2cf3b3bd4a47001a0aaf9536a90dea3e

Sharing

Copy URL Twitter E-mail

General

Target

2cf3b3bd4a47001a0aaf9536a90dea3e
Size

323KB
MD5

2cf3b3bd4a47001a0aaf9536a90dea3e
SHA1

78f569222efce768b418e27a8713d020f0c51331
SHA256

a830c6750f5b982405f8de5484797ce8db71d5e06b62209218b184e0f77c00a4
SHA512

36edc6fcae9a1d199263aa6d87fb94e747e453899435e2bdc5f63194a09ee731d0d54c3f1d73f0a771ef4c8877fd3cd361ca0dffbad87237832d36eca5030ce3
SSDEEP

6144:bNurYZTSDk36Kszjb8C1q246zlODFVRv5:bN+YZGDO6v1sxz5

Score

1^/10

Malware Config

Signatures

Files

2cf3b3bd4a47001a0aaf9536a90dea3e
.exe windows:5 windows x86 arch:x86

3c8cbbc388603f06d726cf59e31a2d1a

Code Sign

5d:ee:17:da:6e:09:c9:4f:b1:13:61:4b:03:85:1a:b7
Certificate

Issuer

CN=41254214431555451524135225241342331444412523342353442352212431335351114552215135251243454411514233314425341211421324211323324152355253514534135322115121122312422124313212214333514454255253134323432542413551454224455513323325331434414152251325452144334432212432331433545213151133424353443111211515241351511143151323412313412514214242441411532154355343341311245333541522223434331545555325434352134111544513322123131525423341343113123242542435223544332543153443343233145212323245334213342111441122512454353212252113513224344314435521143114112455114313555321421343444553552423253541312325342415254324335254234225521114135411512124324155154115345242324433333344143233222152112551431221451555514512225113452431413135533413232411414213114331244545252312514412441125325221245151114141122341522133225224215232112145411232335232152452344322513341542344223253331131242343411555221441421441524133114153113335443534421445135514513155533114114234212231434222312451521241424133431452323434335212142443153314242213143512522231423225135152245553254415144134453414334312445141252414323444324534421555241224534544245445531455452541214333143355415114533414222445451142233334424143145423112153524533353135333212354533241541412524144234114115555432311114345411155243453135412512351552321523354332524154442551443522123214112541144442232252131343523455254314444215131222142231121152541111214455142214324135451554311534351423244322125114331512415313351131241334125213321113311512251522213335543525551123331455142532241251154253225533425441451352233411555345413553125141512152213231225312424213255114444432215553225541512352454533255331544143113513222131554132242133115343515131543223115554225241411434431312135331535132221451451451345223143443255552135441335241545254552322431412125211554244515533121335254552432313451445132343442453525551131231241232343212511114545342453512521423243323515115342215433432233551441431311242253114212334353221123431254525212255145333444344441312553353513552334534525325114351344552244123332235453444453325132124315313321435153153232541554353511515435321213332125234115455413235224211131552115311444124351353451111525533212525133532421234544244154441351322324121342415331521321443333434331341351525454333441123445412124522415432315135235215142523535111214212141111544354125122151234521321353534255541413213414223553544455525342545114245514315131553221211242445431354151321153312311121314442545322424255425131452234211213155441541425534144551332232352443554232335554323313423432532135513231334151553234223343132221411554211531354515225333214311422333222213325444313331552412152115343244535434145435251232534451355232152444112432225143423331335251511243413142222321435255333125555143314541232514554313313115125432555551251524313255153311321542443244551543111325253255514133533225125125452421124121242422133442253541343344424124455352235513113214541523322545122421415354211423314313132112553232321514355442531352143115513555442312424411451424544233313515223143455412441433411315331553125245125141512241213422514331523421554434453514141413422433142135141222242141431135114241342554212313214325525244215215543112553433345534354442454425121135444313555255521122152551221144333312125511453245541243152234234254215445252422244325525412151241123551525234415111225555154551544513513253444435344454421213555142312251525513431524314252415151122314334153153434143335244314451343313315532145421332421522533522145415141125125513154433321543432412454213554114114154324513535355551224213523135242115213312233522114354134313413253331314523134155425154252134125341122251345114341545131535243522142452155345552232322353435343321124435523213314112122154121123311543242345142155521131243543513511412514333113234245225441312132423345411312531453512111554315522445233541212154441512424325312131544441431533333342234545312154545113153142221545451125545232553111234425551251445543312145254122421231552312545251214412432522335455232452254542214535525113413121424123225412421541552233252534315554241444533223145415112354421133221215243325423324313411253453153342353445125353554442244223514524235554121115534222153442231512222523255234353551313434152144233321112242254442244153251123155254153253155251224441222351521314323423431343522123343251124554524415115554253455412455234124532125513421255425414353141551134523443234345512211315415231215511523455235113455412233123253115251215552313545142511342535132451534124541312423213115242142455552514153145121133114424341214252543113452532511212531312133135153131415144255331152125441242254311354354243255142431125535422455523313212224143333525255431134255153224324524311444313224144352124111454523541431113443421121455352521242435431232525341342444145113351444531452343115333353135114135423553121435154413442152515352332234325242141131455152511132344333125445454413415524343554412422312522432411533422451254515544122345134441115533531151253325132435531534445131533323442515232334312414524423452223451344431434441244142144254153343254521432331552442315414241353232553523554545111

