76e087e12234718cfb6f5387511175ceb4b8295c9d8115feb9fca1dfe63f00d0N[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

76e087e12234718cfb6f5387511175ceb4b8295c9d8115feb9fca1dfe63f00d0N.exe
Size

238KB
MD5

e6ef46c4c29781b0a24d14b1b4163910
SHA1

aaa4557dcabcf96bb1ad39f9e1c5fe522ee3786a
SHA256

76e087e12234718cfb6f5387511175ceb4b8295c9d8115feb9fca1dfe63f00d0
SHA512

63a72c76f4e1b239abd177e0804ca66957a73e4f1d8107a5dfab9f497939f4267d2c8be499b1cddd790fa15be22e280fa06959a81ea148fb4a98a6e2a83f03d8
SSDEEP

6144:6UgAapGj7G81VIYVnApBBV+UdvrEFp7hKSpq:6Ug1aQBBjvrEH75q

Score

1^/10

Malware Config

Signatures

Files

76e087e12234718cfb6f5387511175ceb4b8295c9d8115feb9fca1dfe63f00d0N.exe
.exe windows:4 windows x86 arch:x86

e8e7c5945c5a59c7d7d16577e1cb0598

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29-04-2021 00:00

Not After

28-04-2036 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0b:59:29:2a:8c:f6:59:10:78:c9:29:d5:ba:55:a7:f6
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

28-07-2022 00:00

Not After

06-08-2025 23:59

Subject

CN=Tonec Inc.,O=Tonec Inc.,L=New York,ST=New York,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14-07-2023 00:00

Not After

13-10-2034 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23-03-2022 00:00

Not After

22-03-2037 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01-08-2022 00:00

Not After

09-11-2031 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

e3:2c:57:17:70:28:23:13:0e:b2:b9:6a:10:f0:ff:b2:e8:28:d6:90:10:1f:74:f8:fa:7c:3d:f0:71:57:46:67
Signer

Actual PE Digest

e3:2c:57:17:70:28:23:13:0e:b2:b9:6a:10:f0:ff:b2:e8:28:d6:90:10:1f:74:f8:fa:7c:3d:f0:71:57:46:67

Digest Algorithm

sha256

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

InitCommonControlsEx

shlwapi

SHDeleteKeyW

kernel32

CopyFileW
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
ExitThread
DeleteFileW
ExitProcess
lstrcpyW
lstrcmpW
UnmapViewOfFile
MultiByteToWideChar
GetSystemTime
CreateEventW
MapViewOfFile
SetFileTime
GetFileTime
CreateFileMappingW
GetFileSize
MoveFileExW
TerminateProcess
OpenProcess
CreateDirectoryW
RemoveDirectoryW
FindClose
CreateProcessW
FindFirstFileW
SetEndOfFile
SetFilePointer
GetShortPathNameW
WriteFile
LocalFree
FormatMessageW
GetUserDefaultLangID
GetSystemDefaultLangID
SetCurrentDirectoryW
LocalAlloc
GetExitCodeThread
FreeResource
LockResource
LoadResource
SizeofResource
FindResourceW
MulDiv
CreateThread
HeapAlloc
HeapFree
GetProcessHeap
GetDiskFreeSpaceW
ResumeThread
SuspendThread
WideCharToMultiByte
CompareFileTime
GetExitCodeProcess
GetLastError
CreateFileW
GetModuleFileNameW
GetModuleHandleW
GetCurrentProcess
GetVersionExW
lstrlenW
GetWindowsDirectoryW
Sleep
GetSystemDirectoryW
CreateMutexW
OpenMutexW
WaitForSingleObject
ReleaseMutex
CloseHandle
lstrcmpiW
LoadLibraryW
GetProcAddress
FreeLibrary
GetFileAttributesW
lstrcatW
FindNextFileW
GetStartupInfoW

