Sample details: e864ff56570b9ab3f640779e1dfda3f2 --

Hashes
MD5: e864ff56570b9ab3f640779e1dfda3f2
SHA1: f9a0892ac08115e0876e1e7cabc89369a963a53c
SHA256: 8a24f75188b63723ee4d0dd65e40282723971e42687eaa03e6800e2a4435f0f7
SSDEEP: 6144:exrRuURcsZBaIU6ucfPjTM1c3r6bbvjZrB:e2UVCIU693U1quB
Details
File Type: PE32
Yara Hits
YRP/IsPE32 | YRP/IsWindowsGUI | YRP/HasDebugData | YRP/HasRichSignature | YRP/domain | YRP/contentis_base64 | YRP/CRC32_poly_Constant |
Source
https://fanorezoh.com/dfhguer74554gjdfjgi4458845hghhv/vaio.bin
Strings
		!This program cannot be run in DOS mode.
@.data
@.reloc
D$6f%}Rf
T$,=PE
D$Zf3D$Z
D$ +D$ 
)D$@f9
T$(#T$(
T$_*T$_
D$@@`Hn
BtSZwnOXlqExilX.pdb
I_RpcBindingInqWireIdForSnego
RpcServerInqBindings
RPCRT4.dll
GetModuleFileNameExW
PSAPI.DLL
LookupPrivilegeValueW
CryptSetKeyParam
MapGenericMask
ADVAPI32.dll
GetGlyphOutlineA
AbortDoc
SetViewportOrgEx
GDI32.dll
StrRetToBSTR
PathIsUNCServerShareW
SHLWAPI.dll
OLEAUT32.dll
CryptDecryptMessage
CRYPT32.dll
JetBeginTransaction
JetInit
ESENT.dll
VirtualLock
GetVersionExA
GetDiskFreeSpaceW
GetCurrentProcess
GetTimeZoneInformation
GetProcessAffinityMask
GetConsoleWindow
GetCommandLineA
LocalAlloc
CloseHandle
GetUserDefaultLCID
GetPriorityClass
KERNEL32.dll
SetRect
UnregisterDeviceNotification
GetDlgItem
GetSystemMenu
SetCapture
USER32.dll
.-M)$K
<);_Ke
B{brx++
	QN;X9
E-Do#`a
N2r-n>
i\fUcr*
R%Tz}Pf
^QdAQLUW
mNWIy`7
$p.+*13
|@5%6h*
UD.4{\x#
H0%#vj
%g?$Ld
7v/g^::O
h)$Esu.
q4vc{S
o	]>JQ
A%mu?X
a\c*5M%
TL)Om 	
IHa(Nn
173 nM
PH7;J4
GnlP`N
#Z1ufW6
2NO8]pr
oy4(-g
o:HI}]
Ghr$^{2
U]C)!-
1G]\-l
hA?H^U
k(K\r1j
]"$+AJ#
z8:fP8
2&hD,W
y+rJRp
 >ly6l
]/<*wq
/e<ra=
iL_Ex@T
|ZZY|X~5
V	,CO fyGw
We*}'z
ru|/qG!
5E	B]^F
 IQ@{N
q*]jcj+
Y@p'l4
:RtN;Xe!x
{eFE/uZ
\m$%Io
_S_HhC`j
 	^Gy>
+R&b9l
`E 1Wr
xm&i;9
Ph'JvL
qIb#*A
-O1d`/
>K:vS?
&'S%3d
[W`|")
R5"t8F
$|tSgp
C$PN+I
)j$NnQ
/4Y~FDo
~/Y,'Y
q@$QF)_T
Kn6;yZ;
#TS}7{VW
:2	\V(
glL^Z =J
Y[-Xw1,
lkD';{
*j/)}+l
e_>bq~1
no1OU"Q
laA;z<z
kM.	5%Rnw
1$$!Wz
w[Z6rt
.)Npt0
b"~,(t
,03#&`
NT<$sh^
XXx;M@
BRPI,+
J\|W<,
ZkRO2Y
p  _$6
kKQ+Et
otTb(q
n',m|w|~B
ZUf<M[
bfS3}:e
-j#(U`(
SrBQ$S
h*}/BE
u)ryOR
&|O<oY
e8/6U^
v{dnJm
P!Krlv_a
ASJ0]4U4
\FiL!M
a\I]5n
FsnS.E
@z{-X%*#
c+b(+O?R7N
Y#P,Mh
5pu,6eN
(gmSVpt>
:bi_|%E
	JRh<:
>xK3}S
S)$ZTb-
V&UT*m
?AkAK-e
L%~2ls
S,031h{w
Y%C3@r
2]UwR<TT}
*#5"^6
cgLijL^
C7V;>.;;
.]"!Fg
{;VsQj
.*l{W%R
"r[,DK6
eER|bf
7eT]x#
!\HVz^
SOuX;D
XLlsiV
puYY;	d5
lwO>F>K]
rc8hEw
faz!t.LNJ
D}FM/=
U	FZ@w:
86Brub
*@/?4vK
O(VH$n
~Rw-;&
7$1-AZ(
FX+\d:ee
	&iIb`
E`vJOT
Rcd<94
rM	~cKI
&0^6\L
ANbLU]
,gIIcT=%
=Mm#M`
X]E@Q`=
J7Ib!d
P9Rt)L
%$V~#'
e&rq,'O;#
	7^vy%
hQ^a~{L&:
Y;pXi,
#2%(A}
gt^L(,
y'V1hn6
u_zpY5+J
dP@x-F
,*CoS[
]$S~:k-
n?t)"J
$U@:n<V
2MV<fes
0lLp "
z(GH7Z
LPXKKmz
l\^QBB
8`#|MYK
\+jPGb
Y)wyMC&
sO/2lN2
C&x>E|@
CK7J4m
'P.o2^M%-
+B8	0c.
