1c1335e5ba90803f779270597f24e933

Sharing

Copy URL Twitter E-mail

General

Target

1c1335e5ba90803f779270597f24e933
Size

71KB
MD5

1c1335e5ba90803f779270597f24e933
SHA1

2abdab777eff1a175e839979b2cb4351d687f114
SHA256

3e73863915863bf716f4a842e372b1a2fd56d1a5c95faf7296fa591eb7d90939
SHA512

6e635af78b7de35abd4cfa53ca6adc98e5a0ca967fec3641041aee345424036fe9b5d2592dda987061f852e5caf5c8ce3177d1feb790f1ee522dfd284b4667f7
SSDEEP

768:rNCDp+laU9Zd/NFZOvlTbCSbfSB45/JbSq7ZGyUgTzw79SnMxuQp3uqV+YiVL+bW:pDh9j/NFYjyKzRvTE79V+PwARec

Score

1^/10

Malware Config

Signatures

Files

1c1335e5ba90803f779270597f24e933
.exe windows:5 windows x86 arch:x86

27c356765b9ab8092cbb8eb7c6552602

Code Sign

46:ee:15:bb:9a:4e:fa:74:b9:39:db:2c:e7:08:fd:83
Certificate

Issuer

CN=222222222

Not Before

13/02/2012, 04:39

Not After

31/12/2039, 23:59

Subject

CN=222222222

Extended Key Usages

ExtKeyUsageCodeSigning

90:d8:7f:0f:ce:3d:be:59:65:28:22:b4:75:0f:e0:49:0c:8c:e9:17
Signer

Actual PE Digest

90:d8:7f:0f:ce:3d:be:59:65:28:22:b4:75:0f:e0:49:0c:8c:e9:17

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetSystemInfo
GetProcAddress
LoadLibraryA
VirtualAlloc
GetWindowsDirectoryW

user32

DdeClientTransaction
DdeConnect
DdeDisconnectList
DdeGetLastError
DdeImpersonateClient
DdeReconnect
DefDlgProcA
DefWindowProcW
DeferWindowPos
DestroyAcceleratorTable
DialogBoxParamA
DlgDirListComboBoxA
DlgDirListW
DrawIconEx
EndTask
EnumClipboardFormats
EnumDesktopsA
EnumDisplaySettingsA
EnumDisplaySettingsExW
EnumDisplaySettingsW
EqualRect
ExcludeUpdateRgn
ExitWindowsEx
FillRect
FindWindowExA
FindWindowW
FlashWindowEx
FrameRect
GetActiveWindow
GetClassInfoExW
GetClassNameA
GetClipCursor
GetDC
GetDCEx
GetDlgItemInt
GetDlgItemTextA
GetDlgItemTextW
GetFocus
GetGUIThreadInfo
GetIconInfo
GetKeyboardLayout
GetKeyboardLayoutNameW
GetKeyboardType
GetMenuContextHelpId
GetMenuInfo
GetMenuItemID
GetMenuItemInfoA
GetMenuItemInfoW
GetMessageExtraInfo
GetMessageTime
GetMessageW
GetNextDlgGroupItem
GetParent
GetQueueStatus
GetScrollBarInfo
GetSystemMenu
DdeAddData
GetUserObjectInformationA
GetWindowLongA
GetWindowModuleFileNameA
GetWindowTextA
GetWindowTextW
IMPSetIMEW
InSendMessageEx
InflateRect
InvalidateRgn
IsCharAlphaNumericW
IsClipboardFormatAvailable
IsDlgButtonChecked
IsRectEmpty
IsWindowEnabled
IsWindowVisible
LoadAcceleratorsA
LoadBitmapW
LoadCursorFromFileA
LoadImageA
LoadKeyboardLayoutW
MapVirtualKeyA
MapVirtualKeyExA
MessageBeep
ModifyMenuA
MonitorFromRect
MsgWaitForMultipleObjects
OpenDesktopA
RealGetWindowClass
RegisterClassA
RegisterClipboardFormatW
RegisterDeviceNotificationW
SendIMEMessageExA
SendMessageTimeoutW
SendMessageW
SetActiveWindow
SetCaretBlinkTime
SetCaretPos
SetCursor
SetDlgItemTextW
SetLastErrorEx
SetMenu
SetMenuItemBitmaps
SetProcessDefaultLayout
SetProcessWindowStation
SetShellWindow
SetWindowTextA
SetWindowTextW
SetWindowWord
SetWindowsHookExA
ShowOwnedPopups
TabbedTextOutA
ToUnicodeEx
TrackMouseEvent
UnionRect
UnregisterClassW
UnregisterDeviceNotification
WINNLSEnableIME
WINNLSGetEnableStatus
wsprintfW
wvsprintfW
DdeAbandonTransaction
CreateMenu
CreateMDIWindowW
CreateIcon
CreateDialogIndirectParamW
CreateAcceleratorTableW
CountClipboardFormats
CharUpperBuffW
CharToOemW
CharLowerBuffA
CharLowerA
ChangeMenuW
ChangeDisplaySettingsA
CascadeChildWindows
CallNextHookEx
CallMsgFilterA
CallMsgFilter
BroadcastSystemMessageW
BroadcastSystemMessageA
BeginPaint
AdjustWindowRect
GetSystemMetrics

