89d73afdd2133a0c365bcc1f24bb666a19723442b1abbd91fca0d8ee2b5f7b0a

Sharing

Copy URL

Twitter E-mail

General

Target

89d73afdd2133a0c365bcc1f24bb666a19723442b1abbd91fca0d8ee2b5f7b0a
Size

213KB
MD5

1ff99fc7fb648e3222a0d13c4dcdaf35
SHA1

8beddc11f35c3853f7f0ea314b37416b8b3d79dd
SHA256

89d73afdd2133a0c365bcc1f24bb666a19723442b1abbd91fca0d8ee2b5f7b0a
SHA512

7bc36d522dd46835807c77e5892b64cd13cebfa24604be7bbfca2f2570dbe943af5ecba749cf71fe237c0eebc8bcdab805a9bc49a60af823f1a53245fcadbfea
SSDEEP

3072:VM21iuIUW3PO2o39lPY3gew3Ate26mXjePeVUZGK3UbrrVt9akigGOMNrkZ:h1LIUWWh39lpeWce7P1Z7EHr1akIHkZ

Score

N/A

Malware Config

Signatures

Files

89d73afdd2133a0c365bcc1f24bb666a19723442b1abbd91fca0d8ee2b5f7b0a
.dll regsvr32 windows x86

8088c52fa8fad87b74321a5cc78231bf

Code Sign

f0:7d:24:bc:f2:34:fe:48:9d:b5:fe:1e:9c:7a:cd:db
Certificate

Issuer

CN=Adobe Systems\, Incorporated,OU=Adobe Systems,O=Adobe Systems,L=Berlin,ST=Berlin,C=DE,1.2.840.113549.1.9.1=#0c10737570706f72744061646f62652e6465

Not Before

12-04-2012 00:00

Not After

11-04-2013 23:59

Subject

CN=Adobe Systems\, Incorporated,OU=Adobe Systems,O=Adobe Systems,L=Berlin,ST=Berlin,C=DE,1.2.840.113549.1.9.1=#0c10737570706f72744061646f62652e6465

Extended Key Usages

ExtKeyUsageCodeSigning

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SizeofResource
LockResource
LoadResource
FindResourceExW
LoadLibraryW
GetProcAddress
DeleteCriticalSection
RaiseException
MultiByteToWideChar
EnterCriticalSection
InitializeCriticalSection
LeaveCriticalSection
InterlockedIncrement
InterlockedDecrement
FreeLibrary
lstrcmpiW
LoadLibraryExW
GetModuleHandleW
CreateFileW
DeleteFileA
FlushFileBuffers
GetCurrentProcessId
GetFileAttributesW
GetLastError
VirtualQuery
lstrlenA
lstrcpyA
CloseHandle
GetTempPathA
GetTempFileNameW
WideCharToMultiByte
CreateMutexW
GetCurrentProcess
GetModuleFileNameW
OpenProcess
Sleep
lstrcmpW
GlobalUnlock
OpenMutexW
InterlockedExchangeAdd
DuplicateHandle
ReadFile
SetFilePointer
GetStringTypeW
GetStringTypeA
LoadLibraryA
GetTickCount
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetTimeZoneInformation
GetDateFormatA
GetTimeFormatA
WriteConsoleW
WriteFile
CreateFileA
lstrcatA
lstrcpynA
GetModuleHandleA
GetModuleFileNameA
FindResourceW
lstrlenW
GlobalLock
GetVersionExW
GetConsoleOutputCP
WriteConsoleA
SetEnvironmentVariableA
CompareStringW
SetStdHandle
CompareStringA
GetStartupInfoA
SetHandleCount
GetFileType
LCMapStringW
LCMapStringA
GetOEMCP
GetCPInfo
GetStdHandle
HeapCreate
VirtualAlloc
VirtualFree
ExitProcess
SetLastError
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
RtlUnwind
GetCommandLineA
GetCurrentThreadId
GetSystemTimeAsFileTime
GetConsoleMode
HeapDestroy
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
GetProcessHeap
GetVersionExA
InterlockedExchange
GetACP
GetLocaleInfoA
GetThreadLocale
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetConsoleCP

user32

RegisterWindowMessageW
GetTopWindow
GetKeyboardLayout
GetWindowLongW
FindWindowExW
UnhookWindowsHookEx
SendMessageW
CallWindowProcW
GetWindow
KillTimer
SetTimer
SetWindowLongW
GetParent
GetClassNameW
CharNextW
UnregisterClassA

advapi32

RegDeleteValueW
RegOpenKeyExW
RegEnumKeyExW
RegQueryInfoKeyW
RegDeleteKeyW
RegCloseKey
RegSetValueExW
RegCreateKeyExW
RegQueryValueExW

shell32

SHGetSpecialFolderPathW

ole32

CoTaskMemAlloc
CoTaskMemFree
CoCreateInstance
CoTaskMemRealloc

oleaut32

SysAllocString
VariantChangeType
SysReAllocStringLen
SafeArrayUnlock
SafeArrayLock
SafeArrayDestroy
DispCallFunc
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayGetVartype
LoadTypeLi
LoadRegTypeLi
SysStringLen
VarBstrCat
VarBstrCmp
SysAllocStringByteLen
SysStringByteLen
SysAllocStringLen
VariantCopy
VariantClear
VariantInit
SysFreeString
VarUI4FromStr

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 140KB - Virtual size: 139KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 32KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8088c52fa8fad87b74321a5cc78231bf

Code Sign

f0:7d:24:bc:f2:34:fe:48:9d:b5:fe:1e:9c:7a:cd:dbCertificate

Extended Key Usages

Signer

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

ole32

oleaut32

Exports

Exports

Sections

.text Size: 140KB - Virtual size: 139KB

.rdata Size: 32KB - Virtual size: 29KB

.data Size: 8KB - Virtual size: 14KB

.rsrc Size: 12KB - Virtual size: 9KB

.reloc Size: 16KB - Virtual size: 12KB

f0:7d:24:bc:f2:34:fe:48:9d:b5:fe:1e:9c:7a:cd:db
Certificate

.text
Size: 140KB - Virtual size: 139KB

.rdata
Size: 32KB - Virtual size: 29KB

.data
Size: 8KB - Virtual size: 14KB

.rsrc
Size: 12KB - Virtual size: 9KB

.reloc
Size: 16KB - Virtual size: 12KB