aa022ed8c385acd761375cf3ef9135b76956604894fe18425868d7fe10c10d10

Sharing

Copy URL Twitter E-mail

General

Target

aa022ed8c385acd761375cf3ef9135b76956604894fe18425868d7fe10c10d10
Size

3.4MB
MD5

8fdeefbf0d0aa8e538ac19a594582b76
SHA1

933c05d05e9c12cef5a438dd0b38b5c4a4cb1174
SHA256

aa022ed8c385acd761375cf3ef9135b76956604894fe18425868d7fe10c10d10
SHA512

6a3d2fa4eb0001f0344ff1eaa23a0ebfb0e82c7ba4d2e95a75920982f63b96f2454259086cb8e3678bf200ef3645a25a0bcc782235fe6a906296e8dd88feece7
SSDEEP

49152:qgmSt4GVs/sMS86r4J16RnEG0zT7p9OE7trRVv6z3RWZx7u7u6xh:qght4GksNRrZnEGojVnMRWZ1u7uc

Score

1^/10

Malware Config

Signatures

Files

aa022ed8c385acd761375cf3ef9135b76956604894fe18425868d7fe10c10d10
.exe windows:5 windows x86 arch:x86

8e23f76e8a39c1ab7b22c39429578897

Code Sign

06:cd:53:28:49:6e:09:da:53:27:ba:46:57:d0:9f:15
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

20/07/2013, 00:00

Not After

17/09/2016, 23:59

Subject

CN=fufu��,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=fufu��,L=Mongkok,ST=Kowloon,C=HK

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

ef:e7:74:b1:23:af:00:c5:b9:0f:4c:78:cf:dd:05:d8:4b:83:fa:85
Signer

Actual PE Digest

ef:e7:74:b1:23:af:00:c5:b9:0f:4c:78:cf:dd:05:d8:4b:83:fa:85

Digest Algorithm

sha1

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFileSize
Process32First
GetCurrentThread
ReadFile
CreateDirectoryA
CreateFileA
LoadLibraryA
Process32Next
CreateToolhelp32Snapshot
CloseHandle
DeleteFileA
SetFilePointer
GetThreadContext
ExitProcess
GetProcAddress
Sleep
OpenEventA
FileTimeToLocalFileTime
UnmapViewOfFile
MapViewOfFile
CreateFileMappingA
SystemTimeToFileTime
SetFileTime
SetEnvironmentVariableA
GetProcessHeap
CreateFileW
GetTimeZoneInformation
EnumSystemLocalesA
IsValidLocale
CompareStringW
LCMapStringW
GetStringTypeW
GetEnvironmentStringsW
FreeEnvironmentStringsW
QueryPerformanceCounter
GetLocaleInfoW
GetConsoleMode
GetConsoleCP
HeapCreate
HeapFree
HeapQueryInformation
HeapSize
HeapReAlloc
HeapAlloc
IsProcessorFeaturePresent
SetHandleCount
IsValidCodePage
SetStdHandle
OutputDebugStringW
GetFileType
WriteConsoleW
OutputDebugStringA
GetStdHandle
GetSystemTimeAsFileTime
ExitThread
CreateThread
VirtualQuery
GetSystemInfo
VirtualAlloc
RaiseException
RtlUnwind
GetStartupInfoW
HeapSetInformation
GetCommandLineA
IsBadReadPtr
HeapValidate
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
DecodePointer
EncodePointer
InitializeCriticalSectionAndSpinCount
SearchPathA
GetFileAttributesExA
GetFileSizeEx
GetUserDefaultLCID
GetFileTime
FindResourceExW
GetTempPathA
GetTempFileNameA
GetNumberFormatA
GetWindowsDirectoryA
lstrcmpiA
GetFullPathNameA
GetVolumeInformationA
FindFirstFileA
FindClose
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
GetCurrentProcess
DuplicateHandle
GetHandleInformation
FileTimeToSystemTime
GetProfileIntA
VirtualProtect
lstrcpyA
GetACP
TlsGetValue
LocalReAlloc
TlsSetValue
GlobalReAlloc
TlsFree
GlobalHandle
TlsAlloc
LocalAlloc
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSection
InterlockedIncrement
GetOEMCP
GetCPInfo
GlobalFlags
GetAtomNameA
SetErrorMode
InterlockedDecrement
GetModuleFileNameW
ReleaseActCtx
CreateActCtxW
GetTickCount
SetEvent
WritePrivateProfileStringA
GetPrivateProfileStringA
GetPrivateProfileIntA
InterlockedExchange
GetModuleHandleW
lstrcmpA
GetLocaleInfoA
GetUserDefaultUILanguage
ConvertDefaultLocale
GetSystemDefaultUILanguage
GetModuleFileNameA
MulDiv
lstrlenW
CopyFileA
GlobalSize
GlobalAlloc
FormatMessageA
LocalFree
GlobalFree
ResumeThread
SetThreadPriority
GlobalLock
GlobalUnlock
GetCurrentProcessId
lstrlenA
WideCharToMultiByte
SizeofResource
FindResourceW
CompareStringA
LoadLibraryW
MultiByteToWideChar
GetVersionExA
FindResourceA
LoadResource
LockResource
FreeResource
lstrcmpW
FreeLibrary
GetCurrentThreadId
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
GetModuleHandleA
ActivateActCtx
GetLastError
DeactivateActCtx
SetLastError
LocalFileTimeToFileTime
GetCurrentDirectoryA
GetFileAttributesA
WriteFile
WaitForSingleObject

