434286c2ab0c6e750cb6a3f2676300c3

Sharing

Copy URL Twitter E-mail

General

Target

434286c2ab0c6e750cb6a3f2676300c3
Size

118KB
MD5

434286c2ab0c6e750cb6a3f2676300c3
SHA1

4438ef3d6ac2c921af880a0c0ccdc3fc689c64be
SHA256

37294f893deb33f2d5e08b719cc07fcfad3ebcb7138dc76a4329617a53516fff
SHA512

d220dbff80c5d4681ee5d16bb546c831dfc0574cf44e30cb872edb573cc30c1e3dcb8054bbbda236276369cc4be3a9dea29492f2a14dd1d1605bea54751fc6ca
SSDEEP

1536:+qM9UqVfxeUwxi5s/SxN/AbdonWR5FX9BbikbPExSu/MNQfSr71xLpsxBQy:+qM9UqTe9asaxN2LXjbikbwf2nbwBQ

Score

1^/10

Malware Config

Signatures

Files

434286c2ab0c6e750cb6a3f2676300c3
.exe windows:5 windows x86 arch:x86

99c41407424390e152ec9c7cd0696c1d

Code Sign

0b:98:7f:be:4f:8c:1c:ac:4f:91:e6:16:6b:30:f0:df
Certificate

Issuer

CN=we4ty6w46324

Not Before

27/01/2012, 14:14

Not After

31/12/2039, 23:59

Subject

CN=we4ty6w46324

Extended Key Usages

ExtKeyUsageCodeSigning

57:46:f4:f6:4c:27:1c:a4:eb:76:5e:22:2f:2d:ba:da:fe:a3:db:9f
Signer

Actual PE Digest

57:46:f4:f6:4c:27:1c:a4:eb:76:5e:22:2f:2d:ba:da:fe:a3:db:9f

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetConsoleAliasA
GetConsoleAliasesLengthA
GetConsoleFontSize
GetCurrentProcess
GetDateFormatA
GetDateFormatW
GetDefaultCommConfigW
GetExitCodeProcess
GetFileTime
GetLargestConsoleWindowSize
GetLastError
GetLongPathNameW
GetPrivateProfileIntA
GetPrivateProfileSectionA
GetPrivateProfileStructA
GetProcessHeap
GetProcessHeaps
GetProfileIntW
GetQueuedCompletionStatus
GetShortPathNameW
GetStartupInfoA
GetSystemDefaultUILanguage
GetSystemDirectoryW
GetTimeFormatA
GetVersion
GlobalAlloc
GlobalFindAtomW
HeapCreate
IsBadHugeWritePtr
LoadLibraryExW
LockFile
MapUserPhysicalPages
MapViewOfFile
MoveFileA
MoveFileExA
MoveFileWithProgressW
OpenMutexA
GetCalendarInfoA
FreeEnvironmentStringsA
OutputDebugStringA
PeekConsoleInputA
Process32First
Process32FirstW
QueryPerformanceFrequency
QueueUserWorkItem
ReadConsoleInputA
ReadConsoleOutputA
ReadConsoleOutputCharacterW
RtlUnwind
ScrollConsoleScreenBufferA
SetCommTimeouts
SetComputerNameW
SetConsoleMode
SetEnvironmentVariableW
SetFileApisToANSI
SetFileApisToOEM
SetFilePointerEx
SetLocaleInfoA
SetWaitableTimer
SystemTimeToTzSpecificLocalTime
TerminateJobObject
TryEnterCriticalSection
UpdateResourceW
VerLanguageNameA
VirtualAllocEx
VirtualLock
VirtualQueryEx
WaitForDebugEvent
WideCharToMultiByte
WriteConsoleA
WriteFileGather
_lopen
lstrcat
lstrcmp
lstrcmpiA
OpenProcess
GetACP
FormatMessageA
VirtualAlloc
FillConsoleOutputCharacterW
FileTimeToSystemTime
ExitThread
EscapeCommFunction
DosDateTimeToFileTime
DeviceIoControl
DeleteFileW
DebugActiveProcess
CreateTimerQueueTimer
CreateThread
CreateProcessW
CreatePipe
CreateMutexA
CreateEventA
CallNamedPipeW
BackupRead
AddAtomA
LoadLibraryW
GetProcAddress
LoadLibraryA
ExitProcess
OpenSemaphoreW

