f5ee0a78123a64927999adcc208fa93e

Sharing

Copy URL Twitter E-mail

General

Target

f5ee0a78123a64927999adcc208fa93e
Size

38KB
MD5

f5ee0a78123a64927999adcc208fa93e
SHA1

bbdf0a8ff608daf8ac872e140a03cee3dc4216fb
SHA256

33cffc94f80a69e053b3830e3e3d4826a13497b20ea9400a259c58f5894c9cf0
SHA512

b44b77b9b6d91e241efe6470f6653eba172a05823da8af3d9ac577ffc97377603db9e79c24bc35b331321c0a2106df51772d791005bbd6f3b37b894c1e597e35
SSDEEP

768:U47AqwHlzg2ry/ME81hycmh7ccFXo9EwRsGjdbkMwqXhheeVGv:U48vB5HE87ycgfFXo94GjH9hheeV4

Score

1^/10

Malware Config

Signatures

Files

f5ee0a78123a64927999adcc208fa93e
.exe windows:4 windows x86 arch:x86

f2591c9313ef1b406891c225b482f8e8

Code Sign

73:17:67:48:fd:ee:5c:4d:bc:8a:27:87:b8:6e:5f:a1
Certificate

Issuer

CN=drVoA01yoqkQ

Not Before

14/03/2012, 05:55

Not After

31/12/2039, 23:59

Subject

CN=drVoA01yoqkQ

Extended Key Usages

ExtKeyUsageCodeSigning

a8:86:b7:4c:8b:6f:2a:00:15:a4:d4:57:05:e0:90:c0:ac:d9:df:1a
Signer

Actual PE Digest

a8:86:b7:4c:8b:6f:2a:00:15:a4:d4:57:05:e0:90:c0:ac:d9:df:1a

Digest Algorithm

sha1

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetWindowsDirectoryA
lstrlenA
lstrcpyA
CreateFileA
GetLogicalDriveStringsA
LoadLibraryA
GetProcAddress
lstrcpyW
LoadLibraryW
VirtualAlloc
ScrollConsoleScreenBufferW
GetConsoleAliasExesW
DisconnectNamedPipe
HeapAlloc
SwitchToThread
MoveFileWithProgressW
GetACP
PulseEvent
RtlFillMemory
ProcessIdToSessionId
Module32Next
Module32FirstW
SetupComm
GetNumberFormatW
FlushConsoleInputBuffer
InitializeCriticalSectionAndSpinCount
OpenEventA
SetConsoleTextAttribute
TransmitCommChar
SetEndOfFile
SetProcessShutdownParameters
QueryPerformanceCounter
lstrlenW
GetConsoleAliasExesA
GetPrivateProfileSectionW
RtlUnwind
EnumCalendarInfoA
VerifyVersionInfoW
UnlockFile
DisableThreadLibraryCalls
GetCommState
GetFileTime
IsValidCodePage
OpenEventW
CreateConsoleScreenBuffer
DeleteVolumeMountPointW
GetSystemDirectoryW
EnumResourceTypesA
GlobalAlloc
TransactNamedPipe
GlobalUnfix
IsBadStringPtrA
CreateRemoteThread
DeleteFiber
GetVolumePathNameW
CopyFileW
GetNumberFormatA
GetProcessAffinityMask
EnumSystemLocalesW
LocalFileTimeToFileTime
VirtualUnlock
GetSystemTimeAdjustment
SetThreadAffinityMask
_hwrite
GetVolumeInformationA
TlsFree
FreeLibrary
GetFileSize
SetLocaleInfoW
lstrcmpiA
ReadConsoleOutputAttribute
SignalObjectAndWait
TlsAlloc
PeekNamedPipe
GetPrivateProfileStructA
CreateWaitableTimerW
SetProcessPriorityBoost
GetCurrencyFormatW
GetMailslotInfo
GlobalGetAtomNameA
GlobalUnWire
GetComputerNameW
SetThreadExecutionState
AddConsoleAliasA
GetVolumeNameForVolumeMountPointW
lstrcpynW
LocalCompact
FindNextChangeNotification
GetCPInfoExA
GetProcessShutdownParameters
WriteConsoleOutputW
SetHandleCount
MoveFileWithProgressA
GetConsoleTitleA
SetCurrentDirectoryA
GetDiskFreeSpaceExA
DebugActiveProcess
BeginUpdateResourceA
LoadModule
GetThreadLocale

