1473568541d461b60c311427ea7eedd563fd3958fbfda56e0bc4d5eda8b9fc86

Sharing

Copy URL

Twitter E-mail

General

Target

1473568541d461b60c311427ea7eedd563fd3958fbfda56e0bc4d5eda8b9fc86
Size

114KB
MD5

91e435a437758bf1c802e6a1b6f9d98c
SHA1

afae3f04dacb3e28bb3d790165f8f573215cf191
SHA256

1473568541d461b60c311427ea7eedd563fd3958fbfda56e0bc4d5eda8b9fc86
SHA512

d2c1c2c5f57bef7c5b6e1cf401c861acaab3ef0fb23819da95f5e0b16fbbecdf7b365acbbf4b6cbadf0406dbd7a1dcaeb70d0b64d1dc1027ccb1cfca57a837fb
SSDEEP

1536:rFRPOEY368DBuQ8JkzXY9rW9D7sQDcw7v/ekz17QT6I1zuHI5YhetJLxEOn:rFM/uQhzsWJhssOYhetJ22

Score

N/A

Malware Config

Signatures

Files

1473568541d461b60c311427ea7eedd563fd3958fbfda56e0bc4d5eda8b9fc86
.dll windows x86

e1af9456b1f9ae337ea80ec7a4ba86a1

Code Sign

c9:cf:95:8d:11:ac:4c:47:9c:42:9e:0b:46:01:b5:71
Certificate

Issuer

CN=Adobe,O=Adobe,C=US,1.2.840.113549.1.9.1=#0c0f61646d696e4061646f62652e636f6d

Not Before

17-01-2011 00:00

Not After

16-01-2012 23:59

Subject

CN=Adobe,O=Adobe,C=US,1.2.840.113549.1.9.1=#0c0f61646d696e4061646f62652e636f6d

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

47:8a:8e:fb:59:e1:d8:3f:0c:e1:42:d2:a2:87:07:be
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

10-05-2010 00:00

Not After

10-05-2015 23:59

Subject

CN=COMODO Time Stamping Signer,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ReleaseMutex
lstrcpyA
lstrlenA
GlobalReAlloc
GetCurrentThreadId
lstrcpynA
GlobalFree
LoadLibraryA
GetProcAddress
CreateWaitableTimerW
CancelWaitableTimer
GetTickCount
SetWaitableTimer
WaitForSingleObject
GetVersionExW
GetLastError
CloseHandle
TerminateThread
FindResourceW
SizeofResource
LockResource
LoadResource
FindResourceExW
WideCharToMultiByte
CreateEventW
CreateThread
GlobalAlloc
SetEvent
CreateMutexW
FlushFileBuffers
CreateFileA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
GetConsoleMode
GetConsoleCP
SetFilePointer
GetStringTypeW
GetStringTypeA
WriteFile
VirtualAlloc
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
VirtualFree
HeapCreate
GetEnvironmentStringsW
HeapDestroy
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
GetProcessHeap
RaiseException
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
GetVersionExA
InterlockedExchange
GetACP
GetLocaleInfoA
GetThreadLocale
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetCommandLineA
RtlUnwind
GetModuleHandleA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
Sleep
ExitProcess
GetCPInfo
GetOEMCP
LCMapStringA
MultiByteToWideChar
LCMapStringW
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW

user32

UnregisterClassA
PostMessageW

advapi32

RegCloseKey
RegCreateKeyExA
RegQueryValueExA

shlwapi

UrlUnescapeA

ws2_32

shutdown
WSARecvFrom
WSAGetLastError
WSASendTo
inet_addr
gethostbyname
WSAEnumNetworkEvents
WSAWaitForMultipleEvents
connect
getsockname
WSACloseEvent
closesocket
accept
listen
bind
htons
htonl
WSASetEvent
WSAEventSelect
WSACreateEvent
setsockopt
socket
WSAConnect
WSAStartup
getpeername

Sections

.text
Size: 76KB - Virtual size: 75KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e1af9456b1f9ae337ea80ec7a4ba86a1

Code Sign

c9:cf:95:8d:11:ac:4c:47:9c:42:9e:0b:46:01:b5:71Certificate

Extended Key Usages

Key Usages

47:8a:8e:fb:59:e1:d8:3f:0c:e1:42:d2:a2:87:07:beCertificate

Extended Key Usages

Key Usages

Signer

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shlwapi

ws2_32

Sections

.text Size: 76KB - Virtual size: 75KB

.rdata Size: 16KB - Virtual size: 14KB

.data Size: 8KB - Virtual size: 11KB

.reloc Size: 8KB - Virtual size: 7KB

c9:cf:95:8d:11:ac:4c:47:9c:42:9e:0b:46:01:b5:71
Certificate

47:8a:8e:fb:59:e1:d8:3f:0c:e1:42:d2:a2:87:07:be
Certificate

.text
Size: 76KB - Virtual size: 75KB

.rdata
Size: 16KB - Virtual size: 14KB

.data
Size: 8KB - Virtual size: 11KB

.reloc
Size: 8KB - Virtual size: 7KB