BritLite[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

BritLite.exe
Size

5.1MB
MD5

a4ef687b84ed6d6dc04104779681505e
SHA1

21ef6ba37f5364912dc712604f2665b72b9caa1f
SHA256

968f0bbd4b466fdc8b237bf7a8a051f779f13407e9991f3a7dd5c322d71d49c3
SHA512

95fd55f70b14f4f63414fe10639c2204500d0bf4595e3e92eeaaaac0d14880c3b00171e62e2b7bc2b8fce8df2c04e6b7ef572452963244a8680b27ca115c3b70
SSDEEP

98304:7+jiJcqdwMNJuChSMRWsAnDw/GlzkGcpc7ATtuJEYD4yLk9o1O1nefDiQ8Za:7+ac89SMR0aTT8DAm01nefDUZa

Score

1^/10

Malware Config

Signatures

Files

BritLite.exe
.exe windows:5 windows x86

1e0ed8db2ed94cbd5a96f681c86725f6

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21-12-2012 00:00

Not After

30-12-2020 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18-10-2012 00:00

Not After

29-12-2020 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

4c:25:46:68:e9:8e:c5:55:ef:ec:4f:bf:3b:1d:66:a3
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

29-05-2013 00:00

Not After

28-08-2015 23:59

Subject

CN=Brit Systems\, Inc.,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Brit Systems\, Inc.,L=Dallas,ST=Texas,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08-02-2010 00:00

Not After

07-02-2020 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

cb:3b:45:c9:18:3e:57:9c:e5:98:ad:3f:d8:da:36:0f:ca:e0:b0:3c
Signer

Actual PE Digest

cb:3b:45:c9:18:3e:57:9c:e5:98:ad:3f:d8:da:36:0f:ca:e0:b0:3c

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

psapi

GetProcessMemoryInfo
GetPerformanceInfo

ws2_32

connect
htons
socket
getservbyname
gethostbyname
closesocket
shutdown
send
WSACleanup
WSAStartup
recv
WSAGetLastError
ntohs

winmm

PlaySoundA
timeGetTime

kernel32

GetCPInfo
GetOEMCP
GetACP
SetErrorMode
GetSystemDirectoryW
FindResourceExW
GetWindowsDirectoryA
GetNumberFormatA
SearchPathA
RtlUnwind
EncodePointer
DecodePointer
FindFirstFileExA
VirtualAlloc
VirtualQuery
GlobalReAlloc
GetDateFormatA
RaiseException
HeapReAlloc
GetDriveTypeW
ExitProcess
GetCurrentDirectoryW
SetCurrentDirectoryW
SetEnvironmentVariableA
GetCommandLineA
HeapSetInformation
GetStartupInfoW
GetFileInformationByHandle
PeekNamedPipe
GetFileType
ExitThread
SetStdHandle
HeapSize
HeapQueryInformation
IsValidCodePage
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
LCMapStringW
IsProcessorFeaturePresent
GetStringTypeW
GetStdHandle
HeapCreate
GetTimeZoneInformation
SetHandleCount
GetConsoleCP
GetConsoleMode
GetLocaleInfoW
CompareStringW
FreeEnvironmentStringsW
GetEnvironmentStringsW
EnumSystemLocalesA
IsValidLocale
WriteConsoleW
TlsGetValue
GetUserDefaultLCID
GetPrivateProfileIntA
GetCurrentThread
GetUserDefaultUILanguage
ConvertDefaultLocale
GetSystemDefaultUILanguage
GetLocaleInfoA
LoadLibraryExA
GetModuleHandleW
GetProfileIntA
DuplicateHandle
lstrcmpiA
GetThreadLocale
VirtualProtect
GetFileTime
GetFileSizeEx
GetModuleFileNameW
ReleaseActCtx
CreateActCtxW
FindResourceA
FreeResource
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
CompareStringA
lstrcmpW
SuspendThread
SetThreadPriority
lstrcmpA
GlobalFree
GlobalSize
GlobalAlloc
GlobalLock
GlobalUnlock
lstrlenW
GlobalFlags
GetSystemTime
LoadLibraryW
GetFullPathNameW
GetFullPathNameA
GetTempPathW
DeleteFileW
GetFileAttributesW
AreFileApisANSI
CreateFileW
LockFileEx
LockFile
UnlockFile
FlushFileBuffers
SetEndOfFile
SetFilePointer
ReadFile
QueryPerformanceFrequency
QueryPerformanceCounter
GetVolumeInformationA
DeviceIoControl
GetVolumePathNameA
GetDriveTypeA
GetVersionExA
MoveFileA
CreateThread
CreateTimerQueue
CreateTimerQueueTimer
ChangeTimerQueueTimer
DeleteTimerQueueTimer
DeleteTimerQueueEx
GetCurrentProcessId
FreeLibrary
lstrcpyA
InterlockedExchange
InterlockedCompareExchange
TerminateProcess
OpenProcess
GetSystemInfo
GlobalMemoryStatus
FormatMessageA
GetFileAttributesExA
GetEnvironmentVariableA
GetPrivateProfileSectionNamesA
GetPrivateProfileSectionA
WritePrivateProfileSectionA
FileTimeToLocalFileTime
FileTimeToSystemTime
SetCurrentDirectoryA
CreateDirectoryA
OpenFileMappingA
GetCurrentProcess
LocalAlloc
LocalFree
FindFirstFileA
FindNextFileA
FindClose
GetModuleFileNameA
InterlockedDecrement
InterlockedIncrement
GetFileSize
CreateFileMappingA
MapViewOfFile
UnmapViewOfFile
ActivateActCtx
DeactivateActCtx
SetLastError
GetProcAddress
GetModuleHandleA
LoadLibraryA
GetTempPathA
CreateFileA
WriteFile
GetProcessHeap
HeapAlloc
HeapFree
CopyFileA
GetCurrentDirectoryA
RemoveDirectoryA
GetTickCount
InitializeCriticalSection
CreateEventA
ResetEvent
WaitForSingleObject
CloseHandle
SetEvent
Sleep
GetExitCodeThread
TerminateThread
GetTempFileNameA
DeleteFileA
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
GetLastError
GetFileAttributesA
MulDiv
lstrlenA
GetCurrentThreadId
lstrcpynA
ResumeThread
MultiByteToWideChar
GetPrivateProfileStringA
WritePrivateProfileStringA
WideCharToMultiByte
FindResourceW
LoadResource
LockResource
SizeofResource
LocalReAlloc
TlsFree
TlsSetValue
TlsAlloc
GetSystemTimeAsFileTime
GlobalHandle
GetTimeFormatA