user32

EnumWindows
MessageBoxW
wsprintfW
GetForegroundWindow
SendMessageW
SetDlgItemTextW
SendDlgItemMessageW
wsprintfA
EnableWindow
GetDlgItem
DispatchMessageW
TranslateMessage
PeekMessageW
MsgWaitForMultipleObjects
PostQuitMessage
GetKeyboardLayoutList
SetForegroundWindow
SetWindowPos
DestroyWindow
GetDlgCtrlID
GetFocus
DialogBoxParamW
GetDesktopWindow
GetWindow
ExitWindowsEx
GetDC
ReleaseDC
CreateWindowExW
CallWindowProcW
GetParent
SetFocus
IsIconic
BeginPaint
GetSystemMetrics
DrawIcon
GetWindowRect
ScreenToClient
EndPaint
CharUpperW
FindWindowW
SetWindowTextW
GetWindowThreadProcessId
GetWindowTextW
GetClientRect
GetWindowLongW
SetWindowLongW
PostMessageW
GetWindowDC
CreateDialogParamW
LoadIconW
ShowWindow
GetMessageW
IsDialogMessageW

gdi32

LPtoDP
GetDeviceCaps
DPtoLP
SetMapMode
GetMapMode
TranslateCharsetInfo

advapi32

RegQueryInfoKeyW
AllocateAndInitializeSid
RegSetValueExA
FreeSid
LookupPrivilegeValueW
AdjustTokenPrivileges
GetUserNameW
RegEnumKeyExW
RegSetValueExW
RegQueryValueExW
RegOpenKeyExW
RegEnumKeyW
OpenProcessToken
RegCloseKey
RegCreateKeyExW
RegDeleteKeyW
RegDeleteValueW

shell32

SHGetMalloc
SHGetSpecialFolderLocation
SHGetPathFromIDListW
SHBrowseForFolderW
ShellExecuteExW
ShellExecuteW

ole32

CreateStreamOnHGlobal
CoInitialize
CoUninitialize
CoCreateInstance
CoTaskMemFree

oleaut32

OleLoadPicture
LoadTypeLibEx

msvcrt

_controlfp
__setusermatherr
_initterm
__wgetmainargs
_wcmdln
exit
_XcptFilter
_exit
??1type_info@@UAE@XZ
_onexit
__dllonexit
?terminate@@YAXXZ
_except_handler3
_wcsnicmp
strcpy
strrchr
atoi
strcmp
_snwprintf
_wfopen
fgets
sscanf
fclose
_CxxThrowException
_itow
strstr
strchr
memmove
wcschr
wcsncpy
_ftime
_ftol
memcpy
_stricmp
strncpy
_wcsupr
wcscmp
time
_wsplitpath
strlen
wcsncmp
free
malloc
memcmp
??2@YAPAXI@Z
wcsstr
memset
wcsrchr
wcslen
wcscat
wcscpy
??3@YAXPAX@Z
__CxxFrameHandler
__p__commode
__p__fmode
__set_app_type
_adjust_fdiv

Sections

.text
Size: 65KB - Virtual size: 65KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 29KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 47KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e8e7c5945c5a59c7d7d16577e1cb0598

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9Certificate

Extended Key Usages

Key Usages

0b:59:29:2a:8c:f6:59:10:78:c9:29:d5:ba:55:a7:f6Certificate

Extended Key Usages

Key Usages

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16Certificate

Extended Key Usages

Key Usages

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5bCertificate

Extended Key Usages

Key Usages

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5aCertificate

Key Usages

e3:2c:57:17:70:28:23:13:0e:b2:b9:6a:10:f0:ff:b2:e8:28:d6:90:10:1f:74:f8:fa:7c:3d:f0:71:57:46:67Signer

Headers

File Characteristics

Imports

comctl32

shlwapi

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

msvcrt

Sections

.text Size: 65KB - Virtual size: 65KB

.rdata Size: 9KB - Virtual size: 8KB

.data Size: 29KB - Virtual size: 36KB

.rsrc Size: 47KB - Virtual size: 47KB

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

0b:59:29:2a:8c:f6:59:10:78:c9:29:d5:ba:55:a7:f6
Certificate

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

e3:2c:57:17:70:28:23:13:0e:b2:b9:6a:10:f0:ff:b2:e8:28:d6:90:10:1f:74:f8:fa:7c:3d:f0:71:57:46:67
Signer

.text
Size: 65KB - Virtual size: 65KB

.rdata
Size: 9KB - Virtual size: 8KB

.data
Size: 29KB - Virtual size: 36KB

.rsrc
Size: 47KB - Virtual size: 47KB