Not Before

22/11/2012, 06:11

Not After

31/12/2039, 23:59

Subject

CN=41254214431555451524135225241342331444412523342353442352212431335351114552215135251243454411514233314425341211421324211323324152355253514534135322115121122312422124313212214333514454255253134323432542413551454224455513323325331434414152251325452144334432212432331433545213151133424353443111211515241351511143151323412313412514214242441411532154355343341311245333541522223434331545555325434352134111544513322123131525423341343113123242542435223544332543153443343233145212323245334213342111441122512454353212252113513224344314435521143114112455114313555321421343444553552423253541312325342415254324335254234225521114135411512124324155154115345242324433333344143233222152112551431221451555514512225113452431413135533413232411414213114331244545252312514412441125325221245151114141122341522133225224215232112145411232335232152452344322513341542344223253331131242343411555221441421441524133114153113335443534421445135514513155533114114234212231434222312451521241424133431452323434335212142443153314242213143512522231423225135152245553254415144134453414334312445141252414323444324534421555241224534544245445531455452541214333143355415114533414222445451142233334424143145423112153524533353135333212354533241541412524144234114115555432311114345411155243453135412512351552321523354332524154442551443522123214112541144442232252131343523455254314444215131222142231121152541111214455142214324135451554311534351423244322125114331512415313351131241334125213321113311512251522213335543525551123331455142532241251154253225533425441451352233411555345413553125141512152213231225312424213255114444432215553225541512352454533255331544143113513222131554132242133115343515131543223115554225241411434431312135331535132221451451451345223143443255552135441335241545254552322431412125211554244515533121335254552432313451445132343442453525551131231241232343212511114545342453512521423243323515115342215433432233551441431311242253114212334353221123431254525212255145333444344441312553353513552334534525325114351344552244123332235453444453325132124315313321435153153232541554353511515435321213332125234115455413235224211131552115311444124351353451111525533212525133532421234544244154441351322324121342415331521321443333434331341351525454333441123445412124522415432315135235215142523535111214212141111544354125122151234521321353534255541413213414223553544455525342545114245514315131553221211242445431354151321153312311121314442545322424255425131452234211213155441541425534144551332232352443554232335554323313423432532135513231334151553234223343132221411554211531354515225333214311422333222213325444313331552412152115343244535434145435251232534451355232152444112432225143423331335251511243413142222321435255333125555143314541232514554313313115125432555551251524313255153311321542443244551543111325253255514133533225125125452421124121242422133442253541343344424124455352235513113214541523322545122421415354211423314313132112553232321514355442531352143115513555442312424411451424544233313515223143455412441433411315331553125245125141512241213422514331523421554434453514141413422433142135141222242141431135114241342554212313214325525244215215543112553433345534354442454425121135444313555255521122152551221144333312125511453245541243152234234254215445252422244325525412151241123551525234415111225555154551544513513253444435344454421213555142312251525513431524314252415151122314334153153434143335244314451343313315532145421332421522533522145415141125125513154433321543432412454213554114114154324513535355551224213523135242115213312233522114354134313413253331314523134155425154252134125341122251345114341545131535243522142452155345552232322353435343321124435523213314112122154121123311543242345142155521131243543513511412514333113234245225441312132423345411312531453512111554315522445233541212154441512424325312131544441431533333342234545312154545113153142221545451125545232553111234425551251445543312145254122421231552312545251214412432522335455232452254542214535525113413121424123225412421541552233252534315554241444533223145415112354421133221215243325423324313411253453153342353445125353554442244223514524235554121115534222153442231512222523255234353551313434152144233321112242254442244153251123155254153253155251224441222351521314323423431343522123343251124554524415115554253455412455234124532125513421255425414353141551134523443234345512211315415231215511523455235113455412233123253115251215552313545142511342535132451534124541312423213115242142455552514153145121133114424341214252543113452532511212531312133135153131415144255331152125441242254311354354243255142431125535422455523313212224143333525255431134255153224324524311444313224144352124111454523541431113443421121455352521242435431232525341342444145113351444531452343115333353135114135423553121435154413442152515352332234325242141131455152511132344333125445454413415524343554412422312522432411533422451254515544122345134441115533531151253325132435531534445131533323442515232334312414524423452223451344431434441244142144254153343254521432331552442315414241353232553523554545111

