322c50877665b0ab5d9380cfda366381

Sharing

Copy URL

Twitter E-mail

General

Target

322c50877665b0ab5d9380cfda366381
Size

106KB
MD5

322c50877665b0ab5d9380cfda366381
SHA1

0889ba6d931166929ca78c5d9d26534173b5a3e9
SHA256

78cd6d8a9cdf4bd13d82dc6548a8c2ad80cb066473a397345b81015e70daaff4
SHA512

101c1be8cd33c66eeb19f65f9342c37103eff31c426f0ad89ec38cbd927275a04340d05f303172051ee2c8d06f761a3bf7dd60e8e6383b07e69a387ca708fbb3
SSDEEP

1536:JRyvehe2FXVzaewjrP+lqHX0vDvTEHqaO:ryveA2p522lqHk77EHqaO

Score

1^/10

Malware Config

Signatures

Files

322c50877665b0ab5d9380cfda366381
.exe windows:5 windows x86 arch:x86

c1a6d41ab9fe2a3e40ca0f2ccf2a35c6

Code Sign

0a:5a:d4:c2:6e:8c:85:4d:be:25:75:f7:a3:47:af:08
Certificate

Issuer

CN=t23 inc

Not Before

14-01-2012 21:04

Not After

31-12-2039 23:59

Subject

CN=t23 inc

Extended Key Usages

ExtKeyUsageCodeSigning

8c:2c:8a:d5:29:9a:61:09:ca:14:41:5e:be:87:75:ea:cb:d6:00:20
Signer

Actual PE Digest

8c:2c:8a:d5:29:9a:61:09:ca:14:41:5e:be:87:75:ea:cb:d6:00:20

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WaitForSingleObjectEx
WinExec
WriteConsoleA
WritePrivateProfileSectionW
WriteProcessMemory
WaitForMultipleObjects
_lopen
lstrcmpi
lstrcpynW
VirtualQuery
VerLanguageNameA
UpdateResourceW
UnhandledExceptionFilter
TlsSetValue
TlsFree
TerminateJobObject
SwitchToThread
SwitchToFiber
SetThreadExecutionState
SetProcessShutdownParameters
SetHandleInformation
SetFileAttributesW
SetFileAttributesA
SetErrorMode
SetEndOfFile
SetCurrentDirectoryA
SetConsoleDisplayMode
SetConsoleCursorPosition
SetComputerNameExA
SearchPathA
ScrollConsoleScreenBufferA
ResetWriteWatch
ReadFileEx
ReadConsoleOutputAttribute
ReadConsoleInputW
Process32FirstW
PeekNamedPipe
OpenWaitableTimerA
OpenEventA
MulDiv
MoveFileExW
Module32Next
MapUserPhysicalPagesScatter
IsValidLanguageGroup
IsSystemResumeAutomatic
IsDBCSLeadByte
IsBadReadPtr
InterlockedExchangeAdd
HeapReAlloc
HeapDestroy
GlobalUnfix
GlobalReAlloc
GetVersionExA
GetUserDefaultUILanguage
GetThreadTimes
GetTapeParameters
GetStringTypeW
GetProcessWorkingSetSize
GetPrivateProfileSectionNamesW
GetPrivateProfileIntW
GetMailslotInfo
GetFileInformationByHandle
GetEnvironmentVariableW
GetCurrencyFormatA
GetConsoleOutputCP
GetConsoleCursorInfo
GetConsoleAliasesW
GetCPInfoExW
GetCPInfoExA
GetBinaryType
FormatMessageW
FlushConsoleInputBuffer
FindResourceW
CreateFileW
EnumResourceTypesW
EnumDateFormatsExW
EnumDateFormatsA
DnsHostnameToComputerNameA
DisconnectNamedPipe
DisableThreadLibraryCalls
DeleteCriticalSection
CreateSemaphoreA
CreateMailslotA
CreateJobObjectA
ConvertThreadToFiber
ContinueDebugEvent
ConnectNamedPipe
CancelWaitableTimer
CancelTimerQueueTimer
BuildCommDCBAndTimeoutsA
AllocConsole
AddAtomA
GetStartupInfoA
GetProcAddress
LoadLibraryA
GetProcessHeap
GetWindowsDirectoryW
lstrcatW
WriteProfileStringA

