53444bccab157f221fbe423aca078b41f884022c796a43ee8c80eb037a67b202

Sharing

Copy URL Twitter E-mail

General

Target

53444bccab157f221fbe423aca078b41f884022c796a43ee8c80eb037a67b202
Size

200KB
MD5

ea157684c6f0ef286352cc8d138d058d
SHA1

5c353d51e88c9878769917baa8e452fc023a32ad
SHA256

53444bccab157f221fbe423aca078b41f884022c796a43ee8c80eb037a67b202
SHA512

026951b457387eac0a9675f2c98347c937c3fc48fd93777ecf0e5d4d9b190df2a324b8f422bf1726be93557fe21617e4264f875edb0dcd97b25b4468b7d6ef13
SSDEEP

3072:FllBLmMruo8d8kKRuIlokGWv1Pcgok93+eHvi+qiPuZrbnMILpMLrERGPf09gx:vPyo8LKRurkz1wQ+ptFbMg0Yy00

Score

N/A

Malware Config

Signatures

Files

53444bccab157f221fbe423aca078b41f884022c796a43ee8c80eb037a67b202
.dll windows x86

89e82451eb882f124806777a1dbc666e

Code Sign

03:c7:8f:37:db:92:28:df:3c:bb:1a:ad:82:fa:67:10
Certificate

Issuer

OU=VeriSign Commercial Software Publishers CA,O=VeriSign\, Inc.,L=Internet

Not Before

09/04/1996, 00:00

Not After

07/01/2004, 23:59

Subject

OU=VeriSign Commercial Software Publishers CA,O=VeriSign\, Inc.,L=Internet

fc:a4:a5:9f:2c:0f:c0:b9:03:98:33:1b:7b:54:54:1d
Certificate

Issuer

OU=VeriSign\, Inc.+OU=VeriSign Time Stamping Service Root+OU=NO LIABILITY ACCEPTED\, (c)97 VeriSign\, Inc.,O=VeriSign Trust Network

Not Before

16/11/1999, 00:00

Not After

06/01/2004, 23:59

Subject

CN=VeriSign Time Stamping Service CA SW1,OU=VeriSign Trust Network+OU=www.verisign.com/repository/RPA Incorp. by Ref.\,LIAB.LTD(c)98,O=VeriSign\, Inc.

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

75:f2:8e:f8:a8:fb:ea:6d:11:52:97:14:95:4b:65:5c
Certificate

Issuer

OU=VeriSign Commercial Software Publishers CA,O=VeriSign\, Inc.,L=Internet

Not Before

04/04/2000, 00:00

Not After

17/04/2001, 23:59

Subject

CN=Microsoft Corporation,OU=VeriSign Commercial Software Publishers CA+OU=www.verisign.com/repository/RPA Incorp. by Ref.\,LIAB.LTD(c)98+OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=Microsoft Corporation,O=VeriSign\, Inc.,L=Internet+L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageKeyEncipherment

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

BitBlt
DeleteObject
GetEnhMetaFileHeader
SetWinMetaFileBits
DeleteEnhMetaFile
RealizePalette
SelectPalette
DeleteDC
GetStockObject
CreateSolidBrush
CreateCompatibleBitmap
CreateCompatibleDC
SetTextColor
SetTextAlign
SetBkMode
GetTextAlign
LineTo
MoveToEx
GdiFlush
PlayEnhMetaFile
Polyline
GetTextColor
GetOutlineTextMetricsA
GetCurrentObject
CreatePalette
GetSystemPaletteEntries
GetDeviceCaps
GetSystemPaletteUse
CreateHalftonePalette
SetBkColor
UnrealizeObject
SetDIBitsToDevice
StretchDIBits
ExtTextOutA
ExtTextOutW
GetTextExtentPoint32W
SelectObject
GetTextMetricsA
CreatePen
CreateFontIndirectA

