19b6b9a59f8d7868e1352cb73ec1848bb0790f2e4b922d032f50271030b7d37a

Sharing

Copy URL Twitter E-mail

General

Target

19b6b9a59f8d7868e1352cb73ec1848bb0790f2e4b922d032f50271030b7d37a
Size

52KB
MD5

ecb622c1360f9bf6e3053d334c867649
SHA1

020dae3cfb99dd4f66ec3cd26dafee60d9f5c522
SHA256

19b6b9a59f8d7868e1352cb73ec1848bb0790f2e4b922d032f50271030b7d37a
SHA512

974910abb727b1bec116796f7ca51d95357eebca90ab5a9b189d3e6e75fc87689ef0bbb12ef6d26c15a6ff2e16ea76dcbcd2bf2ffb070495a68f9f13d5b0256c
SSDEEP

768:Qex2ujiwHtSA2zpxoxkLOhhirZvMvNvFo6A/n2auqbjf8:QeMuGstS+2Oh01MKP2ijf8

Score

N/A

Malware Config

Signatures

Files

19b6b9a59f8d7868e1352cb73ec1848bb0790f2e4b922d032f50271030b7d37a
.exe windows x86

fb039e5e65172a182d459c5afa49f3fd

Code Sign

41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

16/07/2004, 00:00

Not After

15/07/2014, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

73:7e:5b:e4:2a:5d:46:2e:3e:c1:1d:6c:a4:14:4c:42
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Not Before

11/08/2006, 00:00

Not After

21/09/2009, 23:59

Subject

CN=Autodesk\, Inc,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=Design Solutions Group,O=Autodesk\, Inc,L=San Rafael,ST=California,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

setupui

?Run@@YAKPB_W0@Z

kernel32

InitializeCriticalSection
GetLastError
EnterCriticalSection
GetModuleFileNameW
GetCurrentThreadId
lstrcmpiW
InterlockedIncrement
InterlockedDecrement
DeleteCriticalSection
MultiByteToWideChar
GetSystemTimeAsFileTime
LoadLibraryExW
GetTickCount
QueryPerformanceCounter
IsDebuggerPresent
GetModuleHandleW
FindResourceW
RaiseException
LoadResource
SizeofResource
FreeLibrary
lstrlenW
LeaveCriticalSection
GetVersionExA
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetStartupInfoW
InterlockedCompareExchange
Sleep
GetThreadLocale
InterlockedExchange
GetACP
GetCurrentProcessId
GetLocaleInfoA

user32

DestroyWindow
DefWindowProcW
CharNextW
MessageBoxW
UnregisterClassA

advapi32

RegDeleteKeyW
RegEnumKeyExW
RegQueryInfoKeyW
RegCloseKey
RegOpenKeyExW
RegDeleteValueW
RegSetValueExW
RegCreateKeyExW

ole32

CoTaskMemFree
CoTaskMemRealloc
CoTaskMemAlloc
CoCreateInstance
CoUninitialize
CoInitialize

oleaut32

VarUI4FromStr

comctl32

InitCommonControlsEx

msvcr80

??3@YAXPAX@Z
free
memcpy_s
??_V@YAXPAX@Z
??2@YAPAXI@Z
_CxxThrowException
_recalloc
malloc
memset
_unlock
__dllonexit
_encode_pointer
_lock
_onexit
_decode_pointer
?terminate@@YAXXZ
_amsg_exit
__wgetmainargs
_cexit
_exit
_XcptFilter
exit
_wcmdln
_initterm
_initterm_e
_configthreadlocale
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler4_common
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_crt_debugger_hook
_invoke_watson
_controlfp_s
__CxxFrameHandler3
wcsncpy_s

Sections

.text
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 27KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fb039e5e65172a182d459c5afa49f3fd

Code Sign

41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2Certificate

Extended Key Usages

Key Usages

73:7e:5b:e4:2a:5d:46:2e:3e:c1:1d:6c:a4:14:4c:42Certificate

Extended Key Usages

Key Usages

Signer

Headers

File Characteristics

Imports

setupui

kernel32

user32

advapi32

ole32

oleaut32

comctl32

msvcr80

Sections

.text Size: 14KB - Virtual size: 14KB

.rdata Size: 6KB - Virtual size: 5KB

.data Size: 512B - Virtual size: 1KB

.rsrc Size: 27KB - Virtual size: 26KB

41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2
Certificate

73:7e:5b:e4:2a:5d:46:2e:3e:c1:1d:6c:a4:14:4c:42
Certificate

.text
Size: 14KB - Virtual size: 14KB

.rdata
Size: 6KB - Virtual size: 5KB

.data
Size: 512B - Virtual size: 1KB

.rsrc
Size: 27KB - Virtual size: 26KB