69852803398ab7bbf2c427f9465aecc3

Sharing

Copy URL

Twitter E-mail

General

Target

69852803398ab7bbf2c427f9465aecc3
Size

223KB
MD5

69852803398ab7bbf2c427f9465aecc3
SHA1

1457434e5a9a5e289e05ed63b8c6462cf7745ec3
SHA256

5f9ae9be564f5375edd037c7a8b3e5f8eaf77e0bfc317671d7c8e23d98751752
SHA512

4cfa83e6e11cfbe2216f250103b06665a38bf6305184cd0a9c66f369d142c213d66f24dbe56f61fb681c251c108540788500a733a9485881f7daca2d20719ca3
SSDEEP

6144:j+D+fiUq6hcMEx3yzqqDLuvqqDLuiqqDLulqqDLuXqqDLuEYOJZQ1iyxJu:j+D+fjh/MyuqnuyqnuXqnuIqnu6qnu2

Score

1^/10

Malware Config

Signatures

Files

69852803398ab7bbf2c427f9465aecc3
.exe windows:4 windows x86 arch:x86

4ad4cfd7568c09c337521fea8eec6a05

Code Sign

41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

16-07-2004 00:00

Not After

15-07-2014 23:59

Subject

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

63:31:05:6f:a2:a9:ee:8a:5e:94:54:b5:37:d3:61:00
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Not Before

05-09-2006 00:00

Not After

22-11-2009 23:59

Subject

CN=NET TRANSMIT & RECEIVE\, S.L.,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=Quality department,O=NET TRANSMIT & RECEIVE\, S.L.,L=Barcelona,ST=Barcelona,C=ES

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateDirectoryA
GetVolumeInformationA
GetCurrentProcess
GetCurrentProcessId
CreateMutexA
GetTempPathA
GetFileAttributesA
InterlockedExchange
SetEnvironmentVariableA
CompareStringW
CompareStringA
FlushFileBuffers
SetStdHandle
GetOEMCP
GetACP
GetCPInfo
GetStringTypeW
lstrcpynA
SetCurrentDirectoryA
GetModuleHandleA
ReadFile
GetVersion
SetFilePointer
FindResourceA
LoadResource
LockResource
SizeofResource
WriteFile
Sleep
lstrlenW
WideCharToMultiByte
GetModuleFileNameA
SetLastError
lstrlenA
InitializeCriticalSection
MultiByteToWideChar
GetCurrentDirectoryA
CreateFileA
SetFileAttributesA
LoadLibraryA
GetProcAddress
GetTickCount
CreateThread
GetLastError
WaitForSingleObject
TerminateThread
EnterCriticalSection
FreeLibrary
DeleteFileA
CloseHandle
LeaveCriticalSection
DeleteCriticalSection
ReleaseMutex
GetStringTypeA
IsBadCodePtr
IsBadReadPtr
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
LCMapStringW
LCMapStringA
SetUnhandledExceptionFilter
RtlUnwind
HeapReAlloc
HeapAlloc
HeapFree
RaiseException
InterlockedDecrement
InterlockedIncrement
GetTimeZoneInformation
GetSystemTime
GetLocalTime
GetStartupInfoA
GetCommandLineA
ExitProcess
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsGetValue
TerminateProcess
HeapSize
VirtualFree
VirtualAlloc
IsBadWritePtr
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
SetEndOfFile

user32

ShowWindow
EndPaint
wsprintfA
GetDesktopWindow
wsprintfW
DialogBoxParamA
EndDialog
GetDlgItemTextA
SetFocus
SetDlgItemTextA
SetWindowTextA
LoadIconA
SendMessageA
LoadBitmapA
BeginPaint
GetDlgItem

gdi32

SelectObject
GetObjectA
BitBlt
DeleteObject
DeleteDC
CreateCompatibleDC

advapi32

OpenSCManagerA
CreateServiceA
StartServiceA
DeleteService
CloseServiceHandle
RegCloseKey
RegQueryValueExA
RegOpenKeyExA
CryptAcquireContextA
CryptCreateHash
CryptHashData
CryptGetHashParam
CryptDestroyHash
CryptReleaseContext

shell32

ShellExecuteA

ole32

CoTaskMemFree

oleaut32

SysAllocString
SysAllocStringLen
SysFreeString

version

GetFileVersionInfoSizeA
VerQueryValueA
GetFileVersionInfoA

Sections

.text
Size: 83KB - Virtual size: 83KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 84KB - Virtual size: 90KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 42KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4ad4cfd7568c09c337521fea8eec6a05

Code Sign

41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2Certificate

Extended Key Usages

Key Usages

63:31:05:6f:a2:a9:ee:8a:5e:94:54:b5:37:d3:61:00Certificate

Extended Key Usages

Key Usages

Signer

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

version

Sections

.text Size: 83KB - Virtual size: 83KB

.rdata Size: 8KB - Virtual size: 8KB

.data Size: 84KB - Virtual size: 90KB

.rsrc Size: 42KB - Virtual size: 42KB

41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2
Certificate

63:31:05:6f:a2:a9:ee:8a:5e:94:54:b5:37:d3:61:00
Certificate

.text
Size: 83KB - Virtual size: 83KB

.rdata
Size: 8KB - Virtual size: 8KB

.data
Size: 84KB - Virtual size: 90KB

.rsrc
Size: 42KB - Virtual size: 42KB