user32

LoadAcceleratorsW
GetKeyboardState
GetKeyboardLayout
ToAsciiEx
DrawEdge
DrawStateA
SetClassLongA
DestroyAcceleratorTable
CopyImage
GetIconInfo
NotifyWinEvent
EnableScrollBar
HideCaret
InvertRect
GetMenuDefaultItem
GetNextDlgGroupItem
InvalidateRgn
CopyAcceleratorTableA
MessageBeep
IsClipboardFormatAvailable
LockWindowUpdate
UnregisterClassA
RealChildWindowFromPoint
GetSysColorBrush
SetWindowContextHelpId
ShowOwnedPopups
GetDCEx
CharNextA
GetSystemMenu
IsZoomed
SetWindowRgn
CharUpperA
MapDialogRect
GetAsyncKeyState
SystemParametersInfoA
UnpackDDElParam
ReuseDDElParam
LoadAcceleratorsA
InsertMenuItemA
BringWindowToTop
TranslateAcceleratorA
EndPaint
BeginPaint
GrayStringA
DrawTextExA
TabbedTextOutA
MapVirtualKeyA
GetKeyNameTextA
CreateDialogIndirectParamA
GetNextDlgTabItem
EndDialog
WindowFromPoint
IsWindowEnabled
MoveWindow
SetWindowTextA
IsDialogMessageA
IsDlgButtonChecked
SetDlgItemTextA
GetDlgItemInt
CheckDlgButton
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
SendDlgItemMessageA
WinHelpA
IsChild
GetClassLongA
SetPropA
GetPropA
RemovePropA
SetFocus
GetWindowTextLengthA
GetWindowTextA
GetForegroundWindow
GetLastActivePopup
SetActiveWindow
BeginDeferWindowPos
EndDeferWindowPos
GetDlgItem
GetTopWindow
DestroyWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
MonitorFromWindow
MapWindowPoints
CreateAcceleratorTableA
TrackPopupMenu
SetMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
AdjustWindowRectEx
DeferWindowPos
GetScrollInfo
SetScrollInfo
SetWindowPlacement
GetDlgCtrlID
DefWindowProcA
GetMenu
SetWindowsHookExA
CallNextHookEx
TranslateMessage
ValidateRect
GetMenuStringA
CallWindowProcA
DrawFrameControl
DrawTextA
CreatePopupMenu
DestroyCursor
LoadCursorW
MonitorFromPoint
GetWindowThreadProcessId
DestroyIcon
SetWindowPos
GetWindow
GetWindowPlacement
ShowWindow
EnumDisplayMonitors
GetMonitorInfoA
SetForegroundWindow
LoadMenuA
SetMenuDefaultItem
LoadBitmapW
GetDesktopWindow
ReleaseDC
GetWindowDC
GetSysColor
GetDoubleClickTime
GetWindowLongA
SetWindowLongA
ShowScrollBar
UnionRect
CopyRect
SetLayeredWindowAttributes
GetMessageA
PostQuitMessage
GetGUIThreadInfo
SendMessageA
GetWindowRect
GetClientRect
DispatchMessageA
LoadIconA
GetCapture
UpdateWindow
ScreenToClient
DrawIcon
PeekMessageA
EmptyClipboard
SetClipboardData
CloseClipboard
LoadImageA
OpenClipboard
SetParent
GetClassNameA
GetSystemMetrics
SetMenuItemInfoA
DestroyMenu
LoadIconW
PostThreadMessageA
GetFocus
RedrawWindow
SetCursorPos
RegisterClipboardFormatA
LoadImageW
IsCharLowerA
MapVirtualKeyExA
GetWindowRgn
SubtractRect
CharUpperBuffA
CopyIcon
GetUpdateRect
FrameRect
CreateMenu
InvalidateRect
IsIconic
LoadMenuW
RemoveMenu
ModifyMenuA
InsertMenuA
GetSubMenu
GetMenuItemInfoA
GetMenuState
GetMenuItemID
TranslateMDISysAccel
DrawMenuBar
DefMDIChildProcA
DefFrameProcA
WaitMessage
IsMenu
ScrollWindow
UpdateLayeredWindow
SetTimer
GetActiveWindow
LoadCursorA
IsWindow
SetCursor
IsWindowVisible
EnableWindow
GetCursorPos
KillTimer
GetParent
SetRectEmpty
SetRect
GetDC
MessageBoxA
OffsetRect
IsRectEmpty
PtInRect
EqualRect
InflateRect
IntersectRect
FillRect
ClientToScreen
DrawIconEx
PostMessageA
RegisterWindowMessageA
ReleaseCapture
GetKeyState
SetCapture
WindowFromDC
DeleteMenu
AppendMenuA
CheckMenuItem
EnableMenuItem
GetMenuItemCount
DrawFocusRect

