activexcontrolpad-US[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

activexcontrolpad-US.exe
Size

2.7MB
MD5

a03bf72d6f59be2fd269963b11d742b6
SHA1

8921e0f52507ca6a373c94d222777c750fb48af7
SHA256

eab94091ac391f9bbc8e355a1d231e6a08b8dbbb0f6539245b7f0c58d94f420c
SHA512

c510b9722827b04c61063d4223bd8a299b5f28fcab6e1c621f52273b13fa38907c664d48a7130456f101c111301647177da109698e9553da6b11b122eecb5192
SSDEEP

49152:uhyO1RMjgTfizhVzrEFKbllKO/xFbvzkMFycXrTYhCCKERV:zjjgK/z8oZqcbTYlRV

Score

N/A

Malware Config

Signatures

Files

activexcontrolpad-US.exe
.exe windows x86

d283446d5bbc55cf127012ab37d68d8d

Code Sign

4a:19:d2:38:8c:82:59:1c:a5:5d:73:5f:15:5d:dc:a3
Certificate

Issuer

OU=VeriSign\, Inc.+OU=VeriSign Time Stamping Service Root+OU=NO LIABILITY ACCEPTED\, (c)97 VeriSign\, Inc.,O=VeriSign Trust Network

Not Before

12/05/1997, 00:00

Not After

07/01/2004, 23:59

Subject

OU=VeriSign\, Inc.+OU=VeriSign Time Stamping Service Root+OU=NO LIABILITY ACCEPTED\, (c)97 VeriSign\, Inc.,O=VeriSign Trust Network

08:7a:6d:5c:6f:62:93:4f:ba:c4:fd:43:e1:14:18:9d
Certificate

Issuer

OU=VeriSign\, Inc.+OU=VeriSign Time Stamping Service Root+OU=NO LIABILITY ACCEPTED\, (c)97 VeriSign\, Inc.,O=VeriSign Trust Network

Not Before

28/02/2001, 00:00

Not After

06/01/2004, 23:59

Subject

CN=VeriSign Time Stamping Service,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)01,O=VeriSign\, Inc.

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

c1:00:8b:3c:3c:88:11:d1:3e:f6:63:ec:df:40
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

10/01/1997, 07:00

Not After

31/12/2020, 07:00

Subject

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

61:06:2a:8d:00:00:00:00:00:0b
Certificate

Issuer

CN=Microsoft Code Signing PCA,OU=Copyright (c) 2000 Microsoft Corp.,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

29/03/2001, 21:27

Not After

29/05/2002, 21:37

Subject

CN=Microsoft Corporation,OU=Copyright (c) 2001 Microsoft Corp.,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

6a:0b:99:4f:c0:00:de:aa:11:d4:d8:40:9a:a8:be:e6
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

10/12/2000, 08:00

Not After

12/11/2005, 08:00

Subject

CN=Microsoft Code Signing PCA,OU=Copyright (c) 2000 Microsoft Corp.,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageContentCommitment
KeyUsageCertSign
KeyUsageCRLSign

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FreeLibrary
GetProcAddress
LoadLibraryA
FreeResource
LockResource
CreateProcessA
GetExitCodeProcess
WaitForSingleObject
FindResourceA
CloseHandle
CreateFileA
RtlMoveMemory
ReadFile
WriteFile
SetFilePointer
SetFileTime
LoadResource
SizeofResource
lstrlenA
GlobalFree
SetFileAttributesA
DeleteFileA
RemoveDirectoryA
LocalFileTimeToFileTime
lstrcmpiA
GetModuleFileNameA
GetTempPathA
GetFileAttributesA
GetDiskFreeSpaceA
GetCurrentDirectoryA
GetCurrentProcess
GetWindowsDirectoryA
GetSystemDirectoryA
FindClose
FindNextFileA
FindFirstFileA
DosDateTimeToFileTime
CreateDirectoryA
GetPrivateProfileIntA
GetLastError
FormatMessageA
lstrcpyA
lstrcatA
LocalAlloc
lstrcmpA
FlushFileBuffers
LocalFree
GetVersionExA
CreateThread
TerminateThread
GetTempFileNameA
GlobalAlloc
SetCurrentDirectoryA
GetEnvironmentStrings
GetStartupInfoA
SetStdHandle
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
MultiByteToWideChar
WideCharToMultiByte
VirtualAlloc
VirtualFree
TlsGetValue
TlsAlloc
TlsSetValue
GetCurrentThreadId
GetFileType
GetStdHandle
GetCPInfo
GetOEMCP
GetACP
ExitProcess
GetModuleHandleA
UnhandledExceptionFilter
GetVersion
GetCommandLineA
RtlUnwind

gdi32

GetDeviceCaps

user32

SetWindowLongA
DialogBoxParamA
GetWindowLongA
CallWindowProcA
EndDialog
GetDlgItem
SetForegroundWindow
SetDlgItemTextA
GetDesktopWindow
SendDlgItemMessageA
LoadStringA
GetDlgItemTextA
SendMessageA
EnableWindow
CharPrevA
wsprintfA
ExitWindowsEx
CharNextA
MessageBeep
MessageBoxA
GetWindowRect
GetDC
ReleaseDC
SetWindowPos
SetWindowTextA

comctl32

ord17
ord355

advapi32

OpenProcessToken
FreeSid
EqualSid
AllocateAndInitializeSid
GetTokenInformation
RegCloseKey
RegDeleteValueA
RegOpenKeyExA
RegSetValueExA
RegCreateKeyExA

Sections

.text
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 53B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2.6MB - Virtual size: 2.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d283446d5bbc55cf127012ab37d68d8d

Code Sign

4a:19:d2:38:8c:82:59:1c:a5:5d:73:5f:15:5d:dc:a3Certificate

08:7a:6d:5c:6f:62:93:4f:ba:c4:fd:43:e1:14:18:9dCertificate

Extended Key Usages

Key Usages

c1:00:8b:3c:3c:88:11:d1:3e:f6:63:ec:df:40Certificate

61:06:2a:8d:00:00:00:00:00:0bCertificate

Extended Key Usages

Key Usages

6a:0b:99:4f:c0:00:de:aa:11:d4:d8:40:9a:a8:be:e6Certificate

Extended Key Usages

Key Usages

Signer

Headers

File Characteristics

Imports

kernel32

gdi32

user32

comctl32

advapi32

Sections

.text Size: 42KB - Virtual size: 41KB

.data Size: 36KB - Virtual size: 36KB

.idata Size: 3KB - Virtual size: 3KB

.edata Size: 512B - Virtual size: 53B

.rsrc Size: 2.6MB - Virtual size: 2.6MB

.reloc Size: 4KB - Virtual size: 3KB

4a:19:d2:38:8c:82:59:1c:a5:5d:73:5f:15:5d:dc:a3
Certificate

08:7a:6d:5c:6f:62:93:4f:ba:c4:fd:43:e1:14:18:9d
Certificate

c1:00:8b:3c:3c:88:11:d1:3e:f6:63:ec:df:40
Certificate

61:06:2a:8d:00:00:00:00:00:0b
Certificate

6a:0b:99:4f:c0:00:de:aa:11:d4:d8:40:9a:a8:be:e6
Certificate

.text
Size: 42KB - Virtual size: 41KB

.data
Size: 36KB - Virtual size: 36KB

.idata
Size: 3KB - Virtual size: 3KB

.edata
Size: 512B - Virtual size: 53B

.rsrc
Size: 2.6MB - Virtual size: 2.6MB

.reloc
Size: 4KB - Virtual size: 3KB