ad4cd9c4b8b3e0a9209ef150329329bf114fa9ba86d47a86b32986c3e4357b1a

Sharing

Copy URL Twitter E-mail

General

Target

ad4cd9c4b8b3e0a9209ef150329329bf114fa9ba86d47a86b32986c3e4357b1a
Size

581KB
MD5

1b2a3fab4f15fdb234f4c39a6aab2b90
SHA1

1c143d05f057a1c7d622841c1394acf80ed0ff9c
SHA256

ad4cd9c4b8b3e0a9209ef150329329bf114fa9ba86d47a86b32986c3e4357b1a
SHA512

16aba697001e15ea5dd9d73c55eb6f7bc73ba3e7e64f37044cf9db2ff6b16574a04598b73a7ddd2a76e85304e744d1a449a81ec5580646dead1e23d4b9c9316f
SSDEEP

6144:cFxlr1QYUSAnyCAP6ATuhn878RxQKPneiq:EiHSLCAP63nlxQ0Lq

Score

N/A

Malware Config

Signatures

Files

ad4cd9c4b8b3e0a9209ef150329329bf114fa9ba86d47a86b32986c3e4357b1a
.exe windows x86

a29b6996e9e9992ecae33ba09e2ec8da

Code Sign

01
Certificate

Issuer

CN=Thawte Premium Server CA,OU=Certification Services Division,O=Thawte Consulting cc,L=Cape Town,ST=Western Cape,C=ZA,1.2.840.113549.1.9.1=#0c197072656d69756d2d736572766572407468617774652e636f6d

Not Before

01/08/1996, 00:00

Not After

31/12/2020, 23:59

Subject

CN=Thawte Premium Server CA,OU=Certification Services Division,O=Thawte Consulting cc,L=Cape Town,ST=Western Cape,C=ZA,1.2.840.113549.1.9.1=#0c197072656d69756d2d736572766572407468617774652e636f6d

0a
Certificate

Issuer

CN=Thawte Premium Server CA,OU=Certification Services Division,O=Thawte Consulting cc,L=Cape Town,ST=Western Cape,C=ZA,1.2.840.113549.1.9.1=#0c197072656d69756d2d736572766572407468617774652e636f6d

Not Before

06/08/2003, 00:00

Not After

05/08/2013, 23:59

Subject

CN=Thawte Code Signing CA,O=Thawte Consulting (Pty) Ltd.,C=ZA

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

23:c0:ef:6b:ed:03:1e:e3:34:c6:09:ae:d6:dd:60:82
Certificate

Issuer

CN=Thawte Code Signing CA,O=Thawte Consulting (Pty) Ltd.,C=ZA

Not Before

11/02/2009, 00:00

Not After

11/02/2011, 23:59

Subject

CN=FAVORIT NETWORK S.L.,OU=Secure Application Development,O=FAVORIT NETWORK S.L.,L=BARCELONA,ST=BARCELONA,C=ES

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

ModifyMenuA
SetWindowTextA
LookupIconIdFromDirectory
WindowFromPoint

kernel32

GetFileAttributesA
GetLogicalDriveStringsA
FileTimeToLocalFileTime
DeleteCriticalSection
_lread
ExitProcess
TlsGetValue
GlobalReAlloc
CreateMutexW
DebugBreak
GetProcessHeap
FreeLibrary
GetCompressedFileSizeW
SetSystemTime
SetEnvironmentVariableA
GenerateConsoleCtrlEvent
EnumSystemCodePagesA
CancelIo
FreeEnvironmentStringsA
GetConsoleCursorInfo
SearchPathW
OutputDebugStringA
GetCurrentDirectoryW
GlobalAddAtomW
ReleaseSemaphore
CreateWaitableTimerA
SystemTimeToFileTime
CreateIoCompletionPort
GetTapeParameters
GetSystemDirectoryW
GetHandleInformation
GetProfileStringA
GetCommandLineW
VirtualAlloc
GetLongPathNameA
OpenFile
FreeResource
SetNamedPipeHandleState
SetEnvironmentVariableW
IsProcessorFeaturePresent
GetNumberFormatW

Sections

.text
Size: 312KB - Virtual size: 312KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 240KB - Virtual size: 240KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a29b6996e9e9992ecae33ba09e2ec8da

Code Sign

01Certificate

0aCertificate

Extended Key Usages

Key Usages

23:c0:ef:6b:ed:03:1e:e3:34:c6:09:ae:d6:dd:60:82Certificate

Extended Key Usages

Signer

Headers

File Characteristics

Imports

user32

kernel32

Sections

.text Size: 312KB - Virtual size: 312KB

.rdata Size: 1KB - Virtual size: 1KB

.data Size: 240KB - Virtual size: 240KB

.rsrc Size: 22KB - Virtual size: 21KB

01
Certificate

0a
Certificate

23:c0:ef:6b:ed:03:1e:e3:34:c6:09:ae:d6:dd:60:82
Certificate

.text
Size: 312KB - Virtual size: 312KB

.rdata
Size: 1KB - Virtual size: 1KB

.data
Size: 240KB - Virtual size: 240KB

.rsrc
Size: 22KB - Virtual size: 21KB