kernel32

GlobalUnlock
LoadResource
FindResourceA
GetCurrentProcessId
FreeLibrary
LoadLibraryA
SetErrorMode
SizeofResource
FreeResource
CloseHandle
ReadFile
GetFileSize
CreateFileA
CreateFileW
Sleep
MultiByteToWideChar
UnmapViewOfFile
MapViewOfFile
CreateFileMappingA
LockResource
GlobalLock
GetProcessHeap
HeapAlloc
HeapFree
IsDBCSLeadByte
WideCharToMultiByte
GlobalFree
GlobalAlloc
IsValidLocale
GetSystemDefaultLangID
LoadLibraryW
GetCurrentThreadId
lstrcpyA
GetModuleHandleA
GetProcAddress
GetVersionExA
RtlUnwind
LCMapStringW
LCMapStringA
GetStringTypeA
GetACP
GetCPInfo
GetOEMCP
HeapReAlloc
VirtualAlloc
GetEnvironmentStringsW
GetEnvironmentStrings
WriteFile
FreeEnvironmentStringsA
GetStringTypeW
FreeEnvironmentStringsW
GetModuleFileNameA
GetStartupInfoA
GetFileType
GetStdHandle
SetHandleCount
VirtualFree
HeapCreate
HeapDestroy
GetCurrentProcess
TerminateProcess
ExitProcess
GetVersion
GetCommandLineA

ole32

OleInitialize
OleUninitialize

user32

SetForegroundWindow
IsWindowVisible
SetParent
DestroyWindow
SetCursor
InvalidateRect
MessageBeep
DrawFocusRect
InflateRect
GetSysColor
DefWindowProcA
EndPaint
BeginPaint
GetWindowLongA
PostMessageA
MapWindowPoints
FillRect
GetClientRect
PtInRect
IsChild
IsWindow
GetClassNameA
IsRectEmpty
SetWindowLongW
GetWindowLongW
SendMessageW
IsWindowUnicode
CallWindowProcA
SetFocus
SetCapture
ClientToScreen
GetDlgCtrlID
GetNextDlgTabItem
CharLowerW
CharLowerA
LoadIconA
DrawIcon
WaitMessage
DispatchMessageA
TranslateMessage
GetMessageA
PeekMessageA
SetWindowsHookExA
UnhookWindowsHookEx
SetTimer
KillTimer
CallNextHookEx
FindWindowA
LoadStringA
LoadStringW
DrawTextA
DrawTextW
GetKeyboardLayoutList
SystemParametersInfoA
GetWindowRect
GetSystemMetrics
SetWindowPos
GetKeyState
RedrawWindow
GetActiveWindow
GetWindowThreadProcessId
IsWindowEnabled
GetWindow
GetWindowTextA
GetKeyboardState
IntersectRect
SetActiveWindow
CreateWindowExA
SendMessageA
EnableWindow
UpdateWindow
GetClassInfoA
GetFocus
GetParent
ReleaseDC
RegisterClassA
GetDC
GetKeyboardLayout
LoadCursorA
EnumThreadWindows
CallWindowProcW
ReleaseCapture
SetWindowLongA
SetKeyboardState

advapi32

RegOpenKeyExW
RegQueryValueExW
RegOpenKeyExA
RegQueryValueExA

Exports

Exports

FCreateIOBalloon

Sections

.text
Size: 72KB - Virtual size: 70KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

89e82451eb882f124806777a1dbc666e

Code Sign

03:c7:8f:37:db:92:28:df:3c:bb:1a:ad:82:fa:67:10Certificate

fc:a4:a5:9f:2c:0f:c0:b9:03:98:33:1b:7b:54:54:1dCertificate

Extended Key Usages

Key Usages

75:f2:8e:f8:a8:fb:ea:6d:11:52:97:14:95:4b:65:5cCertificate

Key Usages

Signer

Headers

File Characteristics

Imports

gdi32

kernel32

ole32

user32

advapi32

Exports

Exports

Sections

.text Size: 72KB - Virtual size: 70KB

.data Size: 4KB - Virtual size: 4KB

.rsrc Size: 36KB - Virtual size: 36KB

.reloc Size: 8KB - Virtual size: 4KB

03:c7:8f:37:db:92:28:df:3c:bb:1a:ad:82:fa:67:10
Certificate

fc:a4:a5:9f:2c:0f:c0:b9:03:98:33:1b:7b:54:54:1d
Certificate

75:f2:8e:f8:a8:fb:ea:6d:11:52:97:14:95:4b:65:5c
Certificate

.text
Size: 72KB - Virtual size: 70KB

.data
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 36KB - Virtual size: 36KB

.reloc
Size: 8KB - Virtual size: 4KB