06005a920651a2c9451891f5a137de82

Sharing

Copy URL

Twitter E-mail

General

Target

06005a920651a2c9451891f5a137de82
Size

56KB
MD5

06005a920651a2c9451891f5a137de82
SHA1

e5236dc15a8aa028e42d5b409bd50ad704dab309
SHA256

00980dbc97e34c5b7cb0e76de2f3b866af59705673de633cc10ca1268d4fa337
SHA512

5139a70a91fe30ae5eca054f9caaf98700f125b3cad836d904de89937bd651ddebb56f0552ac847257b256926a3ba522d2024a4dc4e0fc10624dc7f154c6fccb
SSDEEP

768:KB8BspJAcsI5iKgfYaP8mIPnNKFLFw4LBT8ssO+wcSDPnGMEad8:KBlFskg1kP4jOGDvlEy8

Score

1^/10

Malware Config

Signatures

Files

06005a920651a2c9451891f5a137de82
.dll windows:5 windows x86 arch:x86

73054a8db131c60c892ce6fde5c03536

Code Sign

37:a4:2c:ff:86:a6:ef:af:4c:0d:60:05:d7:bf:d6:97
Certificate

Issuer

CN=63wyw23

Not Before

10-02-2012 05:45

Not After

31-12-2039 23:59

Subject

CN=63wyw23

Extended Key Usages

ExtKeyUsageCodeSigning

f2:6a:ea:ab:1a:3b:7e:44:7b:cb:3b:e3:64:bf:8d:b6:97:89:d8:78
Signer

Actual PE Digest

f2:6a:ea:ab:1a:3b:7e:44:7b:cb:3b:e3:64:bf:8d:b6:97:89:d8:78

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

lstrcatW
GetWindowsDirectoryW
LoadLibraryA
GetProcAddress
GetSystemInfo
VirtualAlloc
CreateFileW

user32

InsertMenuA
InsertMenuItemA
IntersectRect
InvalidateRgn
InvertRect
IsCharAlphaW
IsCharUpperA
IsRectEmpty
IsWindowUnicode
KillTimer
LoadAcceleratorsW
LoadBitmapA
LoadBitmapW
LoadCursorA
LoadCursorFromFileW
LoadMenuA
LockSetForegroundWindow
MapVirtualKeyA
MessageBoxExW
MessageBoxIndirectW
ModifyMenuA
MonitorFromPoint
NotifyWinEvent
OffsetRect
OpenDesktopW
PaintDesktop
PostMessageA
PostMessageW
PostThreadMessageA
RealChildWindowFromPoint
RealGetWindowClass
RedrawWindow
RegisterClassA
RegisterClassExA
InflateRect
RegisterClassW
RegisterHotKey
RegisterShellHookWindow
RegisterWindowMessageA
RemoveMenu
ScrollDC
ScrollWindowEx
SendDlgItemMessageW
SendIMEMessageExA
SendMessageCallbackW
SendMessageTimeoutA
SendMessageTimeoutW
SendMessageW
SetCaretPos
SetDlgItemTextA
SetForegroundWindow
SetMenuDefaultItem
SetMenuInfo
SetMenuItemInfoW
SetMessageQueue
SetParent
SetProcessWindowStation
SetScrollInfo
SetThreadDesktop
SetUserObjectInformationW
SetWindowContextHelpId
SetWindowLongA
SetWindowTextA
SetWindowsHookA
SubtractRect
SystemParametersInfoW
TranslateAccelerator
TranslateAcceleratorW
UnregisterDeviceNotification
UpdateWindow
VkKeyScanA
WINNLSGetIMEHotkey
WaitMessage
WinHelpA
wvsprintfA
wvsprintfW
IMPSetIMEW
HiliteMenuItem
HideCaret
GetWindowModuleFileNameA
GetWindowLongA
GetWindowDC
GetUpdateRgn
GetTitleBarInfo
GetSystemMenu
GetScrollInfo
GetPropW
GetPropA
GetParent
GetNextDlgGroupItem
GetMonitorInfoW
GetMessagePos
GetMessageExtraInfo
GetMenuStringA
GetMenuItemID
GetMenuItemCount
GetKeyboardLayoutNameW
GetKeyboardLayoutList
GetKeyNameTextW
GetKBCodePage
GetInputState
GetDlgItemTextA
GetCursorPos
GetCursorInfo
GetCursor
GetComboBoxInfo
GetClipboardFormatNameW
GetClipboardData
GetClipCursor
GetClassNameW
GetClassLongA
GetCaretBlinkTime
GetAsyncKeyState
GetAltTabInfoW
GetActiveWindow
FrameRect
ExcludeUpdateRgn
EnumWindowStationsA
EnumDisplaySettingsExW
EnumDisplayDevicesA
EnumDesktopsW
EnumDesktopWindows
EnumChildWindows
EndTask
EnableMenuItem
DrawStateA
DrawIcon
DrawFrameControl
DrawFrame
DragObject
DlgDirListW
DispatchMessageW
DestroyCaret
DefWindowProcW
DdeSetUserHandle
DdeQueryStringW
DdeQueryNextServer
DdePostAdvise
DdeKeepStringHandle
DdeInitializeA
DdeGetData
DdeFreeStringHandle
DdeDisconnectList
DdeCreateStringHandleW
DdeConnect
DdeCmpStringHandles
DdeAbandonTransaction
CreateMenu
CreateIconIndirect
CreateCursor
CreateAcceleratorTableA
CountClipboardFormats
CopyIcon
CopyAcceleratorTableA
CloseWindow
ClientToScreen
CheckMenuItem
CharUpperBuffW
CharUpperA
CharToOemA
CharPrevW
CharLowerBuffW
CharLowerBuffA
CharLowerA
ChangeMenuW
ChangeDisplaySettingsExA
CascadeWindows
CascadeChildWindows
CallMsgFilterA
BringWindowToTop
BlockInput
AttachThreadInput
AdjustWindowRect
RegisterClassExW

