160bf0a93e022554094ee3146d80141f0cb3f62d0ffe905b71fe13ab5a125de0

Sharing

Copy URL

Twitter E-mail

General

Target

160bf0a93e022554094ee3146d80141f0cb3f62d0ffe905b71fe13ab5a125de0
Size

2.8MB
MD5

664e8539f71e0f019ec7d0b6f98098ca
SHA1

c87d7bede062b83d9c40df333bf5ae9aec3d3ceb
SHA256

160bf0a93e022554094ee3146d80141f0cb3f62d0ffe905b71fe13ab5a125de0
SHA512

5ccd5b2618b00348f94743ddbabd7233d98c8cf27996350211fea30406e6733a83dd42e9786c1ba286a4c39052bda10f5612b84945e324556c43ec4a32a8a26f
SSDEEP

49152:xn/kiF6y+BY8wYC1t7Z1v3KeFVBkWlvG9XG8KonHey5Hv422H4MxeTv:pkidyOYCvvxlKwoHX5Hv4dRUTv

Score

N/A

Malware Config

Signatures

Files

160bf0a93e022554094ee3146d80141f0cb3f62d0ffe905b71fe13ab5a125de0
.dll windows x86

17602242fbfc68e71a86c80e74206d12

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15-06-2007 00:00

Not After

14-06-2012 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04-12-2003 00:00

Not After

03-12-2013 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

63:76:af:bb:37:91:39:d7:b2:ad:d4:a3:18:f6:e2:0e
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Not Before

29-02-2008 00:00

Not After

16-03-2011 23:59

Subject

CN=SafeNet\, Inc.,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=Enterprise Security Division,O=SafeNet\, Inc.,L=Baltimore,ST=Maryland,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetSystemDirectoryA
GetVersion
GetModuleHandleA
lstrcmpiA
CloseHandle
CreateFileA
CreateFileW
DuplicateHandle
GetFileInformationByHandle
GetFileSize
LockFile
LockFileEx
OpenFile
ReadFile
ReadFileEx
SetEndOfFile
SetFilePointer
UnlockFile
UnlockFileEx
WriteFile
WriteFileEx
_hread
_hwrite
_lclose
_lcreat
_llseek
_lopen
_lread
_lwrite
FindFirstFileA
FindFirstFileW
FindNextFileA
FindNextFileW
LoadLibraryW
LoadLibraryExA
LoadLibraryExW
FreeLibrary
CreateFileMappingA
CreateFileMappingW
OpenFileMappingA
LoadLibraryA
MapViewOfFile
MapViewOfFileEx
UnmapViewOfFile
FlushViewOfFile
ExitProcess
GetModuleFileNameA
GlobalAlloc
GlobalFree
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
VirtualProtect
GetLastError
SetLastError
IsBadReadPtr
IsBadWritePtr
CreateEventA
WaitForSingleObject
SetEvent
GetOverlappedResult
VirtualAlloc
VirtualFree
WideCharToMultiByte
GetFileType
DeleteFileA
DeleteFileW
GetFullPathNameA
GetTickCount
GetCurrentProcessId
DeviceIoControl
GetTempPathA
GetWindowsDirectoryA
GetCommandLineA
GetCurrentProcess
GetCurrentThread
GetPriorityClass
SetPriorityClass
GetThreadPriority
SetThreadPriority
OpenFileMappingW
GetProcAddress

user32

wsprintfA

advapi32

RegOpenKeyExA

Exports

Exports

SFNTCounterDecrement
SFNTDecrypt
SFNTEncrypt
SFNTEnumServer
SFNTGetDeviceInfo
SFNTGetFeatureInfo
SFNTGetLicense
SFNTGetLicenseInfo
SFNTGetServerInfo
SFNTQueryFeature
SFNTReadInteger
SFNTReadRawData
SFNTReadString
SFNTReleaseLicense
SFNTSetConfigFile
SFNTSetContactServer
SFNTSetHeartbeat
SFNTSign
SFNTVerify
SFNTWriteInteger
SFNTWriteRawData
SFNTWriteString

