9c9dc14e02e7d2dbe1c76a1e32386b5d66d0689ac087df7c21cabf99abf6a0e1

Sharing

Copy URL Twitter E-mail

General

Target

9c9dc14e02e7d2dbe1c76a1e32386b5d66d0689ac087df7c21cabf99abf6a0e1
Size

429KB
MD5

add3a3875ab639e58b2b8f0edd45b7ef
SHA1

e088519a9507f57ef227b19181bdcfabe6f60c16
SHA256

9c9dc14e02e7d2dbe1c76a1e32386b5d66d0689ac087df7c21cabf99abf6a0e1
SHA512

bb27a53b086ce365a65481f5d39843fa30dcde97fe7f2186dacfa9055e65c97abbb228ac2b2e572c2981df907e6131404a8e45d7525a58df4c924364a064ccf4
SSDEEP

12288:5jNqHgNhJAtaOVFHg3K2ehKN2b4RIRJXFg6xh:5JoaOVFHga23oxh

Score

N/A

Malware Config

Signatures

Files

9c9dc14e02e7d2dbe1c76a1e32386b5d66d0689ac087df7c21cabf99abf6a0e1
.exe windows x86

ec8b0e39eb9fe0b0b3b85befef40fe12

Code Sign

32:36:df:b8:bc:a7:e0:6d:b8:c6:d1:63:d0:fc:9a:a6
Certificate

Issuer

CN=goqegoxsszn

Not Before

26/01/2012, 20:08

Not After

31/12/2039, 23:59

Subject

CN=Jervop

ba:f9:92:d3:9d:bb:6f:70:cc:6e:50:9c:0f:b8:c2:38:e2:8e:f9:74
Signer

Actual PE Digest

ba:f9:92:d3:9d:bb:6f:70:cc:6e:50:9c:0f:b8:c2:38:e2:8e:f9:74

Digest Algorithm

sha1

PE Digest Matches

true

Signature Validations

Trusted

false

Verification

Signing Certificate

NO CERTIFICATE

01/01/0001, 00:00
Valid: false

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

StgIsStorageFile
StgCreatePropSetStg
OleTranslateAccelerator
StgCreateDocfile
ReadClassStg
CreateBindCtx
CoTaskMemFree
ReadClassStm
CoSuspendClassObjects
CoGetMalloc
ReleaseStgMedium
StgOpenStorageEx
WriteFmtUserTypeStg
StgCreateStorageEx

kernel32

TlsSetValue
GetStringTypeA
LCMapStringW
MultiByteToWideChar
LoadLibraryA
HeapReAlloc
VirtualAlloc
GetOEMCP
GetACP
GetCPInfo
EnterCriticalSection
InitializeCriticalSection
HeapAlloc
LeaveCriticalSection
PulseEvent
GetThreadLocale
GlobalAlloc
LCMapStringA
LocalFlags
SetEvent
CompareStringA
LocalLock
CreateSemaphoreA
GlobalLock
FoldStringA
VirtualQueryEx
GetStartupInfoA
GetModuleHandleA
GetProcAddress
GetLastError
DeleteFileW
MoveFileW
GetCommandLineA
GetVersion
ExitProcess
GetCurrentThreadId
GetStringTypeW
TlsAlloc
SetLastError
TlsGetValue
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
HeapDestroy
HeapCreate
VirtualFree
HeapFree
RtlUnwind
WriteFile

Sections

.text
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 403KB - Virtual size: 402KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ec8b0e39eb9fe0b0b3b85befef40fe12

Code Sign

32:36:df:b8:bc:a7:e0:6d:b8:c6:d1:63:d0:fc:9a:a6Certificate

ba:f9:92:d3:9d:bb:6f:70:cc:6e:50:9c:0f:b8:c2:38:e2:8e:f9:74Signer

Signature Validations

Verification

01/01/0001, 00:00 Valid: false

Headers

File Characteristics

Imports

ole32

kernel32

Sections

.text Size: 16KB - Virtual size: 16KB

.rdata Size: 403KB - Virtual size: 402KB

.data Size: 2KB - Virtual size: 84KB

.rsrc Size: 5KB - Virtual size: 5KB

32:36:df:b8:bc:a7:e0:6d:b8:c6:d1:63:d0:fc:9a:a6
Certificate

ba:f9:92:d3:9d:bb:6f:70:cc:6e:50:9c:0f:b8:c2:38:e2:8e:f9:74
Signer

01/01/0001, 00:00
Valid: false

.text
Size: 16KB - Virtual size: 16KB

.rdata
Size: 403KB - Virtual size: 402KB

.data
Size: 2KB - Virtual size: 84KB

.rsrc
Size: 5KB - Virtual size: 5KB