user32

WindowFromPoint
SetParent
ShowScrollBar
GetNextDlgTabItem
GetNextDlgGroupItem
SetCapture
KillTimer
SetTimer
EnableScrollBar
RedrawWindow
LockWindowUpdate
ShowOwnedPopups
IsWindowVisible
ValidateRect
InvalidateRect
GetUpdateRect
UpdateWindow
GetWindowDC
EndPaint
BeginPaint
ClientToScreen
GetWindowRgn
SetWindowRgn
IsIconic
GetSystemMenu
DrawMenuBar
MoveWindow
SetWindowTextA
IsDialogMessageA
CheckDlgButton
MapDialogRect
LoadImageA
DestroyIcon
GetLastActivePopup
BringWindowToTop
UnpackDDElParam
ReuseDDElParam
DestroyMenu
GetWindowThreadProcessId
GetActiveWindow
ShowWindow
GetDesktopWindow
IsWindowEnabled
EnableWindow
SetCursor
PostMessageA
ReleaseCapture
TranslateAcceleratorA
LoadAcceleratorsA
ReleaseDC
SetRectEmpty
IsZoomed
GetSystemMetrics
GetMenuCheckMarkDimensions
RegisterWindowMessageA
MessageBoxA
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
LoadIconW
LoadIconA
SendDlgItemMessageA
MonitorFromWindow
GetMonitorInfoA
GetClientRect
MapWindowPoints
GetSysColor
PeekMessageA
DispatchMessageA
SetActiveWindow
SetFocus
AdjustWindowRectEx
ScreenToClient
EqualRect
PostQuitMessage
BeginDeferWindowPos
CopyRect
EndDeferWindowPos
ScrollWindow
GetWindowRect
GetScrollInfo
SetScrollInfo
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
GetTopWindow
IsChild
GetParent
GetWindow
GetCapture
WinHelpA
TrackPopupMenu
SetWindowPlacement
GetWindowPlacement
GetDlgItem
GetWindowTextLengthA
GetWindowTextA
GetKeyState
DestroyWindow
SendMessageA
GetDlgCtrlID
SetWindowsHookExA
CallNextHookEx
GetClassLongA
GetClassNameA
SetPropA
UnhookWindowsHookEx
GetPropA
CallWindowProcA
RemovePropA
DefWindowProcA
SetMenu
GetMenu
GetMessageTime
GetMessagePos
IsWindow
GetWindowLongA
SetWindowLongA
SetWindowPos
LoadMenuW
LoadMenuA
SetMenuItemBitmaps
TranslateMessage
GetMessageA
GetCursorPos
RegisterClipboardFormatA
RemoveMenu
ModifyMenuA
GetDC
wsprintfA
InsertMenuItemA
InsertMenuA
GetSubMenu
GetMenuItemInfoA
GetMenuStringA
GetMenuState
GetMenuItemID
GetMenuItemCount
GetMenuDefaultItem
SetMenuDefaultItem
EnableMenuItem
CheckMenuItem
AppendMenuA
DeleteMenu
IsMenu
OpenClipboard
HideCaret
SetForegroundWindow
GetForegroundWindow
NotifyWinEvent
CreatePopupMenu
CreateMenu
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
DrawFocusRect
DrawFrameControl
DrawEdge
PostThreadMessageA
LoadCursorA
LoadCursorW
CreateDialogIndirectParamA
GetFocus
EndDialog
SubtractRect
UnionRect
IntersectRect
InflateRect
SetRect
GetSysColorBrush
LoadBitmapW
FillRect
FrameRect
InvertRect
DrawIcon
DrawStateA
GetKeyNameTextA
MapVirtualKeyA
SystemParametersInfoA
GetClipboardFormatNameA
RealChildWindowFromPoint
EnumDisplayMonitors
SetLayeredWindowAttributes
GetAsyncKeyState
LoadAcceleratorsW
CharUpperA
CopyAcceleratorTableA
MessageBeep
UnregisterClassA
GetIconInfo
CopyImage
DrawIconEx
DestroyAcceleratorTable
CreateAcceleratorTableA
ToAsciiEx
GetKeyboardLayout
GetKeyboardState
SetCursorPos
SetClassLongA
IsCharLowerA
MapVirtualKeyExA
MonitorFromPoint
UpdateLayeredWindow
OffsetRect
WaitMessage
DestroyCursor
GetDoubleClickTime
IsClipboardFormatAvailable
DefMDIChildProcA
TranslateMDISysAccel
DefFrameProcA
CharUpperBuffA
IsRectEmpty
CopyIcon
PtInRect
EmptyClipboard
CloseClipboard
SetClipboardData
DeferWindowPos
LoadImageW