user32

EnumWindowStationsA
EnumDisplaySettingsExW
EnumDisplaySettingsExA
EmptyClipboard
DrawIconEx
DlgDirSelectExW
DlgDirListA
DdeSetQualityOfService
DdeReconnect
DdePostAdvise
DdeInitializeA
DdeClientTransaction
CreateWindowStationW
CreateWindowExA
CreateIcon
CreateCursor
CopyImage
ClipCursor
CharUpperBuffW
CharToOemW
CharToOemA
CharLowerA
ChangeDisplaySettingsA
CallWindowProcW
CallMsgFilter
BringWindowToTop
BlockInput
FillRect
FindWindowA
FindWindowExA
FindWindowW
GetActiveWindow
GetCaretPos
GetClassInfoA
GetCursorPos
GetDC
GetDlgItem
GetKeyboardLayout
GetKeyboardLayoutNameA
GetMenuState
GetMenuStringW
GetPriorityClipboardFormat
GetQueueStatus
GetScrollBarInfo
GetSubMenu
GetTitleBarInfo
GetUpdateRgn
GetWindowInfo
GetWindowModuleFileNameA
GetWindowModuleFileNameW
GetWindowRect
HiliteMenuItem
IMPQueryIMEA
InsertMenuItemA
IntersectRect
InvalidateRgn
IsMenu
LoadIconA
LoadImageA
LoadKeyboardLayoutW
MapWindowPoints
MessageBoxIndirectA
MonitorFromWindow
OpenWindowStationA
PostThreadMessageW
RealGetWindowClassA
RegisterDeviceNotificationW
ReleaseDC
RemovePropA
SetActiveWindow
SetCaretPos
SetClassLongA
SetClassWord
SetDoubleClickTime
SetLayeredWindowAttributes
SetMessageExtraInfo
SetPropA
SetThreadDesktop
SetTimer
SetUserObjectInformationW
WaitForInputIdle
VkKeyScanExW
VkKeyScanExA
UnhookWinEvent
SwitchDesktop
SetWindowsHookExW
SetWindowsHookExA
SetWindowWord
SetWindowTextA
SetUserObjectSecurity

gdi32

ExtCreateRegion
AddFontMemResourceEx
AddFontResourceExW
AddFontResourceW
AnyLinkedFonts
BRUSHOBJ_pvGetRbrush
BeginPath
BitBlt
CopyMetaFileA
CopyMetaFileW
CreateDCA
CreateDIBPatternBrushPt
CreateEllipticRgnIndirect
CreatePalette
EndDoc
EngAlphaBlend
EngCreateBitmap
EngCreateClip
EngCreatePalette
EngDeletePath
EngFindResource
EngLoadModule
EngQueryLocalTime
EngTransparentBlt
EnumEnhMetaFile
ExtTextOutW
FONTOBJ_pxoGetXform
GdiConsoleTextOut
GdiConvertBitmapV5
GdiConvertBrush
GdiConvertRegion
GdiDeleteSpoolFileHandle
GdiEndPageEMF
GdiEntry12
GdiEntry14
GdiEntry15
GdiEntry7
GdiEntry9
GdiGetPageCount
GdiPlayDCScript
GdiPlayJournal
GdiProcessSetup
GdiStartPageEMF
GetBkColor
GetCharABCWidthsA
GetDCBrushColor
GetDCPenColor
GetEUDCTimeStamp
GetEnhMetaFileDescriptionA
GetFontLanguageInfo
GetKerningPairsA
GetLogColorSpaceA
GetObjectA
GetOutlineTextMetricsW
GetTextFaceAliasW
GetTransform
GetViewportExtEx
GetWindowOrgEx
HT_Get8BPPMaskPalette
InvertRgn
MaskBlt
OffsetClipRgn
Pie
PolyDraw
PolylineTo
PtVisible
RectVisible
RemoveFontResourceA
RemoveFontResourceExA
RemoveFontResourceTracking
RestoreDC
ScaleViewportExtEx
SelectClipRgn
SetBrushOrgEx
SetDIBits
SetICMMode
SetMapMode
SetTextColor
SetTextJustification
SetVirtualResolution
SetWinMetaFileBits
SetWorldTransform
StartDocA
StartFormPage
UpdateColors
UpdateICMRegKeyA
UpdateICMRegKeyW
bMakePathNameW
AbortPath

shell32

SHChangeNotify
Shell_NotifyIcon
ShellHookProc
ShellExecuteExA
ShellExecuteEx
SHQueryRecycleBinA
SHPathPrepareForWriteW
SHLoadNonloadedIconOverlayIdentifiers
SHIsFileAvailableOffline
SHInvokePrinterCommandA
SHGetSpecialFolderPathW
CheckEscapesW
CommandLineToArgvW
DoEnvironmentSubstA
DoEnvironmentSubstW
DragAcceptFiles
DragFinish
DragQueryFileA
DragQueryFileAorW
DragQueryFileW
ExtractAssociatedIconExA
ExtractAssociatedIconExW
ExtractIconEx
ExtractIconExA
ExtractIconExW
ExtractIconW
FindExecutableA
FindExecutableW
SHAddToRecentDocs
SHAppBarMessage
SHBindToParent
SHBrowseForFolder
SHGetSpecialFolderLocation
SHCreateDirectoryExA
SHCreateProcessAsUserW
SHEmptyRecycleBinA
SHFileOperation
SHFileOperationA
SHFileOperationW
SHGetDataFromIDListA
SHGetDiskFreeSpaceExA
SHGetFileInfoA
SHGetFileInfoW
SHGetFolderLocation
SHGetFolderPathW
SHGetIconOverlayIndexA
SHGetInstanceExplorer
SHGetPathFromIDList
SHGetPathFromIDListA
SHGetPathFromIDListW
SHGetSettings
Shell_NotifyIconW

