2ec5256a7edb90b1c05c92f79e8a48c205b29e1ac910a535aa83c30b8dbbeff8

Sharing

Copy URL

Twitter E-mail

General

Target

2ec5256a7edb90b1c05c92f79e8a48c205b29e1ac910a535aa83c30b8dbbeff8
Size

134KB
MD5

a5c70086b3bc4fe64f4e7a0aa452e620
SHA1

2ab44cf5338ef5ed118365b4e8452b906c0dab4b
SHA256

2ec5256a7edb90b1c05c92f79e8a48c205b29e1ac910a535aa83c30b8dbbeff8
SHA512

0280164c258afb169b59863c65266626ff1b2cc5a736702a49c2229dfd4d9f5213f6346cd4ec5316a19d5b0b55102c393ce255b999b061c04cc8574495e8e7e7
SSDEEP

3072:oZkmuVEvfzS9ljrZU/bH0ffOkObkPnSh6/5b:OkmQIW9ljrqbH0cwhb

Score

1^/10

Malware Config

Signatures

Files

2ec5256a7edb90b1c05c92f79e8a48c205b29e1ac910a535aa83c30b8dbbeff8
.exe windows:5 windows x86 arch:x86

2ce62b0c0226079a88a01c701dbee7b9

Code Sign

02:ac:5c:26:6a:0b:40:9b:8f:0b:79:f2:ae:46:25:77
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

10/11/2006, 00:00

Not After

10/11/2031, 00:00

Subject

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

07:b7:4c:70:c4:aa:09:26:48:b7:f0:d1:a8:a3:a2:8f
Certificate

Issuer

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

21/10/2020, 00:00

Not After

17/10/2021, 23:59

Subject

SERIALNUMBER=8455830000,CN=Rad-Grad D.O.O.,O=Rad-Grad D.O.O.,L=CELJE,C=SI,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.3=#13025349

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:01:9a:02:3a:ff:58:b1:6b:d6:d5:ea:e6:17:f0:66
Certificate

Issuer

CN=DigiCert Assured ID CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22/10/2014, 00:00

Not After

22/10/2024, 00:00

Subject

CN=DigiCert Timestamp Responder,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

06:fd:f9:03:96:03:ad:ea:00:0a:eb:3f:27:bb:ba:1b
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

10/11/2006, 00:00

Not After

10/11/2021, 00:00

Subject

CN=DigiCert Assured ID CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageServerAuth
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
ExtKeyUsageEmailProtection
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

ff:02:32:59:51:de:72:b9:97:bf:3c:85:35:d3:ad:12:29:08:b0:9a
Signer

Actual PE Digest

ff:02:32:59:51:de:72:b9:97:bf:3c:85:35:d3:ad:12:29:08:b0:9a

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentProcess
GetCurrentThread
SetLastError
Sleep
CloseHandle
LoadLibraryA
WinExec
GetProcAddress
CreateFileW
DecodePointer
WriteConsoleW
SetFilePointerEx
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetStartupInfoW
IsProcessorFeaturePresent
GetModuleHandleW
TerminateProcess
RtlUnwind
GetLastError
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
LoadLibraryExW
ExitProcess
GetModuleHandleExW
GetStdHandle
WriteFile
GetModuleFileNameW
MultiByteToWideChar
WideCharToMultiByte
GetACP
HeapFree
HeapAlloc
GetStringTypeW
LCMapStringW
FindClose
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetOEMCP
GetCPInfo
GetCommandLineA
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetStdHandle
GetFileType
GetProcessHeap
HeapSize
HeapReAlloc
FlushFileBuffers
GetConsoleCP
GetConsoleMode
RaiseException

advapi32

CloseServiceHandle

ws2_32

htons
htonl
bind
inet_addr

Sections

.text
Size: 83KB - Virtual size: 82KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 19KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 512B - Virtual size: 172B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2ce62b0c0226079a88a01c701dbee7b9

Code Sign

02:ac:5c:26:6a:0b:40:9b:8f:0b:79:f2:ae:46:25:77Certificate

Key Usages

07:b7:4c:70:c4:aa:09:26:48:b7:f0:d1:a8:a3:a2:8fCertificate

Extended Key Usages

Key Usages

03:01:9a:02:3a:ff:58:b1:6b:d6:d5:ea:e6:17:f0:66Certificate

Extended Key Usages

Key Usages

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5cCertificate

Extended Key Usages

Key Usages

06:fd:f9:03:96:03:ad:ea:00:0a:eb:3f:27:bb:ba:1bCertificate

Extended Key Usages

Key Usages

ff:02:32:59:51:de:72:b9:97:bf:3c:85:35:d3:ad:12:29:08:b0:9aSigner

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

advapi32

ws2_32

Sections

.text Size: 83KB - Virtual size: 82KB

.rdata Size: 22KB - Virtual size: 22KB

.data Size: 19KB - Virtual size: 47KB

.gfids Size: 512B - Virtual size: 172B

02:ac:5c:26:6a:0b:40:9b:8f:0b:79:f2:ae:46:25:77
Certificate

07:b7:4c:70:c4:aa:09:26:48:b7:f0:d1:a8:a3:a2:8f
Certificate

03:01:9a:02:3a:ff:58:b1:6b:d6:d5:ea:e6:17:f0:66
Certificate

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

06:fd:f9:03:96:03:ad:ea:00:0a:eb:3f:27:bb:ba:1b
Certificate

ff:02:32:59:51:de:72:b9:97:bf:3c:85:35:d3:ad:12:29:08:b0:9a
Signer

.text
Size: 83KB - Virtual size: 82KB

.rdata
Size: 22KB - Virtual size: 22KB

.data
Size: 19KB - Virtual size: 47KB

.gfids
Size: 512B - Virtual size: 172B