24b0748dfc258ed0625203bd4f54f4b5e34c1fffb0d59750a1aae0d1e6a20cce

Sharing

Copy URL Twitter E-mail

General

Target

24b0748dfc258ed0625203bd4f54f4b5e34c1fffb0d59750a1aae0d1e6a20cce
Size

2.8MB
MD5

7896756ff174b483b74f798383db3a72
SHA1

b03fc2643411d25b12c50a09320b8e685474a0b4
SHA256

24b0748dfc258ed0625203bd4f54f4b5e34c1fffb0d59750a1aae0d1e6a20cce
SHA512

e2c96e0e072b7083604d50055cb9f45cbeb95e1dac70d5fa0fbb913a9e19fb820236296aad77be46d2f6ddf89164aee8b1781ec9b9efe305a9b1bf81356aeb19
SSDEEP

49152:V+AzW4YxcPBbSIKHL0grR7VLlRkTxYLHkdPPkkqeLLTAuZKJX9rBP1j2uB7+A7QB:V+AazBHLdcxYTuZKJX9rBP1jv+A4O6

Score

N/A

Malware Config

Signatures

Files

24b0748dfc258ed0625203bd4f54f4b5e34c1fffb0d59750a1aae0d1e6a20cce
.exe windows x86

50b738c1522b5eb0df0b46b634c2a113

Code Sign

42:ce:8a:30:d3:56:02:f8:41:18:6c:6e:20:53:19:04
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

25/04/2007, 00:00

Not After

09/07/2019, 18:40

Subject

CN=WoSign Code Signing Authority,O=WoSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning
ExtKeyUsageClientAuth

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

44:be:0c:8b:50:00:24:b4:11:d3:36:2d:e0:b3:5f:1b
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

09/07/1999, 18:31

Not After

09/07/2019, 18:40

Subject

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment
KeyUsageCertSign
KeyUsageCRLSign

43:73:c5:9c:4f:32:a9:e5:b5:d3:de:f1:26:9a:12:0d
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

30/04/2007, 00:00

Not After

29/04/2012, 23:59

Subject

CN=WoSign Time Stamping Signer,O=WoSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

5d:aa:31:46:03:3e:c5:f2:75:6e:78:bc:0e:dc:93:fa
Certificate

Issuer

CN=WoSign Code Signing Authority,O=WoSign\, Inc.,C=US

Not Before

31/05/2011, 00:00

Not After

30/05/2012, 23:59

Subject

CN=上海激锋通信技术有限公司,OU=WoSign Class 3 Code Signing,O=上海激锋通信技术有限公司,L=浦东新区,ST=上海市,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning

Key Usages

KeyUsageDigitalSignature

04:10:26:72:60:59:97:41:e2:7c:03:0e:9e:a1:40:36:2c:bb:ad:1a
Signer

Actual PE Digest

04:10:26:72:60:59:97:41:e2:7c:03:0e:9e:a1:40:36:2c:bb:ad:1a

Digest Algorithm

sha1

PE Digest Matches

true

Signature Validations

Trusted

false

Verification

Signing Certificate

CN=上海激锋通信技术有限公司,OU=WoSign Class 3 Code Signing,O=上海激锋通信技术有限公司,L=浦东新区,ST=上海市,C=CN

26/07/2011, 02:14
Valid: false

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
SetFilePointer
WriteFile
InterlockedExchange
GetACP
GetLocaleInfoA
GetThreadLocale
GetVersionExA
RaiseException
InitializeCriticalSection
DeleteCriticalSection
MultiByteToWideChar
lstrlenA
GetCurrentProcess
GetProcAddress
GetModuleHandleA
TerminateProcess
CreateProcessA
GetFileAttributesA
VirtualAlloc
VirtualProtect
VirtualFree
CreateFileA
IsBadReadPtr
HeapFree
GetProcessHeap
FreeLibrary
HeapAlloc
DeleteFileA
SizeofResource
LockResource
LoadResource
FindResourceA
GetModuleFileNameA
LCMapStringW
LCMapStringA
GetSystemInfo
FlushFileBuffers
SetStdHandle
IsBadCodePtr
GetFileType
GetFileSize
GetLastError
LoadLibraryA
SetHandleCount
GetEnvironmentStringsW
WideCharToMultiByte
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetStdHandle
GetCPInfo
ExitProcess
RtlUnwind
HeapReAlloc
GetStartupInfoA
GetCommandLineA
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
SetUnhandledExceptionFilter
VirtualQuery
HeapDestroy
HeapCreate
IsBadWritePtr
HeapSize
GetStringTypeA
GetStringTypeW
GetOEMCP

user32

MessageBoxA

ole32

CoCreateInstance
CoUninitialize
CoInitializeEx

oleaut32

SysAllocString
SysFreeString

Sections

.text
Size: 36KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2.8MB - Virtual size: 2.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

50b738c1522b5eb0df0b46b634c2a113

Code Sign

42:ce:8a:30:d3:56:02:f8:41:18:6c:6e:20:53:19:04Certificate

Extended Key Usages

Key Usages

44:be:0c:8b:50:00:24:b4:11:d3:36:2d:e0:b3:5f:1bCertificate

Extended Key Usages

Key Usages

43:73:c5:9c:4f:32:a9:e5:b5:d3:de:f1:26:9a:12:0dCertificate

Extended Key Usages

Key Usages

5d:aa:31:46:03:3e:c5:f2:75:6e:78:bc:0e:dc:93:faCertificate

Extended Key Usages

Key Usages

04:10:26:72:60:59:97:41:e2:7c:03:0e:9e:a1:40:36:2c:bb:ad:1aSigner

Signature Validations

Verification

26/07/2011, 02:14 Valid: false

Headers

File Characteristics

Imports

kernel32

user32

ole32

oleaut32

Sections

.text Size: 36KB - Virtual size: 32KB

.rdata Size: 8KB - Virtual size: 7KB

.data Size: 4KB - Virtual size: 7KB

.rsrc Size: 2.8MB - Virtual size: 2.8MB

42:ce:8a:30:d3:56:02:f8:41:18:6c:6e:20:53:19:04
Certificate

44:be:0c:8b:50:00:24:b4:11:d3:36:2d:e0:b3:5f:1b
Certificate

43:73:c5:9c:4f:32:a9:e5:b5:d3:de:f1:26:9a:12:0d
Certificate

5d:aa:31:46:03:3e:c5:f2:75:6e:78:bc:0e:dc:93:fa
Certificate

04:10:26:72:60:59:97:41:e2:7c:03:0e:9e:a1:40:36:2c:bb:ad:1a
Signer

26/07/2011, 02:14
Valid: false

.text
Size: 36KB - Virtual size: 32KB

.rdata
Size: 8KB - Virtual size: 7KB

.data
Size: 4KB - Virtual size: 7KB

.rsrc
Size: 2.8MB - Virtual size: 2.8MB