0237e912e95762714c095a7c874065bf

Sharing

Copy URL Twitter E-mail

General

Target

0237e912e95762714c095a7c874065bf
Size

100KB
MD5

0237e912e95762714c095a7c874065bf
SHA1

7e471c77129a319770967a2609ef25b61ebd5e22
SHA256

114b3441e24bb5d97f979dd81ad92eb702d01407f8f2ad92682e5166e0554594
SHA512

5e06f0f22af13ff2b7af3b6c982f11f895c87e2b04016369ebd4b013ad660b4b80f5c20b54297c038f028bd2ea43441e0de3d7ef99992221de9ec09c642cf6b8
SSDEEP

1536:99k9XZYQy2yZVwh3Ze/Fjg10mRCVp9Qdwbv9viJtq/gmnKs8UlNL:99k5ZYQz8wh36E1vCPPL0ygmnFHlNL

Score

1^/10

Malware Config

Signatures

Files

0237e912e95762714c095a7c874065bf
.exe windows:5 windows x86 arch:x86

7e0ce1f7d7f7756d80a30bcd8ee9a71d

Code Sign

69:9d:1f:67:c2:f1:c4:4c:b9:38:42:69:f1:79:93:0e
Certificate

Issuer

CN=666666

Not Before

12/02/2012, 08:59

Not After

31/12/2039, 23:59

Subject

CN=666666

Extended Key Usages

ExtKeyUsageCodeSigning

38:a8:c5:db:e5:8c:9d:ae:71:3a:64:71:cb:e7:a8:a7:af:b7:b9:19
Signer

Actual PE Digest

38:a8:c5:db:e5:8c:9d:ae:71:3a:64:71:cb:e7:a8:a7:af:b7:b9:19

Digest Algorithm

sha1

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProfileStringW
GetSystemTimeAsFileTime
GetTempPathA
GetThreadPriority
GetVolumeNameForVolumeMountPointW
GlobalFree
GlobalSize
HeapCompact
HeapCreate
InterlockedIncrement
IsSystemResumeAutomatic
IsValidCodePage
LoadLibraryExW
LocalAlloc
LocalReAlloc
MoveFileWithProgressA
PeekConsoleInputW
PeekNamedPipe
QueryDosDeviceW
QueueUserWorkItem
ReadConsoleOutputCharacterW
ReadConsoleOutputW
ReleaseSemaphore
ResetWriteWatch
GetProfileSectionA
SetComputerNameW
SetConsoleCursorPosition
SetConsoleDisplayMode
SetDefaultCommConfigA
SetFileAttributesW
SetNamedPipeHandleState
SetPriorityClass
SetStdHandle
SetThreadExecutionState
SetThreadLocale
SetThreadPriorityBoost
SizeofResource
SystemTimeToFileTime
SystemTimeToTzSpecificLocalTime
Thread32First
UnhandledExceptionFilter
VirtualQuery
WriteConsoleInputA
WriteConsoleOutputAttribute
WriteConsoleOutputCharacterA
WritePrivateProfileStructW
lstrcmp
GetProfileIntA
GetNumberFormatA
GetNamedPipeInfo
GetModuleFileNameW
GetModuleFileNameA
GetLogicalDrives
GetFullPathNameA
GetEnvironmentVariableA
CreateFileA
GetEnvironmentStrings
GetDriveTypeA
GetDiskFreeSpaceW
GetDiskFreeSpaceExW
GetDiskFreeSpaceA
GetConsoleOutputCP
GetConsoleMode
GetConsoleAliasExesLengthA
GetCommConfig
GetCPInfoExA
FindVolumeClose
FindResourceW
FindNextVolumeMountPointW
FindNextFileW
FindFirstVolumeMountPointA
FindFirstFileA
FileTimeToDosDateTime
EnumResourceLanguagesW
EnumLanguageGroupLocalesA
DnsHostnameToComputerNameW
DisableThreadLibraryCalls
DeviceIoControl
DeleteTimerQueueTimer
DeleteTimerQueue
DeleteFileA
DefineDosDeviceW
CreateRemoteThread
CreateMailslotA
ConvertDefaultLocale
CommConfigDialogW
CloseHandle
CancelWaitableTimer
CancelDeviceWakeupRequest
BeginUpdateResourceW
BeginUpdateResourceA
BackupSeek
LoadLibraryW
GetProcAddress
VirtualAlloc
GetWindowsDirectoryA
lstrlenA
lstrcpyA
SearchPathW

