DiskView[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

DiskView.exe
Size

567KB
MD5

16ccd5f530a930d9a03e3e06a6e1ec1b
SHA1

21963aec7ee0cb808ad25209923be500ccd5948e
SHA256

d186dac0a61eb1331d1371c733ec4b1925baed55f3c17f67efece537496050ff
SHA512

19b030bd44961faab7f318616d7e61f77cabae7a34dfc4677e87f407967e9eaa319964e29a3e861f21f570f204480c7ac6674a1bac4e1947aec7db606eace656
SSDEEP

12288:JWxhW1CGbjzjhTwfvY2CHNskW7KWsJV6YwdZ4vXy:JCCjt+vY2CmkW7KBJQYYZEy

Score

1^/10

Malware Config

Signatures

Files

DiskView.exe
.exe windows:5 windows x86

84e4b934930a4a3de022531392bdce11

Code Sign

2e:ab:11:dc:50:ff:5c:9d:cb:c0
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

22-08-2007 22:31

Not After

25-08-2012 07:00

Subject

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:01:cf:3e:00:00:00:00:00:0f
Certificate

Issuer

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

07-12-2009 22:40

Not After

07-03-2011 22:40

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

6a:0b:99:4f:c0:00:25:ab:11:db:45:1f:58:7a:67:a2
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

16-09-2006 01:04

Not After

15-09-2019 07:00

Subject

CN=Microsoft Timestamping PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:05:a2:30:00:00:00:00:00:08
Certificate

Issuer

CN=Microsoft Timestamping PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

25-07-2008 19:01

Not After

25-07-2013 19:11

Subject

CN=Microsoft Time-Stamp Service,OU=MOPR+OU=nCipher DSE ESN:85D3-305C-5BCF,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

48:4a:a2:5b:b7:a4:dd:04:56:31:a4:6d:8d:ad:ff:fc:4e:10:cb:1d
Signer

Actual PE Digest

48:4a:a2:5b:b7:a4:dd:04:56:31:a4:6d:8d:ad:ff:fc:4e:10:cb:1d

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ord17
ImageList_SetBkColor
ImageList_ReplaceIcon
ImageList_Create

kernel32

WideCharToMultiByte
MultiByteToWideChar
GetDriveTypeW
GetLogicalDriveStringsW
GetVersionExW
SetErrorMode
LocalFree
LocalAlloc
HeapAlloc
RtlUnwind
GetCurrentProcess
FindResourceW
LoadResource
lstrlenW
SetEnvironmentVariableA
CompareStringW
CompareStringA
GetLocaleInfoW
GetTimeZoneInformation
ReadFile
GetProcessHeap
SetEndOfFile
CreateFileA
LoadLibraryA
InterlockedExchange
FreeLibrary
SetConsoleCtrlHandler
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
GetDateFormatA
GetTimeFormatA
GetStringTypeW
GetStringTypeA
LCMapStringA
InitializeCriticalSectionAndSpinCount
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SizeofResource
FlushFileBuffers
SetStdHandle
GetSystemTimeAsFileTime
GetDiskFreeSpaceW
GetTickCount
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
LCMapStringW
GetModuleHandleA
HeapSize
GetModuleFileNameA
ExitProcess
Sleep
GetFileType
GetStdHandle
SetHandleCount
VirtualAlloc
VirtualFree
HeapDestroy
HeapCreate
FatalAppExitA
GetCurrentThread
GetCurrentThreadId
SetLastError
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
GetConsoleMode
GetConsoleCP
WriteFile
GetStartupInfoA
GetCommandLineA
CreateThread
ResumeThread
ExitThread
HeapFree
RaiseException
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
LockResource
DeviceIoControl
FindNextFileW
CreateFileW
InterlockedDecrement
FormatMessageW
GetLastError
FindFirstFileW
FindClose
LoadLibraryW
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
InterlockedIncrement
GetModuleFileNameW
GetFileAttributesW
ExpandEnvironmentStringsW
GetCommandLineW
CreateProcessW
DeleteFileW
GetExitCodeProcess
WaitForSingleObject
CloseHandle
GetModuleHandleW
GetCurrentProcessId
GetProcAddress
SetFilePointer
HeapReAlloc

