123eddcdbc1adac34e29eaa20f25b55b431c591fbb7dd851099944bbff90d78fN

Sharing

Copy URL

Twitter E-mail

General

Target

123eddcdbc1adac34e29eaa20f25b55b431c591fbb7dd851099944bbff90d78fN
Size

3.9MB
MD5

ed04a4c94561886d04d72da5507c04f0
SHA1

c083519190cebc9c8fda60689c19d824bd001bba
SHA256

123eddcdbc1adac34e29eaa20f25b55b431c591fbb7dd851099944bbff90d78f
SHA512

017e6348fd519436d4dc1d8c61f318c297b29e77461f374a11641561cc76204fe310cd57ba710825c6311f7f88eed464271b29272391e897a5f0e60abd7eed83
SSDEEP

98304:gkafiym0pTBIOVj8IbiQO9E8LjJhF8w4rlVVs/nd:gkafipSpfb5E5

Score

1^/10

Malware Config

Signatures

Files

123eddcdbc1adac34e29eaa20f25b55b431c591fbb7dd851099944bbff90d78fN
.exe windows:6 windows x86 arch:x86

e1434ffd59ab4636a69be302f22f58de

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

07:34:c0:22:c3:98:4a:03:25:bd:ac:4f:ea:e2:63:10
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

07/07/2022, 00:00

Not After

30/07/2025, 23:59

Subject

SERIALNUMBER=C27039-2001,CN=TeraByte\, Inc.,O=TeraByte\, Inc.,L=Las Vegas,ST=Nevada,C=US,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#13064e6576616461,1.3.6.1.4.1.311.60.2.1.3=#13025553

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

8e:4f:a6:d1:4b:a0:d4:da:e3:08:4b:65:2e:1a:f1:b0:e8:c5:e8:b9:81:e1:bb:73:45:f0:01:19:6d:d7:5e:4c
Signer

Actual PE Digest

8e:4f:a6:d1:4b:a0:d4:da:e3:08:4b:65:2e:1a:f1:b0:e8:c5:e8:b9:81:e1:bb:73:45:f0:01:19:6d:d7:5e:4c

Digest Algorithm

sha256

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

V:\image2\win32\en_gui\ReleaseUnicode\imagew.pdb

Imports

mpr

WNetCloseEnum

comctl32

ImageList_GetIcon
ImageList_Destroy
ImageList_ReplaceIcon
ImageList_Draw
InitCommonControlsEx
ImageList_GetImageCount
ImageList_AddMasked
ImageList_Create
ImageList_LoadImageW

ws2_32

__WSAFDIsSet
getservbyname
getservbyport
gethostbyaddr
ntohs
listen
inet_ntoa
getsockopt
ioctlsocket
accept
getsockname
setsockopt
sendto
recvfrom
htonl
closesocket
connect
htons
inet_addr
recv
bind
select
send
shutdown
socket
WSAStringToAddressW
WSASetLastError
WSAGetLastError
WSACleanup
WSAStartup
gethostbyname

kernel32

LocalFree
GetTickCount
FileTimeToLocalFileTime
FindClose
GetLogicalDrives
FileTimeToSystemTime
ReadFile
WriteFile
EnterCriticalSection
LeaveCriticalSection
QueryPerformanceCounter
QueryPerformanceFrequency
HeapAlloc
HeapFree
GetProcessHeap
ReleaseMutex
GetExitCodeProcess
GetCurrentThreadId
GetPriorityClass
GetLocalTime
SystemTimeToTzSpecificLocalTime
SystemTimeToFileTime
ResetEvent
GetSystemTime
FlushFileBuffers
SetEndOfFile
GlobalAlloc
GlobalUnlock
GlobalLock
GlobalFree
LoadLibraryA
VirtualUnlock
MultiByteToWideChar
WideCharToMultiByte
QueryDosDeviceW
GetOverlappedResult
lstrlenW
CreateFileA
GetDiskFreeSpaceW
GetVolumeInformationW
InitializeCriticalSection
DeleteCriticalSection
GetFileSize
LocalAlloc
LocalLock
LocalUnlock
GetFullPathNameW
SetHandleInformation
CreatePipe
RemoveDirectoryW
CreateDirectoryW
MoveFileW
SetFileAttributesW
GlobalMemoryStatus
VirtualLock
GetConsoleMode
GetConsoleOutputCP
GetStdHandle
ExitProcess
FindFirstFileExW
GetFileType
FreeLibraryAndExitThread
ResumeThread
ExitThread
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
RaiseException
RtlUnwind
CreateThread
GetSystemDirectoryA
GetSystemTimeAsFileTime
IsDebuggerPresent
WaitForSingleObjectEx
IsProcessorFeaturePresent
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
SetProcessWorkingSetSize
GetProcessWorkingSetSize
GetCurrentThread
GetCurrentProcess
UnmapViewOfFile
MapViewOfFile
OpenProcess
WaitForMultipleObjects
ReleaseSemaphore
WaitForSingleObject
SetEvent
Sleep
DeviceIoControl
FreeLibrary
GetCurrentProcessId
SetErrorMode
CloseHandle
VirtualQuery
VirtualFree
VirtualAlloc
SetLastError
GetLastError
SetFilePointer
IsValidLocale
GetUserDefaultLCID
HeapReAlloc
SetStdHandle
GetTimeZoneInformation
GetACP
GetOEMCP
HeapSize
MulDiv
GetCommandLineA
GetCommandLineW
GetFileSizeEx
GetModuleHandleA