gdi32

DeleteObject
SelectClipRgn
GetViewportExtEx
GetWindowExtEx
GetPixel
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
OffsetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
ExtSelectClipRgn
DeleteDC
CreatePatternBrush
SelectPalette
GetObjectType
CreateHatchBrush
SetRectRgn
GetCharWidthA
LPtoDP
GetTextMetricsA
CreateDIBitmap
EnumFontFamiliesA
GetTextCharsetInfo
EnumFontFamiliesExA
GetPaletteEntries
GetNearestPaletteIndex
Polyline
Polygon
SetDIBColorTable
SetPixel
GetWindowOrgEx
GetViewportOrgEx
FrameRgn
GetBoundsRect
ExtFloodFill
SetPaletteEntries
SetPixelV
GetTextFaceA
SetStretchBltMode
SetROP2
GetLayout
SetLayout
SetTextAlign
MoveToEx
LineTo
CreateRectRgn
CreateBitmap
CreateSolidBrush
GetRgnBox
CreatePolygonRgn
CreateCompatibleBitmap
IntersectClipRect
SetBitmapBits
GetSystemPaletteEntries
CreatePalette
GetTextExtentPoint32A
ExcludeClipRect
GetClipBox
SetMapMode
RoundRect
CombineRgn
CreateRoundRectRgn
CreateRectRgnIndirect
GetObjectA
CreateFontIndirectA
CreatePen
StretchDIBits
GetStockObject
SetPolyFillMode
RestoreDC
SaveDC
SetBkColor
SetTextColor
CreateDCA
CopyMetaFileA
GetTextExtentPoint32W
CreateDIBSection
SetDIBits
GdiFlush
DPtoLP
GetMapMode
SetBkMode
PtInRegion
SelectObject
PatBlt
GetDeviceCaps
GetCurrentObject
Pie
GetTextColor
GetBkColor
RealizePalette
CreateHalftonePalette
CreateFontA
OffsetRgn
CreateEllipticRgn
GetClipRgn
SetICMMode
TextOutW
GetTextAlign
StretchBlt
BitBlt
Rectangle
Ellipse
Arc
FillRgn
CreateCompatibleDC
CreateEllipticRgnIndirect

msimg32

TransparentBlt
AlphaBlend

comdlg32

GetFileTitleA

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

advapi32

RegDeleteKeyA
RegQueryValueExA
RegOpenKeyExA
GetSidSubAuthority
GetSidSubAuthorityCount
GetTokenInformation
OpenProcessToken
RegEnumKeyExA
RegEnumValueA
RegQueryValueA
RegEnumKeyA
RegCloseKey
RegDeleteValueA
RegSetValueExA
RegCreateKeyExA

shell32

ShellExecuteExA
Shell_NotifyIconA
SHGetFolderPathA
SHGetMalloc
SHGetPathFromIDListA
SHAppBarMessage
SHGetSpecialFolderLocation
SHGetDesktopFolder
ShellExecuteA
SHGetFileInfoA
DragQueryFileA
DragFinish
SHBrowseForFolderA

