2698ba47959fea1cfb6c540701efd799231f25980061ef113fdee1fd34240a52

Sharing

Copy URL Twitter E-mail

General

Target

2698ba47959fea1cfb6c540701efd799231f25980061ef113fdee1fd34240a52
Size

343KB
MD5

8b72cfaeac817fd1ffbe1faea0650ec8
SHA1

29035fb45c136ea59f0402f52fbd743ed08587e8
SHA256

2698ba47959fea1cfb6c540701efd799231f25980061ef113fdee1fd34240a52
SHA512

e9cde091aaf6841ab85c5399be26affbe554234eced63ef1db040532b287eb8852ab43012dbc5c81389b6337bd7ffaafd6a576db45b790d58503f45528bf05c1
SSDEEP

6144:K5myoPwWt51oL3Hf4yS+aQZRoGI8DaqhXlO8saXiiwLQIX4XvU0on+7VIQ4:KBRWj1oLQySezoGI8mqtlO8d7wL5X42T

Score

N/A

Malware Config

Signatures

Files

2698ba47959fea1cfb6c540701efd799231f25980061ef113fdee1fd34240a52
.exe windows x86

a13dbba1ed5f4e00252b7131fb2dadba

Code Sign

0d:ba:c7:bb:b8:95:5e:76:b0:64:c6:19:9a:56:7a:da
Certificate

Issuer

CN=hhuefxwvlur

Not Before

13/12/2011, 16:31

Not After

24/07/2021, 22:00

Subject

CN=Neryu

7b:9c:01:2f:1e:c4:c6:21:29:93:f4:47:c8:b1:3c:a6:2a:56:6a:c0
Signer

Actual PE Digest

7b:9c:01:2f:1e:c4:c6:21:29:93:f4:47:c8:b1:3c:a6:2a:56:6a:c0

Digest Algorithm

sha1

PE Digest Matches

true

Signature Validations

Trusted

false

Verification

Signing Certificate

NO CERTIFICATE

01/01/0001, 00:00
Valid: false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetWindowTextA
IsZoomed
ShowOwnedPopups
DefDlgProcA
GetDlgItem

ole32

CoMarshalHresult
CoFileTimeNow
CoTaskMemAlloc

oleaut32

CreateTypeLi

kernel32

GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
MultiByteToWideChar
LoadLibraryA
GetOEMCP
GetACP
GetCPInfo
HeapReAlloc
VirtualAlloc
InitializeCriticalSection
GetModuleHandleA
GetProcAddress
ExitProcess
GetLastError
RemoveDirectoryA
GetStartupInfoA
GetCommandLineA
GetVersion
EnterCriticalSection
LeaveCriticalSection
UnhandledExceptionFilter
HeapAlloc
GetCurrentThreadId
TlsSetValue
TlsAlloc
SetLastError
TlsGetValue
TerminateProcess
GetCurrentProcess
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
HeapDestroy
HeapCreate
VirtualFree
HeapFree
RtlUnwind
WriteFile

Sections

.text
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 509KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

qixe
Size: 217KB - Virtual size: 217KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

biht
Size: 80KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a13dbba1ed5f4e00252b7131fb2dadba

Code Sign

0d:ba:c7:bb:b8:95:5e:76:b0:64:c6:19:9a:56:7a:daCertificate

7b:9c:01:2f:1e:c4:c6:21:29:93:f4:47:c8:b1:3c:a6:2a:56:6a:c0Signer

Signature Validations

Verification

01/01/0001, 00:00 Valid: false

Headers

File Characteristics

Imports

user32

ole32

oleaut32

kernel32

Sections

.text Size: 14KB - Virtual size: 14KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 5KB - Virtual size: 509KB

qixe Size: 217KB - Virtual size: 217KB

biht Size: 80KB - Virtual size: 80KB

.rsrc Size: 17KB - Virtual size: 16KB

.reloc Size: 4KB - Virtual size: 3KB

0d:ba:c7:bb:b8:95:5e:76:b0:64:c6:19:9a:56:7a:da
Certificate

7b:9c:01:2f:1e:c4:c6:21:29:93:f4:47:c8:b1:3c:a6:2a:56:6a:c0
Signer

01/01/0001, 00:00
Valid: false

.text
Size: 14KB - Virtual size: 14KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 5KB - Virtual size: 509KB

qixe
Size: 217KB - Virtual size: 217KB

biht
Size: 80KB - Virtual size: 80KB

.rsrc
Size: 17KB - Virtual size: 16KB

.reloc
Size: 4KB - Virtual size: 3KB