129[.]159[.]151[.]146_-_test_-_nc[.]exe___e0db1d3d47e312ef62e5b0c74dceafe5[.]dat

Sharing

Copy URL

Twitter E-mail

General

Target

129.159.151.146_-_test_-_nc.exe___e0db1d3d47e312ef62e5b0c74dceafe5.dat
Size

35KB
MD5

e0db1d3d47e312ef62e5b0c74dceafe5
SHA1

08664f5c3e07862ab9b531848ac92d08c8c6ba5a
SHA256

b3b207dfab2f429cc352ba125be32a0cae69fe4bf8563ab7d0128bba8c57a71c
SHA512

78272306d6ad48eddc57fd872048c9cc400ea4cac91727dab9c8f869fb943dfd162d12b08f1c5e7927b536586a53917844b0424be838454ea841367590c0a6be
SSDEEP

768:SyMPVzXjrEX3wVdvEs/immkrYKoc4KYIoxU:DMPdrEGdvfamnnT4lIoG

Score

1^/10

Malware Config

Signatures

Files

129.159.151.146_-_test_-_nc.exe___e0db1d3d47e312ef62e5b0c74dceafe5.dat
.exe windows x86

98ce7b6533cbd67993e36dafb4e95946

Code Sign

04:7a:55
Certificate

Issuer

CN=Certum CA,O=Unizeto Sp. z o.o.,C=PL

Not Before

03-03-2009 12:58

Not After

03-03-2024 12:58

Subject

CN=Certum Time-Stamping Authority,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Extended Key Usages

ExtKeyUsageTimeStamping

04:7a:53
Certificate

Issuer

CN=Certum CA,O=Unizeto Sp. z o.o.,C=PL

Not Before

03-03-2009 12:53

Not After

03-03-2024 12:53

Subject

CN=Certum Level III CA,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

07:11:d3
Certificate

Issuer

CN=Certum Level III CA,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Not Before

31-08-2010 14:56

Not After

01-09-2011 14:56

Subject

CN=Jernej Simoncic - Open Source Developer,OU=-,O=Open Source Developer,C=SI,1.2.840.113549.1.9.1=#0c0d6a65726e656a40656e612e7369

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

14:dd:2d:82:2b:b8:08:b2:32:8e:5d:2f:59:95:2c:89:f2:94:cf:97
Signer

Actual PE Digest

14:dd:2d:82:2b:b8:08:b2:32:8e:5d:2f:59:95:2c:89:f2:94:cf:97

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

CloseHandle
CreatePipe
CreateProcessA
CreateThread
DeleteCriticalSection
DisconnectNamedPipe
DuplicateHandle
EnterCriticalSection
ExitProcess
ExitThread
FreeConsole
FreeLibrary
GetCurrentProcess
GetLastError
GetModuleHandleA
GetProcAddress
GetStdHandle
InitializeCriticalSection
LeaveCriticalSection
LoadLibraryA
PeekNamedPipe
ReadFile
SetUnhandledExceptionFilter
Sleep
TerminateProcess
TerminateThread
TlsGetValue
VirtualProtect
VirtualQuery
WaitForMultipleObjects
WriteFile

msvcrt

_close
_dup
_itoa
_kbhit
_open
_read
_strcmpi
_strnicmp
_write
__getmainargs
__p__environ
__p__fmode
__set_app_type
_cexit
_errno
_iob
_isatty
_onexit
_setjmp
_setmode
_sleep
_winmajor
abort
atexit
atoi
calloc
exit
fflush
fprintf
fputc
free
fwrite
getenv
gets
longjmp
malloc
memcmp
memcpy
memset
rand
signal
sprintf
srand
strcat
strchr
strcmp
strcpy
strlen
strncmp
strncpy
time
vfprintf

wsock32

WSACleanup
WSAGetLastError
WSASetLastError
WSAStartup
__WSAFDIsSet
accept
bind
closesocket
connect
gethostbyaddr
gethostbyname
getservbyname
getservbyport
getsockname
htons
inet_addr
inet_ntoa
listen
ntohs
recv
recvfrom
select
send
setsockopt
shutdown
socket

Sections

.text
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 92B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 412B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

98ce7b6533cbd67993e36dafb4e95946

Code Sign

04:7a:55Certificate

Extended Key Usages

04:7a:53Certificate

Key Usages

07:11:d3Certificate

Extended Key Usages

Key Usages

14:dd:2d:82:2b:b8:08:b2:32:8e:5d:2f:59:95:2c:89:f2:94:cf:97Signer

Headers

File Characteristics

Imports

kernel32

msvcrt

wsock32

Sections

.text Size: 21KB - Virtual size: 20KB

.data Size: 512B - Virtual size: 92B

.rdata Size: 4KB - Virtual size: 4KB

.bss Size: - Virtual size: 412B

.idata Size: 3KB - Virtual size: 2KB

.CRT Size: 512B - Virtual size: 24B

.tls Size: 512B - Virtual size: 32B

04:7a:55
Certificate

04:7a:53
Certificate

07:11:d3
Certificate

14:dd:2d:82:2b:b8:08:b2:32:8e:5d:2f:59:95:2c:89:f2:94:cf:97
Signer

.text
Size: 21KB - Virtual size: 20KB

.data
Size: 512B - Virtual size: 92B

.rdata
Size: 4KB - Virtual size: 4KB

.bss
Size: - Virtual size: 412B

.idata
Size: 3KB - Virtual size: 2KB

.CRT
Size: 512B - Virtual size: 24B

.tls
Size: 512B - Virtual size: 32B