gdi32

CreateFontIndirectA
CreateBitmap
CreateCompatibleBitmap
CreatePalette
GetPaletteEntries
SetPaletteEntries
GetNearestPaletteIndex
CreateRectRgn
CreateRectRgnIndirect
CreateEllipticRgn
CreatePolygonRgn
CreateRoundRectRgn
SetRectRgn
CombineRgn
OffsetRgn
GetRgnBox
PtInRegion
CreateDCA
CreateCompatibleDC
GetDeviceCaps
SelectObject
RealizePalette
GetBkColor
GetTextColor
GetViewportOrgEx
GetViewportExtEx
GetWindowOrgEx
GetWindowExtEx
DPtoLP
LPtoDP
FillRgn
FrameRgn
PtVisible
RectVisible
Polyline
Ellipse
Polygon
Rectangle
PatBlt
BitBlt
StretchBlt
GetPixel
SetPixel
ExtFloodFill
TextOutA
ExtTextOutA
GetTextExtentPoint32A
GetTextFaceA
GetTextMetricsA
Escape
GetBoundsRect
SetPixelV
SetTextColor
SetBkColor
DeleteDC
DeleteObject
CopyMetaFileA
SaveDC
RestoreDC
SelectPalette
SetBkMode
SetPolyFillMode
SetROP2
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
OffsetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
GetClipBox
SelectClipRgn
ExcludeClipRect
IntersectClipRect
MoveToEx
LineTo
SetTextAlign
CreatePatternBrush
CreateHatchBrush
CreateSolidBrush
CreatePen
GetObjectType
GetStockObject
GetObjectA
GetLayout
SetLayout
ExtSelectClipRgn
EnumFontFamiliesA
EnumFontsW
SetDIBColorTable
EnumFontFamiliesExA
CreateDIBSection
GetSystemPaletteEntries
CreateDIBitmap
GetTextCharsetInfo