comctl32

ImageList_Create
ImageList_GetIconSize

shlwapi

PathIsUNCA
UrlUnescapeA
PathFindExtensionA
PathFindFileNameA
PathStripToRootA
PathRemoveFileSpecW

ole32

CoInitializeEx
CoGetClassObject
CoDisconnectObject
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
OleCreateMenuDescriptor
CLSIDFromString
CLSIDFromProgID
CoCreateGuid
OleDuplicateData
CoTaskMemAlloc
ReleaseStgMedium
CoUninitialize
CoInitialize
OleUninitialize
OleInitialize
OleRun
CoCreateInstance
CoTaskMemFree
StgOpenStorageOnILockBytes
CoFreeUnusedLibraries
CreateStreamOnHGlobal
RevokeDragDrop
CoLockObjectExternal
RegisterDragDrop
OleGetClipboard
CoRegisterMessageFilter
CoRevokeClassObject
DoDragDrop
OleFlushClipboard
OleIsCurrentClipboard
OleLockRunning
IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor

oleaut32

SysAllocStringLen
SysAllocString
SysAllocStringByteLen
SysFreeString
VariantClear
VariantInit
VariantCopy
VariantChangeType
SafeArrayDestroy
SafeArrayAccessData
SafeArrayCreateVector
OleCreateFontIndirect
SysStringLen
VarUdateFromDate
VarBstrFromDate
LoadTypeLi
VarDateFromStr
SystemTimeToVariantTime
VariantTimeToSystemTime
GetErrorInfo

oledlg

ord8

oleacc

LresultFromObject
AccessibleObjectFromWindow
CreateStdAccessibleObject

gdiplus

GdipBitmapUnlockBits
GdipDrawImageI
GdipGetImageGraphicsContext
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStream
GdipGetImagePalette
GdipGetImagePaletteSize
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipCloneImage
GdipDrawImageRectI
GdipSetInterpolationMode
GdipCreateFromHDC
GdiplusStartup
GdipCreateBitmapFromHBITMAP
GdipDisposeImage
GdipDeleteGraphics
GdipAlloc
GdipFree
GdiplusShutdown

wininet

InternetSetCookieA
InternetSetOptionA
InternetCrackUrlA
InternetCanonicalizeUrlA
InternetSetOptionExA
InternetGetCookieA
HttpOpenRequestA
InternetConnectA
HttpSendRequestA
InternetReadFile
InternetWriteFile
InternetSetFilePointer
InternetSetStatusCallback
InternetOpenA
InternetGetLastResponseInfoA
InternetCloseHandle
HttpQueryInfoA
HttpAddRequestHeadersA
InternetErrorDlg
InternetQueryDataAvailable

imm32

ImmGetOpenStatus
ImmReleaseContext
ImmGetContext

Sections

.text
Size: 3.6MB - Virtual size: 3.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 842KB - Virtual size: 842KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 160KB - Virtual size: 227KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 264KB - Virtual size: 263KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 313KB - Virtual size: 313KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1e0ed8db2ed94cbd5a96f681c86725f6

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3bCertificate

Extended Key Usages

Key Usages

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50Certificate

Extended Key Usages

Key Usages

4c:25:46:68:e9:8e:c5:55:ef:ec:4f:bf:3b:1d:66:a3Certificate

Extended Key Usages

Key Usages

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7Certificate

Extended Key Usages

Key Usages

cb:3b:45:c9:18:3e:57:9c:e5:98:ad:3f:d8:da:36:0f:ca:e0:b0:3cSigner

Headers

DLL Characteristics

File Characteristics

Imports

psapi

ws2_32

winmm

kernel32

user32

gdi32

msimg32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

ole32

oleaut32

oledlg

oleacc

gdiplus

wininet

imm32

Sections

.text Size: 3.6MB - Virtual size: 3.6MB

.rdata Size: 842KB - Virtual size: 842KB

.data Size: 160KB - Virtual size: 227KB

.rsrc Size: 264KB - Virtual size: 263KB

.reloc Size: 313KB - Virtual size: 313KB

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

4c:25:46:68:e9:8e:c5:55:ef:ec:4f:bf:3b:1d:66:a3
Certificate

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

cb:3b:45:c9:18:3e:57:9c:e5:98:ad:3f:d8:da:36:0f:ca:e0:b0:3c
Signer

.text
Size: 3.6MB - Virtual size: 3.6MB

.rdata
Size: 842KB - Virtual size: 842KB

.data
Size: 160KB - Virtual size: 227KB

.rsrc
Size: 264KB - Virtual size: 263KB

.reloc
Size: 313KB - Virtual size: 313KB