05dc698e49fce4efae5872eb54f19767[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

05dc698e49fce4efae5872eb54f19767.exe
Size

5.6MB
MD5

05dc698e49fce4efae5872eb54f19767
SHA1

29cfcfbbb21aefabe7c57a057dcf0335cb4a0ac0
SHA256

86a95ebe542d3aed78191cf9bb40d86b7986b338e50941bf7db1ed5008a4e027
SHA512

85ea0fee917ae5de9c6065ef9a85d3f5cec1c84a31230d81db115006a2d9bb20ba771702b590d4973b75d935d48eee049a7ba35b676796b4a04c3b369e881dc7
SSDEEP

98304:egctTMC3AKW4rNhjVl24OV7cYnBs3vOyCcy42ti0twuXi0doDvXBhG9zHZ:egctTM4AKW4JhjHTOV4YnBs32y042k+v

Score

1^/10

Malware Config

Signatures

Files

05dc698e49fce4efae5872eb54f19767.exe
.exe windows:5 windows x86 arch:x86

6759995fda4d4e04dbf703eef9d542ab

Code Sign

5a:b8:89:1e:9a:0a:79:96:49:40:81:ed:71:f4:71:ee
Certificate

Issuer

CN=Lenovo HelpCentr

Not Before

23-12-2024 14:54

Not After

24-12-2034 14:54

Subject

CN=Lenovo HelpCentr

3a:52:6a:2c:84:ce:55:e6:1d:65:fc:cc:12:d8:e9:89
Certificate

Issuer

CN=Sectigo Public Time Stamping CA R36,O=Sectigo Limited,C=GB

Not Before

15-01-2024 00:00

Not After

14-04-2035 23:59

Subject

CN=Sectigo Public Time Stamping Signer R35,O=Sectigo Limited,ST=Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

7a:23:ae:da:53:69:96:0f:91:c8:3e:5c:f4:c7:e3:3f
Certificate

Issuer

CN=Sectigo Public Time Stamping Root R46,O=Sectigo Limited,C=GB

Not Before

22-03-2021 00:00

Not After

21-03-2036 23:59

Subject

CN=Sectigo Public Time Stamping CA R36,O=Sectigo Limited,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

36:c2:b0:bd:7c:1b:3a:e7:a3:b3:dd:36:cb:c9:75:68
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

22-03-2021 00:00

Not After

18-01-2038 23:59

Subject

CN=Sectigo Public Time Stamping Root R46,O=Sectigo Limited,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

39:2c:37:cc:8d:de:5c:33:33:1d:63:aa:2f:a1:c6:12:d2:15:8d:cf:3c:15:b8:02:8f:d5:5a:8e:32:8b:06:dc
Signer

Actual PE Digest

39:2c:37:cc:8d:de:5c:33:33:1d:63:aa:2f:a1:c6:12:d2:15:8d:cf:3c:15:b8:02:8f:d5:5a:8e:32:8b:06:dc

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

rand

kernel32

InitializeCriticalSectionAndSpinCount
GetSystemTimeAsFileTime
HeapAlloc
HeapFree
ExitProcess
GetModuleHandleA
LoadLibraryA
GetProcAddress

Sections

.text
Size: - Virtual size: 165KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 2.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vmp⡯�
Size: - Virtual size: 2.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.vmp⡯�
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vmp⡯�
Size: 4.6MB - Virtual size: 4.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 966KB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6759995fda4d4e04dbf703eef9d542ab

Code Sign

5a:b8:89:1e:9a:0a:79:96:49:40:81:ed:71:f4:71:eeCertificate

3a:52:6a:2c:84:ce:55:e6:1d:65:fc:cc:12:d8:e9:89Certificate

Extended Key Usages

Key Usages

7a:23:ae:da:53:69:96:0f:91:c8:3e:5c:f4:c7:e3:3fCertificate

Extended Key Usages

Key Usages

36:c2:b0:bd:7c:1b:3a:e7:a3:b3:dd:36:cb:c9:75:68Certificate

Extended Key Usages

Key Usages

39:2c:37:cc:8d:de:5c:33:33:1d:63:aa:2f:a1:c6:12:d2:15:8d:cf:3c:15:b8:02:8f:d5:5a:8e:32:8b:06:dcSigner

Headers

DLL Characteristics

File Characteristics

Imports

msvcrt

kernel32

Sections

.text Size: - Virtual size: 165KB

.rdata Size: - Virtual size: 46KB

.data Size: - Virtual size: 2.1MB

.vmp⡯� Size: - Virtual size: 2.5MB

.vmp⡯� Size: 1KB - Virtual size: 1KB

.vmp⡯� Size: 4.6MB - Virtual size: 4.6MB

.reloc Size: 7KB - Virtual size: 6KB

.rsrc Size: 966KB - Virtual size: 1.1MB

5a:b8:89:1e:9a:0a:79:96:49:40:81:ed:71:f4:71:ee
Certificate

3a:52:6a:2c:84:ce:55:e6:1d:65:fc:cc:12:d8:e9:89
Certificate

7a:23:ae:da:53:69:96:0f:91:c8:3e:5c:f4:c7:e3:3f
Certificate

36:c2:b0:bd:7c:1b:3a:e7:a3:b3:dd:36:cb:c9:75:68
Certificate

39:2c:37:cc:8d:de:5c:33:33:1d:63:aa:2f:a1:c6:12:d2:15:8d:cf:3c:15:b8:02:8f:d5:5a:8e:32:8b:06:dc
Signer

.text
Size: - Virtual size: 165KB

.rdata
Size: - Virtual size: 46KB

.data
Size: - Virtual size: 2.1MB

.vmp⡯�
Size: - Virtual size: 2.5MB

.vmp⡯�
Size: 1KB - Virtual size: 1KB

.vmp⡯�
Size: 4.6MB - Virtual size: 4.6MB

.reloc
Size: 7KB - Virtual size: 6KB

.rsrc
Size: 966KB - Virtual size: 1.1MB