user32

GetInputState
GetClipboardFormatNameW
ReleaseCapture
LoadStringW
OpenDesktopA
DdeInitializeW
TileChildWindows
IsWindow
DdeCmpStringHandles
UpdateLayeredWindow
ActivateKeyboardLayout
MoveWindow
AttachThreadInput
SwapMouseButton
ValidateRgn
BeginPaint
EnumPropsA
GetClassInfoW
DrawFrameControl
GetTabbedTextExtentW
DdeKeepStringHandle
MsgWaitForMultipleObjectsEx
MessageBeep
DefWindowProcA
GetPriorityClipboardFormat
SendIMEMessageExW
SetMenuContextHelpId
DdeQueryNextServer
SetActiveWindow
ArrangeIconicWindows
IsRectEmpty
EnumDisplaySettingsA
PostMessageA
MapVirtualKeyExA
IsClipboardFormatAvailable
SetMenuItemBitmaps
InsertMenuA
ReplyMessage
DrawAnimatedRects
GetClipCursor
GetMenuItemInfoA
CharUpperA
HideCaret
SetWindowWord
EnumDisplayDevicesA
SetWindowsHookExA
InvertRect
SetLayeredWindowAttributes
ExcludeUpdateRgn
CreateIcon
GetMenuItemID
DefMDIChildProcW
GetSubMenu
DrawTextExW
GetWindowLongA
LookupIconIdFromDirectory
CharLowerBuffA
GetCaretPos
SetPropA
CreateCaret
CreateDesktopA
SetShellWindow
AppendMenuA
CreateMenu
DlgDirSelectExW
GetMenuItemRect
BroadcastSystemMessageA
SetDebugErrorLevel
CharUpperW
EnumDisplaySettingsExW
FindWindowA
GetUserObjectInformationW
DlgDirListComboBoxW
MessageBoxA
RegisterDeviceNotificationA
TranslateMDISysAccel
RegisterWindowMessageW
LoadMenuIndirectA
ToAsciiEx
CharPrevA
DestroyWindow
ToAscii
SetDlgItemInt
ShowOwnedPopups
GetKBCodePage
SystemParametersInfoW
SetWindowContextHelpId
GetCaretBlinkTime
CharLowerW

gdi32

GdiDeleteSpoolFileHandle
SetRectRgn
GdiSetAttrs
GetPath
STROBJ_dwGetCodePage
CreateHatchBrush
GdiConvertFont
SetTextColor
CreateRectRgn
OffsetClipRgn
PATHOBJ_vGetBounds
EngTextOut
GetCharABCWidthsI
SetTextAlign
EnumMetaFile
GdiConvertBrush
GetCharWidthI
CopyEnhMetaFileW
CloseEnhMetaFile
GdiPlayDCScript
EngGetCurrentCodePage
GdiGetSpoolMessage
GdiPlayEMF
EnableEUDC
SetPixel
StretchBlt
GetDIBits
GdiConsoleTextOut
GdiInitializeLanguagePack
GetROP2
FONTOBJ_pfdg
GetGlyphOutlineWow
BitBlt
BRUSHOBJ_pvAllocRbrush
AddFontResourceA
CreateBrushIndirect
MaskBlt
CloseMetaFile
EnumFontsA
GetCharWidthW
RectInRegion
GetBitmapBits
GdiConvertBitmap
CloseFigure
GetColorAdjustment
GetTextAlign
CreateDiscardableBitmap
EnumEnhMetaFile
SetMapperFlags
CreatePen
GetWindowOrgEx
GetCharABCWidthsFloatA
SetGraphicsMode
GetTextFaceW
EnumFontFamiliesW
GdiQueryFonts
StrokePath
GdiGetLocalBrush
BeginPath
CreateBitmap
SetMagicColors
SetAbortProc
FloodFill
EngLineTo
GdiValidateHandle
GdiCreateLocalMetaFilePict
LineTo
CreateColorSpaceA
SetWinMetaFileBits
GetCharacterPlacementA
ColorCorrectPalette
GetCurrentObject
GetMiterLimit
Chord
GdiAlphaBlend
GetGlyphOutlineW
GetEnhMetaFileDescriptionW
GetCharWidthA
EngDeleteClip
GetGraphicsMode
GetAspectRatioFilterEx
STROBJ_bGetAdvanceWidths
GdiConvertMetaFilePict
Polygon
AddFontResourceTracking
GetRgnBox
LineDDA
CreateHalftonePalette
PATHOBJ_vEnumStartClipLines
EngMultiByteToUnicodeN
PaintRgn
FillPath
GetTextExtentPoint32W
GetBkMode
GetDCBrushColor
NamedEscape

Sections

.text
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text3
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text2
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f2591c9313ef1b406891c225b482f8e8

Code Sign

73:17:67:48:fd:ee:5c:4d:bc:8a:27:87:b8:6e:5f:a1Certificate

Extended Key Usages

a8:86:b7:4c:8b:6f:2a:00:15:a4:d4:57:05:e0:90:c0:ac:d9:df:1aSigner

Headers

File Characteristics

Imports

kernel32

user32

gdi32

Sections

.text Size: 21KB - Virtual size: 21KB

.text3 Size: 1024B - Virtual size: 1000B

.text2 Size: 1KB - Virtual size: 1KB

.data Size: 8KB - Virtual size: 7KB

.rsrc Size: 3KB - Virtual size: 2KB

.reloc Size: 1KB - Virtual size: 1KB

73:17:67:48:fd:ee:5c:4d:bc:8a:27:87:b8:6e:5f:a1
Certificate

a8:86:b7:4c:8b:6f:2a:00:15:a4:d4:57:05:e0:90:c0:ac:d9:df:1a
Signer

.text
Size: 21KB - Virtual size: 21KB

.text3
Size: 1024B - Virtual size: 1000B

.text2
Size: 1KB - Virtual size: 1KB

.data
Size: 8KB - Virtual size: 7KB

.rsrc
Size: 3KB - Virtual size: 2KB

.reloc
Size: 1KB - Virtual size: 1KB