2a257ab058199b8fb04b7b1d23841625

Sharing

Copy URL Twitter E-mail

General

Target

2a257ab058199b8fb04b7b1d23841625
Size

353KB
MD5

2a257ab058199b8fb04b7b1d23841625
SHA1

e0035f4742edc5567d871d69e092851760906287
SHA256

3e40e7e0ac45ff67e3a3b30643399496b09c981dcada05f5f990b20e4814d41f
SHA512

ac390c3e9618e413be4020f05d50e52a0e4e91325b2a9bd8f759924ac3af145a91443826a521b5a57b919020fa23ff37afd03b0035373db877c1a2d9ad3c8127
SSDEEP

6144:vqzQ9Syr2I6j3ZNp0H8vIz3YX5Sze2wpchpkUJ1HzBh4kHIh:/SK6jzQTKk9h1HzAh

Score

1^/10

Malware Config

Signatures

Files

2a257ab058199b8fb04b7b1d23841625
.exe windows:4 windows x86 arch:x86

4c03290f09e49ab4595996c19e1c6c08

Code Sign

53:a8:13:b0:88:80:82:ab:46:63:12:3b:1e:73:8b:38
Certificate

Issuer

CN=fbDs

Not Before

19/06/2012, 05:12

Not After

31/12/2039, 23:59

Subject

CN=fbDs

Extended Key Usages

ExtKeyUsageCodeSigning

e2:34:74:bf:c7:bf:cb:88:86:ee:01:5f:e9:3d:72:71:b9:a0:b5:af
Signer

Actual PE Digest

e2:34:74:bf:c7:bf:cb:88:86:ee:01:5f:e9:3d:72:71:b9:a0:b5:af

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCommandLineW
LoadLibraryA
GetCommandLineA
CloseHandle
GetWindowsDirectoryW
GetModuleHandleA
GetProcAddress
lstrcatW
CreateFileW
VirtualAllocEx

user32

LoadIconA
LoadCursorA

advapi32

RegCloseKey
RegOpenKeyW

Sections

.text
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 303KB - Virtual size: 302KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data13
Size: 512B - Virtual size: 100B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data12
Size: 512B - Virtual size: 100B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data11
Size: 512B - Virtual size: 100B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data10
Size: 512B - Virtual size: 100B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data9
Size: 512B - Virtual size: 100B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data8
Size: 512B - Virtual size: 100B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data7
Size: 512B - Virtual size: 100B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data6
Size: 512B - Virtual size: 100B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data5
Size: 512B - Virtual size: 100B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data4
Size: 512B - Virtual size: 100B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data3
Size: 512B - Virtual size: 100B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data2
Size: 512B - Virtual size: 100B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 212B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4c03290f09e49ab4595996c19e1c6c08

Code Sign

53:a8:13:b0:88:80:82:ab:46:63:12:3b:1e:73:8b:38Certificate

Extended Key Usages

e2:34:74:bf:c7:bf:cb:88:86:ee:01:5f:e9:3d:72:71:b9:a0:b5:afSigner

Headers

File Characteristics

Imports

kernel32

user32

advapi32

Sections

.text Size: 42KB - Virtual size: 41KB

.data Size: 303KB - Virtual size: 302KB

.data13 Size: 512B - Virtual size: 100B

.data12 Size: 512B - Virtual size: 100B

.data11 Size: 512B - Virtual size: 100B

.data10 Size: 512B - Virtual size: 100B

.data9 Size: 512B - Virtual size: 100B

.data8 Size: 512B - Virtual size: 100B

.data7 Size: 512B - Virtual size: 100B

.data6 Size: 512B - Virtual size: 100B

.data5 Size: 512B - Virtual size: 100B

.data4 Size: 512B - Virtual size: 100B

.data3 Size: 512B - Virtual size: 100B

.data2 Size: 512B - Virtual size: 100B

.reloc Size: 512B - Virtual size: 212B

53:a8:13:b0:88:80:82:ab:46:63:12:3b:1e:73:8b:38
Certificate

e2:34:74:bf:c7:bf:cb:88:86:ee:01:5f:e9:3d:72:71:b9:a0:b5:af
Signer

.text
Size: 42KB - Virtual size: 41KB

.data
Size: 303KB - Virtual size: 302KB

.data13
Size: 512B - Virtual size: 100B

.data12
Size: 512B - Virtual size: 100B

.data11
Size: 512B - Virtual size: 100B

.data10
Size: 512B - Virtual size: 100B

.data9
Size: 512B - Virtual size: 100B

.data8
Size: 512B - Virtual size: 100B

.data7
Size: 512B - Virtual size: 100B

.data6
Size: 512B - Virtual size: 100B

.data5
Size: 512B - Virtual size: 100B

.data4
Size: 512B - Virtual size: 100B

.data3
Size: 512B - Virtual size: 100B

.data2
Size: 512B - Virtual size: 100B

.reloc
Size: 512B - Virtual size: 212B