comdlg32

ChooseColorW
ChooseFontA
ChooseFontW
CommDlgExtendedError
FindTextA
ReplaceTextW
ReplaceTextA
PrintDlgW
PrintDlgExW
PrintDlgExA
PrintDlgA
PageSetupDlgW
PageSetupDlgA
GetSaveFileNameW
GetSaveFileNameA
GetOpenFileNameW
GetOpenFileNameA
GetFileTitleW
GetFileTitleA
FindTextW
ChooseColorA

ole32

CLSIDFromProgID
CLSIDFromProgIDEx
CoAllowSetForegroundWindow
CoBuildVersion
CoCreateInstance
CoDisconnectObject
CoFileTimeNow
CoFreeAllLibraries
CoGetCallContext
CoGetCancelObject
CoGetClassObject
CoGetCurrentLogicalThreadId
CoGetCurrentProcess
CoGetMarshalSizeMax
CoGetObject
CoGetObjectContext
CoGetStandardMarshal
CoGetTreatAsClass
CoInitialize
CoInitializeSecurity
CoInitializeWOW
CoMarshalHresult
CoQueryAuthenticationServices
CoRegisterChannelHook
CoRegisterMessageFilter
CoRegisterSurrogate
CoRegisterSurrogateEx
CoReleaseServerProcess
CoRevokeMallocSpy
CoSetProxyBlanket
CoSwitchCallContext
CoTaskMemAlloc
CoTaskMemFree
CoTreatAsClass
CoUnloadingWOW
CoUnmarshalInterface
CreateAntiMoniker
CreateDataCache
CreateGenericComposite
CreateILockBytesOnHGlobal
CreateObjrefMoniker
CreateOleAdviseHolder
CreatePointerMoniker
CreateStdProgressIndicator
FmtIdToPropStgName
FreePropVariantArray
GetConvertStg
GetDocumentBitStg
GetHGlobalFromILockBytes
GetRunningObjectTable
HACCEL_UserMarshal
HACCEL_UserUnmarshal
HBITMAP_UserFree
HBITMAP_UserMarshal
HBRUSH_UserFree
HDC_UserFree
HENHMETAFILE_UserMarshal
HENHMETAFILE_UserSize
HGLOBAL_UserMarshal
HGLOBAL_UserUnmarshal
HICON_UserMarshal
HMENU_UserFree
HMENU_UserMarshal
HMENU_UserSize
HMETAFILE_UserFree
HMETAFILE_UserSize
HMETAFILE_UserUnmarshal
HPALETTE_UserFree
HWND_UserMarshal
OleCreateDefaultHandler
OleCreateEmbeddingHelper
OleCreateFromDataEx
OleCreateLinkEx
OleCreateLinkFromDataEx
OleCreateLinkToFile
OleCreateMenuDescriptor
OleCreateStaticFromData
OleDraw
OleGetIconOfClass
OleInitializeWOW
OleIsRunning
OleMetafilePictFromIconAndLabel
OleNoteObjectVisible
OleQueryCreateFromData
OleQueryLinkFromData
OleRegGetUserType
OleSave
OleSaveToStream
OleSetClipboard
OleUninitialize
OpenOrCreateStream
PropVariantCopy
ReadFmtUserTypeStg
ReadStringStream
RegisterDragDrop
RevokeDragDrop
SNB_UserFree
SNB_UserMarshal
SNB_UserSize
STGMEDIUM_UserFree
STGMEDIUM_UserSize
STGMEDIUM_UserUnmarshal
StgConvertPropertyToVariant
StgCreateDocfile
StgCreateDocfileOnILockBytes
StgCreatePropStg
StgCreateStorageEx
StgGetIFillLockBytesOnFile
StgGetIFillLockBytesOnILockBytes
StgOpenPropStg
StgOpenStorage
StgOpenStorageOnILockBytes
StgPropertyLengthAsVariant
StgSetTimes
StringFromIID
UtConvertDvtd32toDvtd16
UtGetDvtd32Info
WdtpInterfacePointer_UserSize
WriteClassStg
WriteClassStm
WriteOleStg

Sections

.text
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 584B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text6
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text7
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text5
Size: 52KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

27c356765b9ab8092cbb8eb7c6552602

Code Sign

46:ee:15:bb:9a:4e:fa:74:b9:39:db:2c:e7:08:fd:83Certificate

Extended Key Usages

90:d8:7f:0f:ce:3d:be:59:65:28:22:b4:75:0f:e0:49:0c:8c:e9:17Signer

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

comdlg32

ole32

Sections

.text Size: 11KB - Virtual size: 11KB

.data Size: 512B - Virtual size: 584B

.text6 Size: 2KB - Virtual size: 1KB

.text7 Size: 1024B - Virtual size: 1000B

.text5 Size: 52KB - Virtual size: 51KB

.reloc Size: 2KB - Virtual size: 1KB

46:ee:15:bb:9a:4e:fa:74:b9:39:db:2c:e7:08:fd:83
Certificate

90:d8:7f:0f:ce:3d:be:59:65:28:22:b4:75:0f:e0:49:0c:8c:e9:17
Signer

.text
Size: 11KB - Virtual size: 11KB

.data
Size: 512B - Virtual size: 584B

.text6
Size: 2KB - Virtual size: 1KB

.text7
Size: 1024B - Virtual size: 1000B

.text5
Size: 52KB - Virtual size: 51KB

.reloc
Size: 2KB - Virtual size: 1KB