Sections

0000001
Size: 208KB - Virtual size: 206KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

0000002
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

0000003
Size: 28KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

0000005
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

0000006
Size: 60KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

0000007
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

0000008
Size: 64KB - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

0000009
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

0000010
Size: 60KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

0000011
Size: 64KB - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

0000012
Size: 60KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

0000013
Size: 64KB - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

0000014
Size: 60KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

0000015
Size: 64KB - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

0000016
Size: 60KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

0000017
Size: 64KB - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

0000018
Size: 60KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

0000019
Size: 64KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

0000020
Size: 60KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

0000021
Size: 64KB - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

0000022
Size: 60KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

0000023
Size: 64KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

0000024
Size: 60KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

0000025
Size: 64KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

0000026
Size: 60KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

0000027
Size: 56KB - Virtual size: 53KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

0000028
Size: 60KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

0000029
Size: 64KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

0000030
Size: 60KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

0000031
Size: 64KB - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

0000032
Size: 60KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

0000033
Size: 56KB - Virtual size: 53KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

0000034
Size: 60KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

0000035
Size: 64KB - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

0000036
Size: 60KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

0000037
Size: 56KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

0000038
Size: 60KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

0000039
Size: 64KB - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

0000040
Size: 60KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

0000041
Size: 44KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

0000042
Size: 60KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

0000043
Size: 64KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

0000044
Size: 60KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

0000045
Size: 48KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

0000046
Size: 60KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

0000047
Size: 64KB - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

0000048
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

0000049
Size: 60KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

0000050
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

0000051
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

0000052
Size: 92KB - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

17602242fbfc68e71a86c80e74206d12

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5Certificate

Extended Key Usages

Key Usages

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4Certificate

Extended Key Usages

Key Usages

63:76:af:bb:37:91:39:d7:b2:ad:d4:a3:18:f6:e2:0eCertificate

Extended Key Usages

Key Usages

Signer

Headers

File Characteristics

Imports

kernel32

user32

advapi32

Exports

Exports

Sections

0000001 Size: 208KB - Virtual size: 206KB

0000002 Size: 8KB - Virtual size: 5KB

0000003 Size: 28KB - Virtual size: 32KB

