736564b16a0c2e4e1e07b1070eeecd26

Sharing

Copy URL

Twitter E-mail

General

Target

736564b16a0c2e4e1e07b1070eeecd26
Size

189KB
MD5

736564b16a0c2e4e1e07b1070eeecd26
SHA1

1d9e8c59c0bd4736ff61d2d7af60d3ea4a948a46
SHA256

63dfe7adeb3075750a4dfa0968436529e483b29660403fc4aba1fbc95e8128b7
SHA512

9ff83f320e5b91a2551a441846076c404c0852c236791dd71faba3685acc7cec6d51a8be9e17a11de1369839de7195d4d6539c01bee846336dcd47859cddb447
SSDEEP

3072:mPqBq98+EQeiDGybh1g7GATKMLJQr+Rrlzy+hapE75L43Yi+ChX/8D6:myB/Y11zQTLJQaFVQp2L4oizZ

Score

1^/10

Malware Config

Signatures

Files

736564b16a0c2e4e1e07b1070eeecd26
.exe windows:5 windows x86 arch:x86

a35af529b86e6e62523e677f1eb58abb

Code Sign

28:20:01:7a:4a:72:db:56:b8:ce:01:c6:34:c1:d6:e9
Certificate

Issuer

CN=eryer

Not Before

05-02-2012 09:13

Not After

31-12-2039 23:59

Subject

CN=eryer

Extended Key Usages

ExtKeyUsageCodeSigning

c3:44:47:6c:10:9e:dc:f6:bc:76:58:0f:3a:23:53:3c:c9:72:1a:b8
Signer

Actual PE Digest

c3:44:47:6c:10:9e:dc:f6:bc:76:58:0f:3a:23:53:3c:c9:72:1a:b8

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
LoadLibraryA
GetWindowsDirectoryW
lstrcatW
CreateFileW
GetSystemInfo
GetProcessHeap

msvcrt

memset

user32

DefDlgProcA
DefFrameProcA
DefMDIChildProcW
DlgDirListW
DlgDirSelectExW
DrawFrameControl
DrawStateW
EnumDesktopsW
EnumPropsW
EnumWindowStationsA
FillRect
FindWindowExW
GetAltTabInfoW
GetClassInfoA
GetClassInfoExA
GetClipCursor
GetClipboardData
GetComboBoxInfo
GetCursor
GetDCEx
GetGuiResources
GetKeyboardLayoutList
GetKeyboardState
GetMenuCheckMarkDimensions
GetMenuItemInfoA
GetMenuStringA
GetMenuStringW
GetMessageA
GetWindowLongW
GetWindowModuleFileName
GetWindowModuleFileNameW
IMPSetIMEW
DdeUninitialize
InflateRect
InvalidateRect
IsCharUpperW
IsDialogMessage
IsDialogMessageA
IsDialogMessageW
LoadAcceleratorsA
LoadBitmapA
LoadCursorA
LoadCursorFromFileA
LoadIconW
LoadMenuW
MonitorFromRect
OffsetRect
OpenClipboard
OpenDesktopW
OpenIcon
PackDDElParam
RealGetWindowClassW
RegisterClassW
RemovePropA
SendIMEMessageExW
SendMessageTimeoutA
SetCaretBlinkTime
SetClipboardData
SetDeskWallpaper
SetMenuItemBitmaps
SetMenuItemInfoA
SetScrollPos
SetUserObjectInformationA
SetWindowContextHelpId
SetWindowPos
SetWindowTextA
SetWindowsHookExA
SetWindowsHookExW
UnregisterClassW
UserHandleGrantAccess
ValidateRect
VkKeyScanExW
DdeSetQualityOfService
DdeReconnect
DdeNameService
DdeGetLastError
DdeFreeDataHandle
DdeCreateStringHandleW
DdeConnectList
DdeClientTransaction
CreateWindowExA
CreatePopupMenu
CreateMDIWindowW
CreateDesktopW
CloseWindowStation
ChildWindowFromPointEx
CheckMenuRadioItem
CharToOemBuffA
ChangeDisplaySettingsExA
AttachThreadInput
AllowSetForegroundWindow
InSendMessage

comdlg32

ChooseColorW
ChooseFontA
ChooseFontW
CommDlgExtendedError
FindTextA
FindTextW
GetFileTitleA
ReplaceTextW
ReplaceTextA
PrintDlgW
PrintDlgExW
PrintDlgExA
PrintDlgA
PageSetupDlgW
PageSetupDlgA
GetSaveFileNameW
GetSaveFileNameA
GetOpenFileNameW
GetOpenFileNameA
GetFileTitleW
ChooseColorA

Sections

.text
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 484B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text2
Size: 159KB - Virtual size: 159KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a35af529b86e6e62523e677f1eb58abb

Code Sign

28:20:01:7a:4a:72:db:56:b8:ce:01:c6:34:c1:d6:e9Certificate

Extended Key Usages

c3:44:47:6c:10:9e:dc:f6:bc:76:58:0f:3a:23:53:3c:c9:72:1a:b8Signer

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

msvcrt

user32

comdlg32

Sections

.text Size: 7KB - Virtual size: 6KB

.data Size: 512B - Virtual size: 484B

.text2 Size: 159KB - Virtual size: 159KB

.rsrc Size: 18KB - Virtual size: 18KB

.reloc Size: 2KB - Virtual size: 1KB

28:20:01:7a:4a:72:db:56:b8:ce:01:c6:34:c1:d6:e9
Certificate

c3:44:47:6c:10:9e:dc:f6:bc:76:58:0f:3a:23:53:3c:c9:72:1a:b8
Signer

.text
Size: 7KB - Virtual size: 6KB

.data
Size: 512B - Virtual size: 484B

.text2
Size: 159KB - Virtual size: 159KB

.rsrc
Size: 18KB - Virtual size: 18KB

.reloc
Size: 2KB - Virtual size: 1KB