certsign[.]exe

General

Target

certsign.exe
Size

425KB
MD5

01bb34b523e1abd6a15d8c2ce5d70142
SHA1

a92ec472f420ac88ca816372afb7fd1460421571
SHA256

ad5e7983a9f8fb8738f4a70474981d06710da273d59b0d01046d177ed29971fe
SHA512

f48b37457baccb788afb9f166427538f35df19f1bf9dec0007f1b5755d0d278fddae48c227235cc7c40b64c21a66e2bda57f4dba0940027f5a2ace6232a9df49
SSDEEP

6144:AnH3H6unObmMsV03hf1jZ3XrD+7kuPtD+XZjWYCsmis9zjVLNRNvI:KHX6qObY03DjZLDWXYCsmNh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
certsign.exe

Files

certsign.exe
.exe windows:4 windows x86 arch:x86

a59a62eb83c3f5ad9a781ee0a2ef3a60

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FreeEnvironmentStringsA
EnterCriticalSection
LeaveCriticalSection
ExitProcess
TerminateProcess
GetCurrentProcess
GetTimeZoneInformation
GetSystemTime
GetLocalTime
GetCommandLineA
GetVersion
HeapFree
HeapAlloc
GetLastError
FindFirstFileA
FindNextFileA
FindClose
FileTimeToSystemTime
FileTimeToLocalFileTime
HeapReAlloc
CloseHandle
SetFilePointer
GetFileType
CreateFileA
ReadFile
WriteFile
GetCurrentProcessId
UnhandledExceptionFilter
GetModuleFileNameA
InitializeCriticalSection
MultiByteToWideChar
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
WideCharToMultiByte
GetCPInfo
GetACP
GetOEMCP
SetHandleCount
GetStdHandle
GetStartupInfoA
HeapDestroy
HeapCreate
VirtualFree
RtlUnwind
VirtualAlloc
LCMapStringA
LCMapStringW
SetStdHandle
SetEndOfFile
GetStringTypeA
GetStringTypeW
GetProcAddress
LoadLibraryA
FlushFileBuffers
CompareStringA
CompareStringW
SetEnvironmentVariableA

Sections

.text
Size: 325KB - Virtual size: 324KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 85KB - Virtual size: 91KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

a59a62eb83c3f5ad9a781ee0a2ef3a60

Headers

File Characteristics

Imports

kernel32

Sections

.text Size: 325KB - Virtual size: 324KB

.rdata Size: 13KB - Virtual size: 13KB

.data Size: 85KB - Virtual size: 91KB

.text
Size: 325KB - Virtual size: 324KB

.rdata
Size: 13KB - Virtual size: 13KB

.data
Size: 85KB - Virtual size: 91KB