24022025_1639_24022025_Ems_inquiry_catalogues[.]7z

Sharing

Copy URL

Twitter E-mail

General

Target

24022025_1639_24022025_Ems_inquiry_catalogues.7z
Size

1.3MB
MD5

4abbb59f2a25ee906b104e7fadb8d915
SHA1

cd9ba032cbdd7a5251e51f0febbfcb68d8e83a1d
SHA256

e744231336744aa7cb7abcb25fd532ca299a9ca9f1f6d62a4c331d398739f84c
SHA512

510b49e705502c07805fb8696e6c0702e441a060061095f2b087efe2a7879e9e51bc8a425b6007cb03c7629cee87c3dc7deaef73079966c50e03ed2272a60470
SSDEEP

24576:dehlfmznd8Olkjh7pMLoFc3e/PIvHsj1ziinBBGgad8N04zXihts0B:AbfgndrWjhpMKmaKHM1zjXGgxN3zSv

Score

1^/10

Malware Config

Signatures

Files

24022025_1639_24022025_Ems_inquiry_catalogues.7z
.zip

Password: infected
Ems_inquiry_catalogues.exe
.exe windows:4 windows x86 arch:x86

Password: infected

f34d5f2d4577ed6d9ceec516c1f5a744

Code Sign

77:bd:0e:05:b7:59:0b:b6:1d:47:61:53:1e:3f:75:ed
Certificate

Issuer

CN=GlobalSign Code Signing Root R45,O=GlobalSign nv-sa,C=BE

Not Before

28/07/2020, 00:00

Not After

28/07/2030, 00:00

Subject

CN=GlobalSign GCC R45 EV CodeSigning CA 2020,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

7a:e2:b5:02:13:71:f0:92:a9:04:b6:fa
Certificate

Issuer

CN=GlobalSign GCC R45 EV CodeSigning CA 2020,O=GlobalSign nv-sa,C=BE

Not Before

29/07/2022, 07:15

Not After

29/07/2025, 07:15

Subject

SERIALNUMBER=94349,CN=Telegram FZ-LLC,O=Telegram FZ-LLC,L=Dubai,ST=Dubai,C=AE,1.2.840.113549.1.9.1=#0c11696e666f4074656c656772616d2e6f7267,1.3.6.1.4.1.311.60.2.1.2=#13054475626169,1.3.6.1.4.1.311.60.2.1.3=#13024145,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

3a:52:6a:2c:84:ce:55:e6:1d:65:fc:cc:12:d8:e9:89
Certificate

Issuer

CN=Sectigo Public Time Stamping CA R36,O=Sectigo Limited,C=GB

Not Before

15/01/2024, 00:00

Not After

14/04/2035, 23:59

Subject

CN=Sectigo Public Time Stamping Signer R35,O=Sectigo Limited,ST=Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

7a:23:ae:da:53:69:96:0f:91:c8:3e:5c:f4:c7:e3:3f
Certificate

Issuer

CN=Sectigo Public Time Stamping Root R46,O=Sectigo Limited,C=GB

Not Before

22/03/2021, 00:00

Not After

21/03/2036, 23:59

Subject

CN=Sectigo Public Time Stamping CA R36,O=Sectigo Limited,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

36:c2:b0:bd:7c:1b:3a:e7:a3:b3:dd:36:cb:c9:75:68
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

22/03/2021, 00:00

Not After

18/01/2038, 23:59

Subject

CN=Sectigo Public Time Stamping Root R46,O=Sectigo Limited,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

86:1b:fa:43:be:26:15:ea:cb:56:e7:0a:cb:da:bf:de:54:69:41:e6:57:bd:d9:3b:5c:27:f9:c2:7c:78:3c:9d
Signer

Actual PE Digest

86:1b:fa:43:be:26:15:ea:cb:56:e7:0a:cb:da:bf:de:54:69:41:e6:57:bd:d9:3b:5c:27:f9:c2:7c:78:3c:9d

Digest Algorithm

sha256

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 1.7MB - Virtual size: 1.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Password: infected

Password: infected

f34d5f2d4577ed6d9ceec516c1f5a744

Code Sign

77:bd:0e:05:b7:59:0b:b6:1d:47:61:53:1e:3f:75:edCertificate

Extended Key Usages

Key Usages

7a:e2:b5:02:13:71:f0:92:a9:04:b6:faCertificate

Extended Key Usages

Key Usages

3a:52:6a:2c:84:ce:55:e6:1d:65:fc:cc:12:d8:e9:89Certificate

Extended Key Usages

Key Usages

7a:23:ae:da:53:69:96:0f:91:c8:3e:5c:f4:c7:e3:3fCertificate

Extended Key Usages

Key Usages

36:c2:b0:bd:7c:1b:3a:e7:a3:b3:dd:36:cb:c9:75:68Certificate

Extended Key Usages

Key Usages

86:1b:fa:43:be:26:15:ea:cb:56:e7:0a:cb:da:bf:de:54:69:41:e6:57:bd:d9:3b:5c:27:f9:c2:7c:78:3c:9dSigner

Headers

DLL Characteristics

File Characteristics

Imports

mscoree

Sections

.text Size: 1.7MB - Virtual size: 1.7MB

.rsrc Size: 28KB - Virtual size: 28KB

.reloc Size: 512B - Virtual size: 12B

77:bd:0e:05:b7:59:0b:b6:1d:47:61:53:1e:3f:75:ed
Certificate

7a:e2:b5:02:13:71:f0:92:a9:04:b6:fa
Certificate

3a:52:6a:2c:84:ce:55:e6:1d:65:fc:cc:12:d8:e9:89
Certificate

7a:23:ae:da:53:69:96:0f:91:c8:3e:5c:f4:c7:e3:3f
Certificate

36:c2:b0:bd:7c:1b:3a:e7:a3:b3:dd:36:cb:c9:75:68
Certificate

86:1b:fa:43:be:26:15:ea:cb:56:e7:0a:cb:da:bf:de:54:69:41:e6:57:bd:d9:3b:5c:27:f9:c2:7c:78:3c:9d
Signer

.text
Size: 1.7MB - Virtual size: 1.7MB

.rsrc
Size: 28KB - Virtual size: 28KB

.reloc
Size: 512B - Virtual size: 12B