imgnano0002.exe

Diabological

Daniel Atallah

Publisher:
Santech  (signed by Daniel Atallah)

Product:
Diabological

Description:
Diverters

Version:
1.00

MD5:
faeb27f7e4e3cde19f05c3d5900a8507

SHA-1:
05dc505694e30af01ba8d9b0a9edcd0f90be09f9

SHA-256:
6f43b88951884a98a0ae984611d0fecee80287875d11207763a8254a67c784a1

Scanner detections:
3 / 68

Status:
Inconclusive  (not enough data for an accurate detection)

Analysis date:
12/25/2024 4:52:44 PM UTC  (today)

Scan engine
Detection
Engine version

ESET NOD32
Win32/Injector.CZAG trojan
8.0.319.0

McAfee
Trojan.Artemis!FAEB27F7E4E3
18.0.204.0

VIPRE Antivirus
Threat.4150696
48878

File size:
1 MB (1,091,664 bytes)

Product version:
1.00

Original file name:
Possessable5.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\appdata\local\temp\{random}.tmp\imgnano0002.exe

Digital Signature
Signed by:

Authority:
StartCom Ltd.

Valid from:
9/11/2014 9:36:56 AM

Valid to:
9/11/2016 10:37:54 AM

Subject:
E=datallah@pidgin.im, CN=Daniel Atallah, L=Holland, S=Michigan, C=US

Issuer:
CN=StartCom Class 2 Primary Intermediate Object CA, OU=Secure Digital Certificate Signing, O=StartCom Ltd., C=IL

Serial number:
1015

File PE Metadata
Compilation timestamp:
5/24/2016 8:02:33 AM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
6144:lS0Iz+7OGpQTVQTqqQK92luRgSX1eoCZRgqgryBqJr6y/bJx7wYuJOKPXA3gCGYP:oS7OL0iiyCg8OCrMq70J3ArGiDrco

Entry address:
0x11E4

Entry point:
68, C4, 25, 4F, 00, E8, F0, FF, FF, FF, 00, 00, 00, 00, 00, 00, 30, 00, 00, 00, 40, 00, 00, 00, 00, 00, 00, 00, FB, EA, AF, 97, 2E, EC, 09, 49, 9C, 8C, BB, 76, 2F, 9E, 0A, F7, 00, 00, 00, 00, 00, 00, 01, 00, 00, 00, 00, 00, 04, 00, 00, 00, 55, 6E, 74, 72, 61, 76, 65, 73, 74, 69, 65, 64, 36, 00, 00, 00, 00, 00, 00, 00, FF, CC, 31, 00, 43, 3A, 38, 40, 9D, 14, F7, B0, 4A, 96, 26, 24, A1, E1, 03, 19, 16, E6, 71, 43, 4F, B8, 98, 6B, 41, BD, D2, EA, 61, D7, A3, 83, 57, 3A, 4F, AD, 33, 99, 66, CF, 11, B7, 0C, 00...
 
[+]

Entropy:
4.4913

Developed / compiled with:
Microsoft Visual Basic v5.0

Code size:
984 KB (1,007,616 bytes)

Scan imgnano0002.exe - Powered by Reason Core Security