gdi32

GetStockObject

comdlg32

ReplaceTextW
ReplaceTextA
PrintDlgW
PrintDlgExW
PrintDlgExA
PrintDlgA
PageSetupDlgW
PageSetupDlgA
GetSaveFileNameW
GetSaveFileNameA
GetOpenFileNameW
GetOpenFileNameA
GetFileTitleW
GetFileTitleA
FindTextW
FindTextA
CommDlgExtendedError
ChooseFontW
ChooseFontA
ChooseColorA
ChooseColorW

advapi32

RegOpenKeyExW

shlwapi

AssocQueryKeyW
AssocQueryStringA
ChrCmpIA
PathAddExtensionW
PathAppendA
PathBuildRootW
PathCommonPrefixA
PathCommonPrefixW
PathCompactPathExA
PathFindFileNameW
PathGetCharTypeW
PathGetDriveNumberW
PathIsFileSpecA
PathIsFileSpecW
PathIsLFNFileSpecA
PathIsRootW
PathIsSameRootA
PathIsSystemFolderW
PathIsUNCServerW
PathMakePrettyA
PathMatchSpecA
PathParseIconLocationA
PathQuoteSpacesA
PathRelativePathToA
PathRemoveArgsW
PathRemoveExtensionW
PathRenameExtensionA
PathSearchAndQualifyA
PathSetDlgItemPathW
PathSkipRootA
PathStripToRootA
PathStripToRootW
PathUnExpandEnvStringsW
PathUndecorateA
PathUnmakeSystemFolderA
PathUnmakeSystemFolderW
SHCopyKeyA
ord16
SHDeleteEmptyKeyA
SHDeleteKeyW
SHDeleteValueA
SHEnumKeyExA
SHGetInverseCMAP
SHGetValueA
SHOpenRegStream2A
SHQueryInfoKeyW
SHRegCloseUSKey
SHRegDuplicateHKey
SHRegEnumUSKeyW
SHRegEnumUSValueW
SHRegGetBoolUSValueW
SHRegGetUSValueA
SHRegOpenUSKeyA
SHRegOpenUSKeyW
SHRegSetPathA
SHRegSetPathW
SHStrDupW
StrCSpnIW
StrChrIW
StrCmpIW
StrCmpNIA
StrCpyNW
StrCpyW
StrFormatKBSizeA
StrNCatW
StrPBrkW
StrRChrW
StrSpnA
StrSpnW
StrStrIW
StrToIntA
StrTrimW
UrlCanonicalizeW
UrlCompareA
UrlCreateFromPathA
UrlGetPartA
UrlHashW
UrlIsNoHistoryW
UrlIsOpaqueW
wnsprintfW
wvnsprintfA

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.ttt
Size: 104KB - Virtual size: 104KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 180B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 261KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

99c41407424390e152ec9c7cd0696c1d

Code Sign

0b:98:7f:be:4f:8c:1c:ac:4f:91:e6:16:6b:30:f0:dfCertificate

Extended Key Usages

57:46:f4:f6:4c:27:1c:a4:eb:76:5e:22:2f:2d:ba:da:fe:a3:db:9fSigner

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

gdi32

comdlg32

advapi32

shlwapi

Sections

.text Size: 7KB - Virtual size: 7KB

.ttt Size: 104KB - Virtual size: 104KB

.data Size: 512B - Virtual size: 180B

.rsrc Size: 2KB - Virtual size: 2KB

.reloc Size: 1KB - Virtual size: 261KB

0b:98:7f:be:4f:8c:1c:ac:4f:91:e6:16:6b:30:f0:df
Certificate

57:46:f4:f6:4c:27:1c:a4:eb:76:5e:22:2f:2d:ba:da:fe:a3:db:9f
Signer

.text
Size: 7KB - Virtual size: 7KB

.ttt
Size: 104KB - Virtual size: 104KB

.data
Size: 512B - Virtual size: 180B

.rsrc
Size: 2KB - Virtual size: 2KB

.reloc
Size: 1KB - Virtual size: 261KB