msimg32

AlphaBlend
TransparentBlt

comdlg32

GetFileTitleA

winspool.drv

DocumentPropertiesA
ClosePrinter
OpenPrinterA

advapi32

OpenThreadToken
RegCloseKey
RegQueryValueExA
RegOpenKeyExA
RegCreateKeyExA
RegSetValueExA
RegDeleteValueA
RegDeleteKeyA
RegQueryValueA
RegEnumKeyA
RegEnumValueA
RegEnumKeyExA
SetThreadToken
RevertToSelf

shell32

DragFinish
DragQueryFileA
SHGetFileInfoA
SHAppBarMessage
SHBrowseForFolderA
ShellExecuteA
SHGetPathFromIDListA
SHGetSpecialFolderLocation
SHGetDesktopFolder

comctl32

ImageList_GetIconSize

shlwapi

PathFindExtensionA
PathFindFileNameA
PathRemoveFileSpecW
PathIsUNCA
PathIsDirectoryA
PathStripToRootA

ole32

OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
DoDragDrop
CreateStreamOnHGlobal
IsAccelerator
CoInitializeEx
CoUninitialize
CoInitialize
CoCreateInstance
RegisterDragDrop
OleGetClipboard
OleDuplicateData
CoTaskMemFree
OleLockRunning
CoLockObjectExternal
RevokeDragDrop
CoCreateGuid
ReleaseStgMedium
CoTaskMemAlloc
StringFromCLSID

oleaut32

SysStringLen
VarBstrFromDate
SysAllocString
VariantTimeToSystemTime
SystemTimeToVariantTime
SysFreeString
SysAllocStringLen
VariantInit
VariantClear
VariantChangeType

oleacc

LresultFromObject
CreateStdAccessibleObject
AccessibleObjectFromWindow

gdiplus

GdipCreateBitmapFromStream
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipGetImagePalette
GdipGetImagePaletteSize
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipDrawImageI
GdipGetImageGraphicsContext
GdiplusStartup
GdipCreateBitmapFromHBITMAP
GdipAlloc
GdipCloneImage
GdipFree
GdipDisposeImage
GdipDrawImageRectI
GdipSetInterpolationMode
GdipDeleteGraphics
GdipCreateFromHDC
GdiplusShutdown
GdipCreateBitmapFromStreamICM

imm32

ImmGetOpenStatus
ImmReleaseContext
ImmGetContext

winmm

PlaySoundA

Sections

.text
Size: 2.2MB - Virtual size: 2.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 383KB - Virtual size: 383KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 651KB - Virtual size: 682KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 231KB - Virtual size: 230KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8e23f76e8a39c1ab7b22c39429578897

Code Sign

06:cd:53:28:49:6e:09:da:53:27:ba:46:57:d0:9f:15Certificate

Extended Key Usages

Key Usages

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7Certificate

Extended Key Usages

Key Usages

ef:e7:74:b1:23:af:00:c5:b9:0f:4c:78:cf:dd:05:d8:4b:83:fa:85Signer

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

msimg32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

ole32

oleaut32

oleacc

gdiplus

imm32

winmm

Sections

.text Size: 2.2MB - Virtual size: 2.2MB

.rdata Size: 383KB - Virtual size: 383KB

.data Size: 651KB - Virtual size: 682KB

.rsrc Size: 15KB - Virtual size: 14KB

.reloc Size: 231KB - Virtual size: 230KB

06:cd:53:28:49:6e:09:da:53:27:ba:46:57:d0:9f:15
Certificate

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

ef:e7:74:b1:23:af:00:c5:b9:0f:4c:78:cf:dd:05:d8:4b:83:fa:85
Signer

.text
Size: 2.2MB - Virtual size: 2.2MB

.rdata
Size: 383KB - Virtual size: 383KB

.data
Size: 651KB - Virtual size: 682KB

.rsrc
Size: 15KB - Virtual size: 14KB

.reloc
Size: 231KB - Virtual size: 230KB