ISO File Burning[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

ISO File Burning.exe
Size

645KB
MD5

efad1564952474cb0110fe438464e7e1
SHA1

5d9111f32cb8931da1321b33db3968f8384deb81
SHA256

9ec9c5007ee354bcf606c30b8f1ea1a1cc3de84ffe7d09cbf16f7773de91123a
SHA512

0d4c0a23b6d51ec2f6c71749170b1069b1c36f2d8c91f1a4a9f4060b47c26a14f30cb64abe06d4247da2ff2fe1fa03a0de584208d058964c2db3c25f42b94dc4
SSDEEP

6144:D1c/Be33WbkQa77sumL7g6dSn6n+EQgD0N/ixiuw6csU1DnjGw7R0svRtMIzEoY2:DS5g32uIh+Va0axe1jH7R0iWcYfJ4/

Score

1^/10

Malware Config

Signatures

Files

ISO File Burning.exe
.exe windows x86

1f8f94fb8f55cc3ec9c2511356e42033

Code Sign

01
Certificate

Issuer

CN=Thawte Premium Server CA,OU=Certification Services Division,O=Thawte Consulting cc,L=Cape Town,ST=Western Cape,C=ZA,1.2.840.113549.1.9.1=#0c197072656d69756d2d736572766572407468617774652e636f6d

Not Before

01/08/1996, 00:00

Not After

31/12/2020, 23:59

Subject

CN=Thawte Premium Server CA,OU=Certification Services Division,O=Thawte Consulting cc,L=Cape Town,ST=Western Cape,C=ZA,1.2.840.113549.1.9.1=#0c197072656d69756d2d736572766572407468617774652e636f6d

0a
Certificate

Issuer

CN=Thawte Premium Server CA,OU=Certification Services Division,O=Thawte Consulting cc,L=Cape Town,ST=Western Cape,C=ZA,1.2.840.113549.1.9.1=#0c197072656d69756d2d736572766572407468617774652e636f6d

Not Before

06/08/2003, 00:00

Not After

05/08/2013, 23:59

Subject

CN=Thawte Code Signing CA,O=Thawte Consulting (Pty) Ltd.,C=ZA

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

1c:d5:18:34:53:0f:a0:a5:90:69:15:20:70:52:41:97
Certificate

Issuer

CN=Thawte Code Signing CA,O=Thawte Consulting (Pty) Ltd.,C=ZA

Not Before

07/05/2007, 00:00

Not After

03/06/2009, 23:59

Subject

CN=LSoft Technologies Inc,OU=ACTIVE DATA RECOVERY SOFTWARE,O=LSoft Technologies Inc,L=Mississauga,ST=Ontario,C=CA

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

TlsSetValue
LocalReAlloc
TlsFree
InterlockedIncrement
GetCPInfo
GetOEMCP
GetCurrentDirectoryA
GetThreadLocale
SetFilePointer
FlushFileBuffers
SetEndOfFile
GetCurrentProcess
GetVolumeInformationA
GetFullPathNameA
SetErrorMode
VirtualAlloc
HeapFree
HeapAlloc
HeapReAlloc
GetCommandLineA
GetProcessHeap
GetStartupInfoA
ExitThread
CreateThread
GetSystemTimeAsFileTime
RtlUnwind
RaiseException
TlsAlloc
HeapSize
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetACP
IsValidCodePage
LCMapStringA
LCMapStringW
HeapDestroy
HeapCreate
VirtualFree
GetStdHandle
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
GetConsoleCP
GetConsoleMode
GetStringTypeA
GetStringTypeW
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetEnvironmentVariableA
GlobalHandle
GlobalReAlloc
TlsGetValue
LocalAlloc
GlobalFlags
InterlockedDecrement
GetModuleFileNameW
FormatMessageA
LocalFree
MulDiv
GetCurrentProcessId
WritePrivateProfileStringA
GetPrivateProfileIntA
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesA
GetLocaleInfoA
lstrcmpA
GlobalAlloc
GetCurrentThreadId
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
FreeLibrary
SetLastError
lstrcmpW
GetModuleHandleA
GetVersionExA
GlobalLock
GlobalUnlock
GlobalFree
FreeResource
GetFileSize
CreateFileW
ReadFile
SetThreadPriority
ResumeThread
QueryPerformanceCounter
WriteFile
DeleteCriticalSection
FileTimeToLocalFileTime
FileTimeToSystemTime
GetTimeZoneInformation
InitializeCriticalSection
QueryPerformanceFrequency
GetSystemTime
GetDriveTypeA
LoadLibraryA
GetProcAddress
CreateEventA
ResetEvent
DeviceIoControl
CreateFileA
LeaveCriticalSection
EnterCriticalSection
GetVersion
CompareStringA
CompareStringW
GetLastError
MultiByteToWideChar
lstrlenA
GetTickCount
ReleaseSemaphore
FindResourceA
LoadResource
CloseHandle
LockResource
FindClose
WaitForSingleObject
SizeofResource
FindFirstFileA
WideCharToMultiByte
CreateSemaphoreA
Sleep
InterlockedExchange
ExitProcess
GetModuleFileNameA

