e269604798fe0589db0bfbeea39e47a94ce30796aba90422814c4556516af79d

Sharing

Copy URL

Twitter E-mail

General

Target

e269604798fe0589db0bfbeea39e47a94ce30796aba90422814c4556516af79d
Size

61KB
MD5

b369c2f9c2bd1823fae6b76fe7bcee68
SHA1

2f212404687b603f0e89e800376fd2dea4750589
SHA256

e269604798fe0589db0bfbeea39e47a94ce30796aba90422814c4556516af79d
SHA512

18f13ef243258cf3824141a3fb60e0860dce143c3a198d0974090bddca1a3f97ae199a718d8a16256928c0f269f41c97d0753ed813324186608d7410150e04c0
SSDEEP

768:p9jO2Nosxpg0s+1BNc/wTF8gPD8gRlLtc8MTzZ+8XENAMxDX:LOJ0s+1Lc/wh8gPDFlLm8MHGxz

Score

1^/10

Malware Config

Signatures

Files

e269604798fe0589db0bfbeea39e47a94ce30796aba90422814c4556516af79d
.exe windows:4 windows x64 arch:x64

e56d831912a5b1dce3283a45aa5d83cb

Code Sign

6e:9d:03:62:6f:6c:83:be:45:cb:94:9f:11:4f:b5:9c
Certificate

Issuer

CN=Microsoft Windows Production PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

26-03-2024 14:35

Not After

31-12-2039 23:59

Subject

CN=Microsoft Windows Production PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01-08-2022 00:00

Not After

09-11-2031 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23-03-2022 00:00

Not After

22-03-2037 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14-07-2023 00:00

Not After

13-10-2034 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

69:62:64:27:3f:33:bd:ba:6e:4c:2d:72:3b:24:2e:74:94:42:bf:a3:ad:9e:b5:4b:59:00:1e:59:29:05:fb:3b
Signer

Actual PE Digest

69:62:64:27:3f:33:bd:ba:6e:4c:2d:72:3b:24:2e:74:94:42:bf:a3:ad:9e:b5:4b:59:00:1e:59:29:05:fb:3b

Digest Algorithm

sha256

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

CloseHandle
CreateThread
DeleteCriticalSection
EnterCriticalSection
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetLastError
GetStartupInfoA
GetSystemTimeAsFileTime
GetTickCount
InitializeCriticalSection
LeaveCriticalSection
QueryPerformanceCounter
RtlAddFunctionTable
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
SetUnhandledExceptionFilter
Sleep
TerminateProcess
TlsGetValue
UnhandledExceptionFilter
VirtualAlloc
VirtualProtect
VirtualQuery
WaitForSingleObject

msvcrt

__C_specific_handler
__getmainargs
__initenv
__iob_func
__lconv_init
__set_app_type
__setusermatherr
_acmdln
_amsg_exit
_cexit
_fmode
_initterm
_onexit
abort
calloc
exit
fprintf
free
fwrite
malloc
memcpy
signal
strlen
strncmp
vfprintf

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 208B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pdata
Size: 1024B - Virtual size: 624B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 512B - Virtual size: 500B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 104B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

/4
Size: 512B - Virtual size: 80B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/19
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/31
Size: 512B - Virtual size: 329B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/45
Size: 1024B - Virtual size: 547B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/57
Size: 512B - Virtual size: 72B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/70
Size: 512B - Virtual size: 156B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e56d831912a5b1dce3283a45aa5d83cb

Code Sign

6e:9d:03:62:6f:6c:83:be:45:cb:94:9f:11:4f:b5:9cCertificate

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5aCertificate

Key Usages

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5bCertificate

Extended Key Usages

Key Usages

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16Certificate

Extended Key Usages

Key Usages

69:62:64:27:3f:33:bd:ba:6e:4c:2d:72:3b:24:2e:74:94:42:bf:a3:ad:9e:b5:4b:59:00:1e:59:29:05:fb:3bSigner

Headers

File Characteristics

Imports

kernel32

msvcrt

Sections

.text Size: 7KB - Virtual size: 7KB

.data Size: 512B - Virtual size: 208B

.rdata Size: 2KB - Virtual size: 2KB

.pdata Size: 1024B - Virtual size: 624B

.xdata Size: 512B - Virtual size: 500B

.bss Size: - Virtual size: 2KB

.idata Size: 2KB - Virtual size: 1KB

.CRT Size: 512B - Virtual size: 104B

.tls Size: 512B - Virtual size: 16B

/4 Size: 512B - Virtual size: 80B

/19 Size: 8KB - Virtual size: 7KB

/31 Size: 512B - Virtual size: 329B

/45 Size: 1024B - Virtual size: 547B

/57 Size: 512B - Virtual size: 72B

/70 Size: 512B - Virtual size: 156B

6e:9d:03:62:6f:6c:83:be:45:cb:94:9f:11:4f:b5:9c
Certificate

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

69:62:64:27:3f:33:bd:ba:6e:4c:2d:72:3b:24:2e:74:94:42:bf:a3:ad:9e:b5:4b:59:00:1e:59:29:05:fb:3b
Signer

.text
Size: 7KB - Virtual size: 7KB

.data
Size: 512B - Virtual size: 208B

.rdata
Size: 2KB - Virtual size: 2KB

.pdata
Size: 1024B - Virtual size: 624B

.xdata
Size: 512B - Virtual size: 500B

.bss
Size: - Virtual size: 2KB

.idata
Size: 2KB - Virtual size: 1KB

.CRT
Size: 512B - Virtual size: 104B

.tls
Size: 512B - Virtual size: 16B

/4
Size: 512B - Virtual size: 80B

/19
Size: 8KB - Virtual size: 7KB

/31
Size: 512B - Virtual size: 329B

/45
Size: 1024B - Virtual size: 547B

/57
Size: 512B - Virtual size: 72B

/70
Size: 512B - Virtual size: 156B