ole32

CoGetTreatAsClass
CoInitialize
CoInitializeEx
CoInitializeWOW
CoRegisterClassObject
CoRegisterMallocSpy
CoRevertToSelf
CoRevokeClassObject
CoTaskMemFree
CoTestCancel
CoUnmarshalInterface
CoWaitForMultipleHandles
CreateGenericComposite
CreateStdProgressIndicator
FmtIdToPropStgName
FreePropVariantArray
GetDocumentBitStg
GetHookInterface
GetRunningObjectTable
HACCEL_UserUnmarshal
HBITMAP_UserSize
HBITMAP_UserUnmarshal
HBRUSH_UserMarshal
HDC_UserMarshal
HENHMETAFILE_UserSize
HGLOBAL_UserFree
HGLOBAL_UserSize
HMENU_UserFree
HMETAFILEPICT_UserFree
HMETAFILEPICT_UserMarshal
HMETAFILEPICT_UserUnmarshal
HMETAFILE_UserFree
HPALETTE_UserSize
HWND_UserFree
HkOleRegisterObject
IIDFromString
MonikerCommonPrefixWith
OleConvertIStorageToOLESTREAMEx
OleCreate
OleCreateFromData
OleCreateLinkEx
OleCreateLinkFromDataEx
OleCreateLinkToFileEx
OleCreateMenuDescriptor
OleCreateStaticFromData
OleFlushClipboard
OleGetIconOfFile
OleInitialize
OleInitializeWOW
OleLoadFromStream
OleNoteObjectVisible
OleQueryCreateFromData
OleQueryLinkFromData
OleSetAutoConvert
OleSetClipboard
OleTranslateAccelerator
OleUninitialize
PropStgNameToFmtId
ReadClassStm
ReadFmtUserTypeStg
SNB_UserSize
SNB_UserUnmarshal
STGMEDIUM_UserMarshal
SetDocumentBitStg
StgCreateDocfile
StgGetIFillLockBytesOnFile
StgIsStorageILockBytes
StgOpenAsyncDocfileOnIFillLockBytes
StgOpenPropStg
StgPropertyLengthAsVariant
UpdateDCOMSettings
UtConvertDvtd32toDvtd16
WdtpInterfacePointer_UserSize
WdtpInterfacePointer_UserUnmarshal
WriteClassStg
WriteFmtUserTypeStg
CoGetStandardMarshal
CoGetObject
CoGetCallerTID
CoFileTimeNow
CoCreateInstanceEx
CoBuildVersion
CoAllowSetForegroundWindow
CLSIDFromProgIDEx
CLIPFORMAT_UserUnmarshal
BindMoniker
CoGetPSClsid

shlwapi

StrChrA
StrChrIA
StrChrIW
StrCmpNA
StrCmpNIA
StrCmpNIW
StrRChrIW
StrRChrW
StrRStrIA
StrRStrIW

Sections

.text
Size: 72KB - Virtual size: 71KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 524B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 30KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c1a6d41ab9fe2a3e40ca0f2ccf2a35c6

Code Sign

0a:5a:d4:c2:6e:8c:85:4d:be:25:75:f7:a3:47:af:08Certificate

Extended Key Usages

8c:2c:8a:d5:29:9a:61:09:ca:14:41:5e:be:87:75:ea:cb:d6:00:20Signer

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

shell32

ole32

shlwapi

Sections

.text Size: 72KB - Virtual size: 71KB

.data Size: 512B - Virtual size: 524B

.rsrc Size: 30KB - Virtual size: 29KB

.reloc Size: 2KB - Virtual size: 2KB

0a:5a:d4:c2:6e:8c:85:4d:be:25:75:f7:a3:47:af:08
Certificate

8c:2c:8a:d5:29:9a:61:09:ca:14:41:5e:be:87:75:ea:cb:d6:00:20
Signer

.text
Size: 72KB - Virtual size: 71KB

.data
Size: 512B - Virtual size: 524B

.rsrc
Size: 30KB - Virtual size: 29KB

.reloc
Size: 2KB - Virtual size: 2KB