7a1c5b88f8ac5869e4316a6ee3d43ef0[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

7a1c5b88f8ac5869e4316a6ee3d43ef0.exe
Size

5.5MB
MD5

7a1c5b88f8ac5869e4316a6ee3d43ef0
SHA1

a685641eb078fe6749e8613791dc4bbd6cd3ae75
SHA256

f2ec88ec0b02c5c1dd3dcbb26cae45d73a228fc9fa30c48894c352e1b3a2a417
SHA512

28a9d975e445fe333642dfa0bb318aa877c817b9f26cdaf55a205a82ecd44db98a607b86447332c7217c75fb1337606b159444a1144c5f7f309e242296adb5d7
SSDEEP

98304:FzNnWb6RA70SkwVKHFluzQuB3qvppsJC/NiGSqR6jl0ARelQ/3fiYKWpXfhEvK5E:PWurFloQy3ypprF/e0Hly3gWdpEvE3+/

Score

1^/10

Malware Config

Signatures

Files

7a1c5b88f8ac5869e4316a6ee3d43ef0.exe
.exe windows:5 windows x86 arch:x86

6759995fda4d4e04dbf703eef9d542ab

Code Sign

66:4f:b5:cf:89:09:a1:b9:40:e8:3a:4c:77:11:0e:2d
Certificate

Issuer

CN=Lenovo PRO Korea

Not Before

19-12-2024 16:57

Not After

20-12-2034 16:57

Subject

CN=Lenovo PRO Korea

3a:52:6a:2c:84:ce:55:e6:1d:65:fc:cc:12:d8:e9:89
Certificate

Issuer

CN=Sectigo Public Time Stamping CA R36,O=Sectigo Limited,C=GB

Not Before

15-01-2024 00:00

Not After

14-04-2035 23:59

Subject

CN=Sectigo Public Time Stamping Signer R35,O=Sectigo Limited,ST=Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

7a:23:ae:da:53:69:96:0f:91:c8:3e:5c:f4:c7:e3:3f
Certificate

Issuer

CN=Sectigo Public Time Stamping Root R46,O=Sectigo Limited,C=GB

Not Before

22-03-2021 00:00

Not After

21-03-2036 23:59

Subject

CN=Sectigo Public Time Stamping CA R36,O=Sectigo Limited,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

36:c2:b0:bd:7c:1b:3a:e7:a3:b3:dd:36:cb:c9:75:68
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

22-03-2021 00:00

Not After

18-01-2038 23:59

Subject

CN=Sectigo Public Time Stamping Root R46,O=Sectigo Limited,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

ee:ea:bc:ed:89:ec:3d:86:db:da:5d:1f:28:51:75:b2:2c:ad:07:d0:4c:72:e5:2d:59:73:5e:41:8a:a0:aa:b8
Signer

Actual PE Digest

ee:ea:bc:ed:89:ec:3d:86:db:da:5d:1f:28:51:75:b2:2c:ad:07:d0:4c:72:e5:2d:59:73:5e:41:8a:a0:aa:b8

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

rand

kernel32

InitializeCriticalSectionAndSpinCount
GetSystemTimeAsFileTime
HeapAlloc
HeapFree
ExitProcess
GetModuleHandleA
LoadLibraryA
GetProcAddress

Sections

.text
Size: - Virtual size: 165KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 2.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vmpˀ��
Size: - Virtual size: 2.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.vmpˀ��
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vmpˀ��
Size: 4.6MB - Virtual size: 4.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 934KB - Virtual size: 1.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6759995fda4d4e04dbf703eef9d542ab

Code Sign

66:4f:b5:cf:89:09:a1:b9:40:e8:3a:4c:77:11:0e:2dCertificate

3a:52:6a:2c:84:ce:55:e6:1d:65:fc:cc:12:d8:e9:89Certificate

Extended Key Usages

Key Usages

7a:23:ae:da:53:69:96:0f:91:c8:3e:5c:f4:c7:e3:3fCertificate

Extended Key Usages

Key Usages

36:c2:b0:bd:7c:1b:3a:e7:a3:b3:dd:36:cb:c9:75:68Certificate

Extended Key Usages

Key Usages

ee:ea:bc:ed:89:ec:3d:86:db:da:5d:1f:28:51:75:b2:2c:ad:07:d0:4c:72:e5:2d:59:73:5e:41:8a:a0:aa:b8Signer

Headers

DLL Characteristics

File Characteristics

Imports

msvcrt

kernel32

Sections

.text Size: - Virtual size: 165KB

.rdata Size: - Virtual size: 46KB

.data Size: - Virtual size: 2.1MB

.vmpˀ�� Size: - Virtual size: 2.5MB

.vmpˀ�� Size: 1KB - Virtual size: 1KB

.vmpˀ�� Size: 4.6MB - Virtual size: 4.6MB

.reloc Size: 7KB - Virtual size: 6KB

.rsrc Size: 934KB - Virtual size: 1.0MB

66:4f:b5:cf:89:09:a1:b9:40:e8:3a:4c:77:11:0e:2d
Certificate

3a:52:6a:2c:84:ce:55:e6:1d:65:fc:cc:12:d8:e9:89
Certificate

7a:23:ae:da:53:69:96:0f:91:c8:3e:5c:f4:c7:e3:3f
Certificate

36:c2:b0:bd:7c:1b:3a:e7:a3:b3:dd:36:cb:c9:75:68
Certificate

ee:ea:bc:ed:89:ec:3d:86:db:da:5d:1f:28:51:75:b2:2c:ad:07:d0:4c:72:e5:2d:59:73:5e:41:8a:a0:aa:b8
Signer

.text
Size: - Virtual size: 165KB

.rdata
Size: - Virtual size: 46KB

.data
Size: - Virtual size: 2.1MB

.vmpˀ��
Size: - Virtual size: 2.5MB

.vmpˀ��
Size: 1KB - Virtual size: 1KB

.vmpˀ��
Size: 4.6MB - Virtual size: 4.6MB

.reloc
Size: 7KB - Virtual size: 6KB

.rsrc
Size: 934KB - Virtual size: 1.0MB