00:00

Not After

01/10/2024, 23:59

Subject

CN=SEIKO EPSON CORPORATION,O=SEIKO EPSON CORPORATION,L=Suwa-Shi,ST=Nagano,C=JP

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

67:c2:0f:01:74:0b:00:c0:ad:fc:ec:02:f1:27:c3:35:35:cb:fa:e6
Signer

Actual PE Digest

67:c2:0f:01:74:0b:00:c0:ad:fc:ec:02:f1:27:c3:35:35:cb:fa:e6

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetFileAttributesA
RemoveDirectoryA
SetEndOfFile
SetFilePointer
CloseHandle
UnmapViewOfFile
MapViewOfFile
CreateFileMappingA
GetFileSize
CreateFileA
GetWindowsDirectoryA
MoveFileExA
GlobalFree
GlobalUnlock
GlobalHandle
_lclose
_llseek
_lread
_lopen
GlobalLock
GlobalAlloc
GlobalMemoryStatus
GetVersion
GetModuleFileNameA
WriteFile
GetSystemTime
CreateProcessA
LocalFree
ExitProcess
FormatMessageA
DeleteFileA
GetModuleHandleA
GetVolumeInformationA
FindNextFileA
GetTickCount
WideCharToMultiByte
WaitForSingleObject
GetLongPathNameA
GetTempPathA
GetCommandLineA
CopyFileA
GetFileAttributesA
LoadLibraryExA
GetSystemDirectoryA
SetErrorMode
MultiByteToWideChar
GetLocalTime
lstrlenA
CreateFileW
ReadFile
GetEnvironmentVariableA
GetDriveTypeA
LocalAlloc
DosDateTimeToFileTime
LocalFileTimeToFileTime
GetVersionExA
SetFileTime
CreateDirectoryA
SetCurrentDirectoryA
FindFirstFileA
FindClose
GetLastError
GetProcAddress
FreeLibrary
InterlockedExchange
LoadLibraryA
RaiseException
RtlUnwind
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapAlloc
HeapFree
HeapReAlloc
GetProcessHeap
GetStartupInfoA
GetCPInfo
InterlockedIncrement
InterlockedDecrement
GetACP
GetOEMCP
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
GetCurrentThreadId
Sleep
HeapSize
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
VirtualFree
VirtualAlloc
HeapDestroy
HeapCreate
GetStdHandle
LCMapStringA
LCMapStringW
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
GetConsoleCP
GetConsoleMode
InitializeCriticalSection
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
FlushFileBuffers

gdi32

CreateDCA
SetBkColor
SetTextColor
SetTextAlign
GetBkColor
GetTextExtentPoint32A
ExtTextOutA
GetDeviceCaps
CreateFontIndirectA
DeleteDC
SelectObject
DeleteObject

Sections

.text
Size: 84KB - Virtual size: 81KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 58KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 40KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_winzip_
Size: 9.2MB - Virtual size: 9.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cc000e0a56358759c95f653af1246259

Code Sign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5aCertificate

Key Usages

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5bCertificate

Extended Key Usages

Key Usages

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9Certificate

Extended Key Usages

Key Usages

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16Certificate

Extended Key Usages

Key Usages

07:86:04:2c:e3:96:2b:e7:6a:63:df:f9:e1:40:77:6dCertificate

Extended Key Usages

Key Usages

67:c2:0f:01:74:0b:00:c0:ad:fc:ec:02:f1:27:c3:35:35:cb:fa:e6Signer

Headers

File Characteristics

Imports

kernel32

gdi32

Sections

.text Size: 84KB - Virtual size: 81KB

.rdata Size: 16KB - Virtual size: 15KB

.data Size: 8KB - Virtual size: 58KB

.rsrc Size: 40KB - Virtual size: 38KB

_winzip_ Size: 9.2MB - Virtual size: 9.2MB

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

07:86:04:2c:e3:96:2b:e7:6a:63:df:f9:e1:40:77:6d
Certificate

67:c2:0f:01:74:0b:00:c0:ad:fc:ec:02:f1:27:c3:35:35:cb:fa:e6
Signer

.text
Size: 84KB - Virtual size: 81KB

.rdata
Size: 16KB - Virtual size: 15KB

.data
Size: 8KB - Virtual size: 58KB

.rsrc
Size: 40KB - Virtual size: 38KB

_winzip_
Size: 9.2MB - Virtual size: 9.2MB