user32

SendMessageW
ShowWindow
CreatePopupMenu
InsertMenuItemW
GetCursorPos
TrackPopupMenu
LoadImageW
DialogBoxIndirectParamW
SetWindowTextW
SetCursor
InflateRect
LoadIconW
LoadAcceleratorsW
GetMessageW
TranslateAcceleratorW
TranslateMessage
IsDialogMessageW
DispatchMessageW
PostQuitMessage
CheckDlgButton
CreateDialogParamW
GetMenu
CheckMenuItem
GetDlgItemTextW
DialogBoxParamW
LoadCursorW
RegisterClassExW
CreateWindowExW
CallWindowProcW
IsZoomed
PtInRect
DrawFrameControl
GetWindowTextW
GetSysColorBrush
SetWindowLongW
ChildWindowFromPoint
SetCapture
ReleaseCapture
EnableWindow
SetTimer
KillTimer
SetForegroundWindow
DestroyWindow
SetFocus
GetDlgItemInt
SetDlgItemInt
SetDlgItemTextW
GetScrollInfo
IsWindowEnabled
DrawTextW
SetScrollInfo
GetFocus
DrawFocusRect
ScrollWindowEx
UpdateWindow
DefWindowProcW
BeginPaint
GetDlgItem
MapWindowPoints
FillRect
EndPaint
EndDialog
SetPropW
GetPropW
BeginDeferWindowPos
EnumChildWindows
EndDeferWindowPos
GetClientRect
GetSystemMetrics
UnionRect
GetParent
GetClassNameW
GetWindowLongW
InvalidateRect
DeferWindowPos
GetWindowRect
ScreenToClient
GetSysColor
OffsetRect
GetDC
ReleaseDC
MessageBoxW

gdi32

SetMapMode
StartDocW
StartPage
EndPage
EndDoc
GetObjectW
CreateFontIndirectW
GetStockObject
PolyPolygon
SetTextColor
SetBkColor
SetBkMode
CreateCompatibleBitmap
BitBlt
CreateDIBSection
CreateCompatibleDC
SelectObject
DeleteDC
DeleteObject
CreateSolidBrush
GetDeviceCaps

comdlg32

GetOpenFileNameW
GetSaveFileNameW
PrintDlgW

advapi32

RegCloseKey
RegCreateKeyW
RegQueryValueExW
RegSetValueExW

shell32

CommandLineToArgvW
ShellExecuteW

ole32

CreateBindCtx

oleaut32

VariantChangeType
VariantClear
VariantInit
SetErrorInfo
GetErrorInfo
CreateErrorInfo
SysAllocStringByteLen
SysAllocString
SysStringLen
SysFreeString

Sections

.text
Size: 201KB - Virtual size: 201KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 35KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 1.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 318KB - Virtual size: 318KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

84e4b934930a4a3de022531392bdce11

Code Sign

2e:ab:11:dc:50:ff:5c:9d:cb:c0Certificate

Extended Key Usages

Key Usages

61:01:cf:3e:00:00:00:00:00:0fCertificate

Extended Key Usages

Key Usages

6a:0b:99:4f:c0:00:25:ab:11:db:45:1f:58:7a:67:a2Certificate

Extended Key Usages

Key Usages

61:05:a2:30:00:00:00:00:00:08Certificate

Extended Key Usages

Key Usages

48:4a:a2:5b:b7:a4:dd:04:56:31:a4:6d:8d:ad:ff:fc:4e:10:cb:1dSigner

Headers

DLL Characteristics

File Characteristics

Imports

comctl32

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

Sections

.text Size: 201KB - Virtual size: 201KB

.rdata Size: 35KB - Virtual size: 34KB

.data Size: 5KB - Virtual size: 1.0MB

.rsrc Size: 318KB - Virtual size: 318KB

2e:ab:11:dc:50:ff:5c:9d:cb:c0
Certificate

61:01:cf:3e:00:00:00:00:00:0f
Certificate

6a:0b:99:4f:c0:00:25:ab:11:db:45:1f:58:7a:67:a2
Certificate

61:05:a2:30:00:00:00:00:00:08
Certificate

48:4a:a2:5b:b7:a4:dd:04:56:31:a4:6d:8d:ad:ff:fc:4e:10:cb:1d
Signer

.text
Size: 201KB - Virtual size: 201KB

.rdata
Size: 35KB - Virtual size: 34KB

.data
Size: 5KB - Virtual size: 1.0MB

.rsrc
Size: 318KB - Virtual size: 318KB