XG(R5n
w6Z\82
_spA1I
Zm`<sc
47c-`d
<P^	.OHu
*wE,QD
@KsmYH
^C$7X_
89%ePw$'
q"2~iC
D,bgPj=
^vL**LB
l_:^>c
(z~erh
;wxS_(A
T62=bY
 A=5 x
$8lgLPs
sI.g/=N`
vOw9g/
.PMSI4)N,
0dIzQT
;foP%+
ip^E_:V
CJ|C4=
Zo;	"x
NyZvVH0
\kgY~X
d8>g&k
.W0U\X
%hpAlU
N5D:Bs
XZ3ER1
(Tjr9|
+ c?@Q
p9"%3@
kSJTMi
?;?XEg
]90N5^
t5z+qF
^-_RC~
~:7zip
z/Elyj
bggUx%
iE8&O9
$>#jD H
< 4MC6
?}zU</
`FK	@P
0w-..\
>.$wC|
&lT^}rM
u]76Zu
ee!>+1y
^{!9s&
-,-o'o>
r#F 9k
Ktwwo>
6?`lq6|
	!!!	$$$	$$$	$$$	$$$	$$$	$$$	$$$	$$$	$$$	$$$	$$$	###	###	###	###	###	###	###	###	###	$$$	$$$	$$$	$$$	$$$	$$$	$$$	$$$	$$$	$$$	$$$	$$$	$$$	$$$	$$$	$$$	$$$	$$$	$$$	$$$	$$$	$$$	###	###	###	###	###	###	###	"""	"""	"""	!!!	
(((	<<=
"+++	==>
000	888	;;;	;;;	;;;	;;;	;;;	;;;	;;;	;;;	;;;	;;;	;;;	;;;	;;;	;;;	;;;	;;;	;;;	;;;	;;;	;;;	;;;	;;;	;;;	;;;	::;	:::	:::	:::	:::	:::	:::	;;;	;;;	;;;	;;;	;;;	;;;	;;;	;;;	;;;	;;;	;;;	;;;	;;;	:::	:::	:::	:::	:::	;:;	;;;	;;;	;;;	;;;	;;;	;;;	;;;	;;;	;;;	;;;	;;;	;;;	;;;	;;;	;;;	999	111	<<<
"""	777_
000d			
@@@~			
667s			
444l			
			4,,-
  !C111
""#H222
%%&M&&&
##$Q##$
!!"O...
,,,:!!!
444E   
888M$$$
==>U&&&
::;]###
777S!!!
7j7*8d9
>4>>>H>R>\>
<N=V=\=
0"0(0.040:0@0F0L0R0X0^0d0j0p0v0|0
3 3$3(3,3034383<3@3D3x3
Greater Manchester1
Salford1
Sectigo Limited1$0"
Sectigo RSA Code Signing CA0
190730000000Z
200729235959Z0
790001
Lviv1)0'
 Bud. 8 kv. 5, vul.Kotsyubynskogo1
790001
TOV, SMACHNA PLITKA1
TOV, SMACHNA PLITKA0
2X(y'w
https://sectigo.com/CPS0C
2http://crl.sectigo.com/SectigoRSACodeSigningCA.crl0s
2http://crt.sectigo.com/SectigoRSACodeSigningCA.crt0#
http://ocsp.sectigo.com0
New Jersey1
Jersey City1
The USERTRUST Network1.0,
%USERTrust RSA Certification Authority0
181102000000Z
301231235959Z0|1
Greater Manchester1
Salford1
Sectigo Limited1$0"
Sectigo RSA Code Signing CA0
?http://crl.usertrust.com/USERTrustRSACertificationAuthority.crl0v
3http://crt.usertrust.com/USERTrustRSAAddTrustCA.crt0%
http://ocsp.usertrust.com0
#jYhRB_
mt^Ju~
2&-jWp
Greater Manchester1
Salford1
Sectigo Limited1$0"
Sectigo RSA Code Signing CA
GA|2,lt