shell32

Shell_NotifyIconW
Shell_NotifyIconA
Shell_NotifyIcon
ShellHookProc
ShellExecuteW
ShellExecuteExW
ShellExecuteExA
ShellExecuteEx
ShellExecuteA
ShellAboutW
SHQueryRecycleBinW
SHQueryRecycleBinA
SHPathPrepareForWriteW
SHPathPrepareForWriteA
SHLoadNonloadedIconOverlayIdentifiers
SHLoadInProc
SHIsFileAvailableOffline
CheckEscapesW
CommandLineToArgvW
DoEnvironmentSubstA
DoEnvironmentSubstW
DragAcceptFiles
DragFinish
DragQueryFile
DragQueryFileA
DragQueryFileAorW
DragQueryFileW
DragQueryPoint
DuplicateIcon
ExtractAssociatedIconA
ExtractAssociatedIconExA
ExtractAssociatedIconExW
ExtractAssociatedIconW
ExtractIconA
ExtractIconEx
ExtractIconExW
ExtractIconW
FindExecutableA
FindExecutableW
SHAddToRecentDocs
SHAppBarMessage
SHBindToParent
SHBrowseForFolder
SHBrowseForFolderA
SHBrowseForFolderW
SHChangeNotify
SHCreateDirectoryExA
SHCreateDirectoryExW
SHCreateProcessAsUserW
SHEmptyRecycleBinA
SHEmptyRecycleBinW
SHFileOperation
SHFileOperationA
SHFileOperationW
SHFormatDrive
SHFreeNameMappings
SHGetDataFromIDListA
SHGetDesktopFolder
SHGetDiskFreeSpaceA
SHGetDiskFreeSpaceExA
SHGetDiskFreeSpaceExW
SHGetFileInfo
SHGetFileInfoA
SHGetFileInfoW
SHGetFolderLocation
SHGetFolderPathA
SHGetFolderPathW
SHGetIconOverlayIndexA
SHGetIconOverlayIndexW
SHGetMalloc
SHGetPathFromIDListA
SHGetPathFromIDListW
SHGetSettings
SHGetSpecialFolderLocation
SHGetSpecialFolderPathA
SHGetSpecialFolderPathW
SHInvokePrinterCommandA
SHInvokePrinterCommandW
WOWShellExecute

shlwapi

StrChrIA
StrChrIW
StrChrW
StrCmpNA
StrCmpNIA
StrCmpNIW
StrCmpNW
StrRChrIA
StrRChrIW
StrRChrW
StrRStrIA
StrRStrIW
StrStrA
StrStrIA
StrStrIW
StrStrW
StrChrA

Sections

.text
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 516B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text7
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text5
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text6
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

73054a8db131c60c892ce6fde5c03536

Code Sign

37:a4:2c:ff:86:a6:ef:af:4c:0d:60:05:d7:bf:d6:97Certificate

Extended Key Usages

f2:6a:ea:ab:1a:3b:7e:44:7b:cb:3b:e3:64:bf:8d:b6:97:89:d8:78Signer

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

shell32

shlwapi

Sections

.text Size: 11KB - Virtual size: 10KB

.data Size: 512B - Virtual size: 516B

.text7 Size: 1024B - Virtual size: 1000B

.text5 Size: 19KB - Virtual size: 19KB

.text6 Size: 2KB - Virtual size: 1KB

.rsrc Size: 18KB - Virtual size: 18KB

.reloc Size: 2KB - Virtual size: 2KB

37:a4:2c:ff:86:a6:ef:af:4c:0d:60:05:d7:bf:d6:97
Certificate

f2:6a:ea:ab:1a:3b:7e:44:7b:cb:3b:e3:64:bf:8d:b6:97:89:d8:78
Signer

.text
Size: 11KB - Virtual size: 10KB

.data
Size: 512B - Virtual size: 516B

.text7
Size: 1024B - Virtual size: 1000B

.text5
Size: 19KB - Virtual size: 19KB

.text6
Size: 2KB - Virtual size: 1KB

.rsrc
Size: 18KB - Virtual size: 18KB

.reloc
Size: 2KB - Virtual size: 2KB