user32

OemToCharW
WinHelpW
GetDesktopWindow
DrawIcon
EnableMenuItem
GetSystemMenu
GetDialogBaseUnits
CheckDlgButton
DialogBoxIndirectParamW
GetSystemMetrics
UpdateWindow
SendNotifyMessageW
SetMenuItemInfoW
AppendMenuW
TrackPopupMenu
DrawIconEx
IsRectEmpty
InflateRect
GetSysColorBrush
ScreenToClient
GetCursorPos
MessageBeep
GetWindowRect
GetScrollRange
GetScrollPos
GetMenuItemCount
KillTimer
SetTimer
GetAsyncKeyState
GetKeyState
GetActiveWindow
SetFocus
GetDlgCtrlID
GetDlgItemInt
GetMenuItemInfoW
CreatePopupMenu
DestroyMenu
DrawFrameControl
GetDlgItem
GetDC
ReleaseDC
BeginPaint
EndPaint
InvalidateRect
SetDlgItemInt
EndDialog
IsIconic
IsWindowVisible
SetWindowPos
IsChild
IsWindow
WaitMessage
ExitWindowsEx
IsWindowEnabled
GetClientRect
GetSysColor
SetForegroundWindow
DrawFocusRect
FillRect
PtInRect
GetParent
GetComboBoxInfo
ShowWindow
OffsetRect
DestroyIcon
CopyImage
CreateIconIndirect
GetIconInfo
TranslateMessage
PostQuitMessage
DestroyWindow
GetFocus
SetCursor

gdi32

Rectangle
DeleteObject
CreateSolidBrush
Polygon
CreateCompatibleBitmap
CreateDIBSection
CreateDCW
BitBlt
LineTo
SelectObject
GetStockObject
GetDeviceCaps
DeleteDC
CreateHatchBrush
CreateCompatibleDC
MoveToEx
SetTextColor
SetBkMode
SetBkColor
CreatePen
StretchBlt

advapi32

OpenProcessToken
StartServiceW
QueryServiceStatus
OpenServiceW
DeleteService
CreateServiceW
ControlService
ReportEventW
RegisterEventSourceW
DeregisterEventSource
OpenSCManagerW
EnumServicesStatusW
CloseServiceHandle
LogonUserW
CryptGenRandom
CryptReleaseContext
LookupAccountSidW
GetTokenInformation
OpenThreadToken
RegCloseKey
LookupPrivilegeValueW
AdjustTokenPrivileges

shell32

DragFinish
DragAcceptFiles

ole32

CoTaskMemFree
CLSIDFromString
CoSetProxyBlanket
CoInitializeEx
CoUninitialize
CoCreateInstance

oleaut32

VariantInit
VariantClear
SysFreeString
VariantCopy
VariantChangeType
SysAllocString
VariantTimeToSystemTime

ntdll

RtlNtStatusToDosError

Sections

.text
Size: 1.9MB - Virtual size: 1.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 340KB - Virtual size: 339KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 73KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e1434ffd59ab4636a69be302f22f58de

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9Certificate

Extended Key Usages

Key Usages

07:34:c0:22:c3:98:4a:03:25:bd:ac:4f:ea:e2:63:10Certificate

Extended Key Usages

Key Usages

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16Certificate

Extended Key Usages

Key Usages

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5bCertificate

Extended Key Usages

Key Usages

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5aCertificate

Key Usages

8e:4f:a6:d1:4b:a0:d4:da:e3:08:4b:65:2e:1a:f1:b0:e8:c5:e8:b9:81:e1:bb:73:45:f0:01:19:6d:d7:5e:4cSigner

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

mpr

comctl32

ws2_32

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

ntdll

Sections

.text Size: 1.9MB - Virtual size: 1.9MB

.rdata Size: 340KB - Virtual size: 339KB

.data Size: 20KB - Virtual size: 73KB

.rsrc Size: 1.5MB - Virtual size: 1.5MB

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

07:34:c0:22:c3:98:4a:03:25:bd:ac:4f:ea:e2:63:10
Certificate

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

8e:4f:a6:d1:4b:a0:d4:da:e3:08:4b:65:2e:1a:f1:b0:e8:c5:e8:b9:81:e1:bb:73:45:f0:01:19:6d:d7:5e:4c
Signer

.text
Size: 1.9MB - Virtual size: 1.9MB

.rdata
Size: 340KB - Virtual size: 339KB

.data
Size: 20KB - Virtual size: 73KB

.rsrc
Size: 1.5MB - Virtual size: 1.5MB