user32

UnregisterClassA
ReleaseDC
GetDC
DestroyMenu
GetWindowThreadProcessId
GetMessageA
TranslateMessage
GetCursorPos
ValidateRect
PostQuitMessage
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapA
ModifyMenuA
GetMenuState
EnableMenuItem
CheckMenuItem
RegisterWindowMessageA
WinHelpA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
GetClassNameA
GetForegroundWindow
GetLastActivePopup
DispatchMessageA
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
PeekMessageA
MapWindowPoints
GetKeyState
SetForegroundWindow
IsWindowVisible
GetSubMenu
GetMenuItemID
GetMenuItemCount
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
AdjustWindowRectEx
CopyRect
DefWindowProcA
SystemParametersInfoA
GetWindowPlacement
GetWindowTextLengthA
GetWindowTextA
GetFocus
SetWindowPos
SetFocus
ShowWindow
GetDlgCtrlID
SetWindowTextA
IsDialogMessageA
EnableWindow
GetSystemMenu
UpdateWindow
IsIconic
SetTimer
GetSystemMetrics
GetClientRect
SendDlgItemMessageA
GetWindow
GetDesktopWindow
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
GetSysColorBrush
EndPaint
BeginPaint
GrayStringA
DrawTextExA
IsWindow
IsWindowEnabled
DrawTextA
TabbedTextOutA
GetMenu
KillTimer
AppendMenuA
DrawIcon
SendMessageA
MessageBoxA
InvalidateRect
LoadIconA
PostMessageA
LoadCursorA
GetWindowLongA
CallWindowProcA
GetPropA
SetCapture
SetWindowLongA
ReleaseCapture
SetPropA
GetWindowRect
SetCursor
ClientToScreen
GetCapture
GetNextDlgTabItem
EndDialog
CharUpperA
GetDlgItem
GetParent
RemovePropA
PtInRect
GetSysColor

gdi32

ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
DeleteDC
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
Escape
TextOutA
RectVisible
PtVisible
GetStockObject
DeleteObject
SetMapMode
RestoreDC
SaveDC
ExtTextOutA
GetDeviceCaps
CreateBitmap
SetBkColor
GetClipBox
SetTextColor
GetObjectA
CreateFontIndirectA

comdlg32

GetOpenFileNameA

winspool.drv

OpenPrinterA
ClosePrinter
DocumentPropertiesA

advapi32

RegDeleteKeyA
RegQueryValueA
RegOpenKeyA
RegEnumKeyA
RegCloseKey
RegSetValueExA
RegCreateKeyExA
RegOpenKeyExA
RegQueryValueExA

shell32

DragAcceptFiles
DragQueryFileA
DragFinish
ShellExecuteA

comctl32

InitCommonControlsEx

shlwapi

PathFindFileNameA
PathStripToRootA
PathFindExtensionA
PathIsUNCA

ole32

CoCreateInstance
OleUninitialize
OleInitialize

oleaut32

VariantClear
VariantChangeType
VariantInit

Sections

.text
Size: 212KB - Virtual size: 211KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 372KB - Virtual size: 369KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1f8f94fb8f55cc3ec9c2511356e42033

Code Sign

01Certificate

0aCertificate

Extended Key Usages

Key Usages

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5Certificate

Extended Key Usages

Key Usages

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4Certificate

Extended Key Usages

Key Usages

1c:d5:18:34:53:0f:a0:a5:90:69:15:20:70:52:41:97Certificate

Extended Key Usages

Signer

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

ole32

oleaut32

Sections

.text Size: 212KB - Virtual size: 211KB

.rdata Size: 40KB - Virtual size: 39KB

.data Size: 12KB - Virtual size: 27KB

.rsrc Size: 372KB - Virtual size: 369KB

01
Certificate

0a
Certificate

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

1c:d5:18:34:53:0f:a0:a5:90:69:15:20:70:52:41:97
Certificate

.text
Size: 212KB - Virtual size: 211KB

.rdata
Size: 40KB - Virtual size: 39KB

.data
Size: 12KB - Virtual size: 27KB

.rsrc
Size: 372KB - Virtual size: 369KB