.rsrc Size: 4KB - Virtual size: 1KB

0000005 Size: 12KB - Virtual size: 11KB

0000006 Size: 60KB - Virtual size: 64KB

0000007 Size: 4KB - Virtual size: 2KB

0000008 Size: 64KB - Virtual size: 62KB

0000009 Size: 8KB - Virtual size: 4KB

0000010 Size: 60KB - Virtual size: 64KB

0000011 Size: 64KB - Virtual size: 62KB

0000012 Size: 60KB - Virtual size: 64KB

0000013 Size: 64KB - Virtual size: 62KB

0000014 Size: 60KB - Virtual size: 64KB

0000015 Size: 64KB - Virtual size: 62KB

0000016 Size: 60KB - Virtual size: 64KB

0000017 Size: 64KB - Virtual size: 62KB

0000018 Size: 60KB - Virtual size: 64KB

0000019 Size: 64KB - Virtual size: 61KB

0000020 Size: 60KB - Virtual size: 64KB

0000021 Size: 64KB - Virtual size: 62KB

0000022 Size: 60KB - Virtual size: 64KB

0000023 Size: 64KB - Virtual size: 61KB

0000024 Size: 60KB - Virtual size: 64KB

0000025 Size: 64KB - Virtual size: 61KB

0000026 Size: 60KB - Virtual size: 64KB

0000027 Size: 56KB - Virtual size: 53KB

0000028 Size: 60KB - Virtual size: 64KB

0000029 Size: 64KB - Virtual size: 61KB

0000030 Size: 60KB - Virtual size: 64KB

0000031 Size: 64KB - Virtual size: 62KB

0000032 Size: 60KB - Virtual size: 64KB

0000033 Size: 56KB - Virtual size: 53KB

0000034 Size: 60KB - Virtual size: 64KB

0000035 Size: 64KB - Virtual size: 62KB

0000036 Size: 60KB - Virtual size: 64KB

0000037 Size: 56KB - Virtual size: 54KB

0000038 Size: 60KB - Virtual size: 64KB

0000039 Size: 64KB - Virtual size: 62KB

0000040 Size: 60KB - Virtual size: 64KB

0000041 Size: 44KB - Virtual size: 42KB

0000042 Size: 60KB - Virtual size: 64KB

0000043 Size: 64KB - Virtual size: 61KB

0000044 Size: 60KB - Virtual size: 64KB

0000045 Size: 48KB - Virtual size: 46KB

0000046 Size: 60KB - Virtual size: 64KB

0000047 Size: 64KB - Virtual size: 62KB

0000048 Size: 2KB - Virtual size: 2KB

0000049 Size: 60KB - Virtual size: 63KB

0000050 Size: 32KB - Virtual size: 31KB

0000051 Size: 2KB - Virtual size: 2KB

0000052 Size: 92KB - Virtual size: 92KB

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

63:76:af:bb:37:91:39:d7:b2:ad:d4:a3:18:f6:e2:0e
Certificate

0000001
Size: 208KB - Virtual size: 206KB

0000002
Size: 8KB - Virtual size: 5KB

0000003
Size: 28KB - Virtual size: 32KB

.rsrc
Size: 4KB - Virtual size: 1KB

0000005
Size: 12KB - Virtual size: 11KB

0000006
Size: 60KB - Virtual size: 64KB

0000007
Size: 4KB - Virtual size: 2KB

0000008
Size: 64KB - Virtual size: 62KB

0000009
Size: 8KB - Virtual size: 4KB

0000010
Size: 60KB - Virtual size: 64KB

0000011
Size: 64KB - Virtual size: 62KB

0000012
Size: 60KB - Virtual size: 64KB

0000013
Size: 64KB - Virtual size: 62KB

0000014
Size: 60KB - Virtual size: 64KB

0000015
Size: 64KB - Virtual size: 62KB

0000016
Size: 60KB - Virtual size: 64KB

0000017
Size: 64KB - Virtual size: 62KB

0000018
Size: 60KB - Virtual size: 64KB

0000019
Size: 64KB - Virtual size: 61KB

0000020
Size: 60KB - Virtual size: 64KB

0000021
Size: 64KB - Virtual size: 62KB

0000022
Size: 60KB - Virtual size: 64KB

0000023
Size: 64KB - Virtual size: 61KB

0000024
Size: 60KB - Virtual size: 64KB

0000025
Size: 64KB - Virtual size: 61KB

0000026
Size: 60KB - Virtual size: 64KB

0000027
Size: 56KB - Virtual size: 53KB

0000028
Size: 60KB - Virtual size: 64KB

0000029
Size: 64KB - Virtual size: 61KB

0000030
Size: 60KB - Virtual size: 64KB

0000031
Size: 64KB - Virtual size: 62KB

0000032
Size: 60KB - Virtual size: 64KB

0000033
Size: 56KB - Virtual size: 53KB

0000034
Size: 60KB - Virtual size: 64KB

0000035
Size: 64KB - Virtual size: 62KB

0000036
Size: 60KB - Virtual size: 64KB

0000037
Size: 56KB - Virtual size: 54KB

0000038
Size: 60KB - Virtual size: 64KB

0000039
Size: 64KB - Virtual size: 62KB

0000040
Size: 60KB - Virtual size: 64KB

0000041
Size: 44KB - Virtual size: 42KB

0000042
Size: 60KB - Virtual size: 64KB

0000043
Size: 64KB - Virtual size: 61KB

0000044
Size: 60KB - Virtual size: 64KB

0000045
Size: 48KB - Virtual size: 46KB

0000046
Size: 60KB - Virtual size: 64KB

0000047
Size: 64KB - Virtual size: 62KB

0000048
Size: 2KB - Virtual size: 2KB

0000049
Size: 60KB - Virtual size: 63KB

0000050
Size: 32KB - Virtual size: 31KB

0000051
Size: 2KB - Virtual size: 2KB

0000052
Size: 92KB - Virtual size: 92KB