12934166712[.]zip

Sharing

Copy URL Twitter E-mail

General

Target

12934166712.zip
Size

18KB
MD5

b781328cd084d436dd7651814911fce5
SHA1

a060e1fdd6fef8b9a0e61e71814ee0642ca2dfd6
SHA256

d95683363a83e458322cfac3af4c61e557d0f1db295cbdd08ce269c090f8f7b8
SHA512

aa087f30ee1992fb004576fc7dd414461d2e0ac112f02ae857ffbfa50de98af0d49122cbce613d7b4e23600dbe986f5c254a0e70c85213bf35f2fe50cdd997da
SSDEEP

384:g1LFtAt8XzMN0/byop7/6Z2A80ANc1Whq7lnSNxrwRGYMRwaK22aInW1x5TVBM:sCt8pGop7CVzWhQlSNx8RG1gx5W1x1M

Score

1^/10

Malware Config

Signatures

Files

12934166712.zip
.zip

Password: f11
e8fbec25db4f9d95b5e8f41cca51a4b32be8674a4dea7a45b6f7aeb22dbc38db
.exe windows:4 windows x86

Password: f11

98ce7b6533cbd67993e36dafb4e95946

Code Sign

04:00:00:00:00:01:23:9e:0f:ac:b3
Certificate

Issuer

CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE

Not Before

28/01/1999, 13:00

Not After

27/01/2017, 12:00

Subject

CN=GlobalSign Primary Object Publishing CA,OU=Primary Object Publishing CA,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

04:00:00:00:00:01:20:19:c1:90:66
Certificate

Issuer

CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE

Not Before

18/03/2009, 11:00

Not After

28/01/2028, 12:00

Subject

CN=GlobalSign Timestamping CA,OU=Timestamping CA,O=GlobalSign

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

01:00:00:00:00:01:25:b0:b4:cc:01
Certificate

Issuer

CN=GlobalSign Timestamping CA,OU=Timestamping CA,O=GlobalSign

Not Before

21/12/2009, 09:32

Not After

22/12/2020, 09:32

Subject

CN=GlobalSign Time Stamping Authority,O=GlobalSign NV,C=BE

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

01:00:00:00:00:01:30:7a:27:87:2d
Certificate

Issuer

CN=GlobalSign ObjectSign CA,OU=ObjectSign CA,O=GlobalSign nv-sa,C=BE

Not Before

10/06/2011, 14:37

Not After

10/06/2012, 13:56

Subject

CN=Jernej Simoncic,C=SI

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

04:00:00:00:00:01:23:9e:0f:af:24
Certificate

Issuer

CN=GlobalSign Primary Object Publishing CA,OU=Primary Object Publishing CA,O=GlobalSign nv-sa,C=BE

Not Before

22/01/2004, 10:00

Not After

27/01/2017, 10:00

Subject

CN=GlobalSign ObjectSign CA,OU=ObjectSign CA,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

61:2e:98:a6:da:ba:99:9f:46:ee:8c:e8:21:76:e1:0b:77:b6:0c:87
Signer

Actual PE Digest

61:2e:98:a6:da:ba:99:9f:46:ee:8c:e8:21:76:e1:0b:77:b6:0c:87

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

CloseHandle
CreatePipe
CreateProcessA
CreateThread
DeleteCriticalSection
DisconnectNamedPipe
DuplicateHandle
EnterCriticalSection
ExitProcess
ExitThread
FreeConsole
FreeLibrary
GetCurrentProcess
GetLastError
GetModuleHandleA
GetProcAddress
GetStdHandle
InitializeCriticalSection
LeaveCriticalSection
LoadLibraryA
PeekNamedPipe
ReadFile
SetUnhandledExceptionFilter
Sleep
TerminateProcess
TerminateThread
TlsGetValue
VirtualProtect
VirtualQuery
WaitForMultipleObjects
WriteFile

msvcrt

_close
_dup
_itoa
_kbhit
_open
_read
_strcmpi
_strnicmp
_write
__getmainargs
__p__environ
__p__fmode
__set_app_type
_cexit
_errno
_iob
_isatty
_onexit
_setjmp
_setmode
_sleep
_winmajor
abort
atexit
atoi
calloc
exit
fflush
fprintf
fputc
free
fwrite
getenv
gets
longjmp
malloc
memcmp
memcpy
memset
rand
signal
sprintf
srand
strcat
strchr
strcmp
strcpy
strlen
strncmp
strncpy
time
vfprintf

wsock32

WSACleanup
WSAGetLastError
WSASetLastError
WSAStartup
__WSAFDIsSet
accept
bind
closesocket
connect
gethostbyaddr
gethostbyname
getservbyname
getservbyport
getsockname
htons
inet_addr
inet_ntoa
listen
ntohs
recv
recvfrom
select
send
setsockopt
shutdown
socket

Sections

.text
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 92B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 376B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

Password: f11

Password: f11

98ce7b6533cbd67993e36dafb4e95946

Code Sign

04:00:00:00:00:01:23:9e:0f:ac:b3Certificate

Extended Key Usages

Key Usages

04:00:00:00:00:01:20:19:c1:90:66Certificate

Key Usages

01:00:00:00:00:01:25:b0:b4:cc:01Certificate

Extended Key Usages

Key Usages

01:00:00:00:00:01:30:7a:27:87:2dCertificate

Extended Key Usages

Key Usages

04:00:00:00:00:01:23:9e:0f:af:24Certificate

Extended Key Usages

Key Usages

61:2e:98:a6:da:ba:99:9f:46:ee:8c:e8:21:76:e1:0b:77:b6:0c:87Signer

Headers

File Characteristics

Imports

kernel32

msvcrt

wsock32

Sections

.text Size: 21KB - Virtual size: 20KB

.data Size: 512B - Virtual size: 92B

.rdata Size: 4KB - Virtual size: 4KB

.bss Size: - Virtual size: 376B

.idata Size: 3KB - Virtual size: 2KB

.CRT Size: 512B - Virtual size: 24B

.tls Size: 512B - Virtual size: 32B

04:00:00:00:00:01:23:9e:0f:ac:b3
Certificate

04:00:00:00:00:01:20:19:c1:90:66
Certificate

01:00:00:00:00:01:25:b0:b4:cc:01
Certificate

01:00:00:00:00:01:30:7a:27:87:2d
Certificate

04:00:00:00:00:01:23:9e:0f:af:24
Certificate

61:2e:98:a6:da:ba:99:9f:46:ee:8c:e8:21:76:e1:0b:77:b6:0c:87
Signer

.text
Size: 21KB - Virtual size: 20KB

.data
Size: 512B - Virtual size: 92B

.rdata
Size: 4KB - Virtual size: 4KB

.bss
Size: - Virtual size: 376B

.idata
Size: 3KB - Virtual size: 2KB

.CRT
Size: 512B - Virtual size: 24B

.tls
Size: 512B - Virtual size: 32B