e95b3e789085b144529d0733ee93e36ef073cd60cec05df354567579d188bcb8

Sharing

Copy URL

Twitter E-mail

General

Target

e95b3e789085b144529d0733ee93e36ef073cd60cec05df354567579d188bcb8
Size

46KB
MD5

220d7896b00f9809da7eeb16e9f6e590
SHA1

62fdab596bc2dc02d85378c13eaac729745ad83e
SHA256

e95b3e789085b144529d0733ee93e36ef073cd60cec05df354567579d188bcb8
SHA512

3ae7261ffc94ff0398c8ebe0fc7d6b6a6b8c285ceca8eaefc3ad96f8d2411a765ed96fd9c3f845f4a0fede818cc909dc3f46bba54024677646f4066b19c75041
SSDEEP

768:0G69BiGGhG4wXJaSo7tGbyI0PFh9clLlT9KDjl8gMiCKYIo:V69BayoDtSyHPFh9c3hK3WlIo

Score

N/A

Malware Config

Signatures

Files

e95b3e789085b144529d0733ee93e36ef073cd60cec05df354567579d188bcb8
.exe windows x86

193160e958478a0ff08958ffeb22dd83

Code Sign

04:7a:55
Certificate

Issuer

CN=Certum CA,O=Unizeto Sp. z o.o.,C=PL

Not Before

03-03-2009 12:58

Not After

03-03-2024 12:58

Subject

CN=Certum Time-Stamping Authority,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Extended Key Usages

ExtKeyUsageTimeStamping

04:7a:53
Certificate

Issuer

CN=Certum CA,O=Unizeto Sp. z o.o.,C=PL

Not Before

03-03-2009 12:53

Not After

03-03-2024 12:53

Subject

CN=Certum Level III CA,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

04:af:26
Certificate

Issuer

CN=Certum Level III CA,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Not Before

04-09-2009 08:28

Not After

05-09-2010 08:28

Subject

CN=Jernej Simoncic,OU=-,O=Open-source development,C=SI,1.2.840.113549.1.9.1=#0c0d6a65726e656a40656e612e7369

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

cb:44:3f:37:67:63:79:09:67:73:e4:d9:2c:a1:a3:44:46:94:65:49
Signer

Actual PE Digest

cb:44:3f:37:67:63:79:09:67:73:e4:d9:2c:a1:a3:44:46:94:65:49

Digest Algorithm

sha1

PE Digest Matches

false

Signature Validations

Trusted

false

Verification

Signing Certificate

CN=Jernej Simoncic,OU=-,O=Open-source development,C=SI,1.2.840.113549.1.9.1=#0c0d6a65726e656a40656e612e7369

08-07-2010 08:55
Valid: false

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

libgimpui-2.0-0

gimp_ui_init
gimp_window_set_transient

kernel32

DeleteCriticalSection
EnterCriticalSection
ExitProcess
FreeLibrary
GetLastError
GetModuleHandleA
GetProcAddress
InitializeCriticalSection
LeaveCriticalSection
LoadLibraryA
SetUnhandledExceptionFilter
TlsGetValue
VirtualProtect
VirtualQuery

msvcrt

_hypot
__getmainargs
__p___argc
__p___argv
__p__environ
__p__fmode
__set_app_type
_cexit
_iob
_onexit
_setmode
_winmajor
abort
atexit
calloc
free
fwrite
memcpy
memset
pow
signal
vfprintf

libgimp-2.0-0

gimp_displays_flush
gimp_drawable_fill
gimp_drawable_flush
gimp_drawable_get
gimp_drawable_mask_bounds
gimp_drawable_merge_shadow
gimp_drawable_update
gimp_image_add_layer
gimp_install_procedure
gimp_layer_new
gimp_main
gimp_pixel_rgn_get_rect
gimp_pixel_rgn_init
gimp_pixel_rgn_set_rect
gimp_plugin_menu_register
gimp_procedural_db_get_data
gimp_procedural_db_set_data
gimp_progress_init
gimp_progress_update

libgimpbase-2.0-0

gimp_locale_directory

libgimpwidgets-2.0-0

gimp_dialog_get_type
gimp_dialog_new
gimp_dialog_run
gimp_int_radio_group_new
gimp_radio_button_update
gimp_standard_help_func
gimp_toggle_button_update

libglib-2.0-0

g_free
g_malloc_n
g_snprintf

libgobject-2.0-0

g_signal_connect_data
g_type_check_instance_cast

libgtk-win32-2.0-0

gtk_box_get_type
gtk_box_pack_start
gtk_check_button_new_with_mnemonic
gtk_container_get_type
gtk_container_set_border_width
gtk_dialog_get_type
gtk_dialog_set_alternative_button_order
gtk_hbox_new
gtk_toggle_button_get_type
gtk_toggle_button_set_active
gtk_vbox_new
gtk_widget_destroy
gtk_widget_show
gtk_window_get_type

intl

libintl_bind_textdomain_codeset
libintl_bindtextdomain
libintl_gettext
libintl_textdomain

Sections

.text
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 208B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 9KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.dspack
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

193160e958478a0ff08958ffeb22dd83

Code Sign

04:7a:55Certificate

Extended Key Usages

04:7a:53Certificate

Key Usages

04:af:26Certificate

Extended Key Usages

Key Usages

cb:44:3f:37:67:63:79:09:67:73:e4:d9:2c:a1:a3:44:46:94:65:49Signer

Signature Validations

Verification

08-07-2010 08:55 Valid: false

Headers

File Characteristics

Imports

libgimpui-2.0-0

kernel32

msvcrt

libgimp-2.0-0

libgimpbase-2.0-0

libgimpwidgets-2.0-0

libglib-2.0-0

libgobject-2.0-0

libgtk-win32-2.0-0

intl

Sections

.text Size: 9KB - Virtual size: 9KB

.data Size: 512B - Virtual size: 208B

.rdata Size: 1KB - Virtual size: 1KB

.bss Size: - Virtual size: 9KB

.idata Size: 3KB - Virtual size: 3KB

.CRT Size: 512B - Virtual size: 24B

.tls Size: 512B - Virtual size: 32B

.dspack Size: 8KB - Virtual size: 8KB

04:7a:55
Certificate

04:7a:53
Certificate

04:af:26
Certificate

cb:44:3f:37:67:63:79:09:67:73:e4:d9:2c:a1:a3:44:46:94:65:49
Signer

08-07-2010 08:55
Valid: false

.text
Size: 9KB - Virtual size: 9KB

.data
Size: 512B - Virtual size: 208B

.rdata
Size: 1KB - Virtual size: 1KB

.bss
Size: - Virtual size: 9KB

.idata
Size: 3KB - Virtual size: 3KB

.CRT
Size: 512B - Virtual size: 24B

.tls
Size: 512B - Virtual size: 32B

.dspack
Size: 8KB - Virtual size: 8KB