Extended Key Usages

ExtKeyUsageCodeSigning

04:ce:18:be:cb:eb:ac:b4:b2:37:e7:8e:29:c4:c5:d0:c5:6e:d6:05
Signer

Actual PE Digest

04:ce:18:be:cb:eb:ac:b4:b2:37:e7:8e:29:c4:c5:d0:c5:6e:d6:05

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateThread
DebugBreak
DeleteFileA
DeviceIoControl
EnterCriticalSection
ExitProcess
ExitThread
ExpandEnvironmentStringsA
FileTimeToDosDateTime
FileTimeToLocalFileTime
FormatMessageA
FreeLibrary
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetDriveTypeA
GetModuleFileNameA
GetProcAddress
GetProcessHeap
GetStartupInfoA
GetSystemTimeAsFileTime
GetTempFileNameA
GetTempPathA
CreateFileMappingA
IsDBCSLeadByte
LoadLibraryExA
LocalAlloc
LocalFree
MapViewOfFile
MultiByteToWideChar
OpenFileMappingA
OpenProcess
QueryPerformanceCounter
ReadFile
SetCommTimeouts
SetCurrentDirectoryA
SetErrorMode
SetFileAttributesA
SetFilePointer
SetUnhandledExceptionFilter
TerminateProcess
UnhandledExceptionFilter
UnmapViewOfFile
WaitForMultipleObjects
WideCharToMultiByte
lstrcpynA
lstrlenW
CloseHandle
GetSystemDirectoryA
lstrcatA
CreateFileA
GetTickCount
VirtualAllocEx

user32

SetClipboardViewer
SendMessageA
InvalidateRect
BeginPaint
GetClientRect
DefWindowProcA

gdi32

GetDeviceCaps
AddFontResourceA
CreateFontIndirectA

advapi32

RegOpenKeyExW

msvcrt

memcpy

Sections

.text
Size: 256KB - Virtual size: 255KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text3
Size: 29KB - Virtual size: 29KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

3c8cbbc388603f06d726cf59e31a2d1a

Code Sign

5d:ee:17:da:6e:09:c9:4f:b1:13:61:4b:03:85:1a:b7Certificate

Extended Key Usages

04:ce:18:be:cb:eb:ac:b4:b2:37:e7:8e:29:c4:c5:d0:c5:6e:d6:05Signer

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

msvcrt

Sections

.text Size: 256KB - Virtual size: 255KB

.text3 Size: 29KB - Virtual size: 29KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 5KB - Virtual size: 4KB

5d:ee:17:da:6e:09:c9:4f:b1:13:61:4b:03:85:1a:b7
Certificate

04:ce:18:be:cb:eb:ac:b4:b2:37:e7:8e:29:c4:c5:d0:c5:6e:d6:05
Signer

.text
Size: 256KB - Virtual size: 255KB

.text3
Size: 29KB - Virtual size: 29KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 5KB - Virtual size: 4KB