shell32

SHCreateDirectoryExA
Shell_NotifyIcon
ShellExecuteA
ShellAboutA
SHQueryRecycleBinW
SHQueryRecycleBinA
SHPathPrepareForWriteW
SHLoadNonloadedIconOverlayIdentifiers
SHLoadInProc
SHInvokePrinterCommandA
SHGetSpecialFolderPathW
SHGetSpecialFolderPathA
SHGetSpecialFolderLocation
SHGetPathFromIDList
SHGetMalloc
CheckEscapesW
CommandLineToArgvW
DoEnvironmentSubstW
DragFinish
DragQueryFile
DragQueryFileAorW
DragQueryFileW
ExtractAssociatedIconExA
ExtractAssociatedIconExW
ExtractAssociatedIconW
ExtractIconExA
ExtractIconExW
ExtractIconW
FindExecutableA
FindExecutableW
SHBrowseForFolderA
SHIsFileAvailableOffline
SHCreateDirectoryExW
SHFileOperationA
SHFileOperationW
SHFormatDrive
SHFreeNameMappings
SHGetDataFromIDListA
SHGetDataFromIDListW
SHGetDesktopFolder
SHGetDiskFreeSpaceExA
SHGetFileInfo
SHGetFileInfoA
SHGetFolderLocation
SHGetFolderPathA
SHGetFolderPathW
SHGetIconOverlayIndexW
SHGetInstanceExplorer

shlwapi

StrChrA
StrChrIA
StrChrW
StrStrW
StrStrIW
StrStrIA
StrRStrIW
StrRStrIA
StrRChrW
StrRChrIA
StrRChrA
StrCmpNW
StrCmpNIW
StrCmpNIA

comctl32

CreatePropertySheetPage
CreatePropertySheetPageW
CreateStatusWindow
ord7
ord15
DrawStatusText
DrawStatusTextW
FlatSB_EnableScrollBar
FlatSB_GetScrollInfo
FlatSB_GetScrollPos
FlatSB_GetScrollRange
FlatSB_SetScrollInfo
FlatSB_SetScrollPos
FlatSB_SetScrollProp
FlatSB_SetScrollRange
FlatSB_ShowScrollBar
ord4
ImageList_Add
ImageList_AddMasked
ImageList_BeginDrag
ImageList_Copy
ImageList_Destroy
ImageList_DragLeave
ImageList_DragMove
ImageList_DragShowNolock
ImageList_DrawIndirect
ImageList_Duplicate
ImageList_EndDrag
ImageList_GetIconSize
ImageList_GetImageCount
ImageList_GetImageRect
ImageList_LoadImage
ImageList_LoadImageA
ImageList_Merge
ImageList_Read
ImageList_Remove
ImageList_Replace
ImageList_SetBkColor
ImageList_SetFilter
ImageList_SetImageCount
ord17
InitializeFlatSB
ord14
ord13
ord2
PropertySheetA
PropertySheetW
ord3
UninitializeFlatSB
_TrackMouseEvent
ord8

Sections

.text
Size: 85KB - Virtual size: 85KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 204B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.d1
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.d2
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 277KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7e0ce1f7d7f7756d80a30bcd8ee9a71d

Code Sign

69:9d:1f:67:c2:f1:c4:4c:b9:38:42:69:f1:79:93:0eCertificate

Extended Key Usages

38:a8:c5:db:e5:8c:9d:ae:71:3a:64:71:cb:e7:a8:a7:af:b7:b9:19Signer

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

shell32

shlwapi

comctl32

Sections

.text Size: 85KB - Virtual size: 85KB

.data Size: 512B - Virtual size: 204B

.d1 Size: 1024B - Virtual size: 1000B

.d2 Size: 2KB - Virtual size: 2KB

.rsrc Size: 8KB - Virtual size: 7KB

.reloc Size: 1KB - Virtual size: 277KB

69:9d:1f:67:c2:f1:c4:4c:b9:38:42:69:f1:79:93:0e
Certificate

38:a8:c5:db:e5:8c:9d:ae:71:3a:64:71:cb:e7:a8:a7:af:b7:b9:19
Signer

.text
Size: 85KB - Virtual size: 85KB

.data
Size: 512B - Virtual size: 204B

.d1
Size: 1024B - Virtual size: 1000B

.d2
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 8KB - Virtual size: 7KB

.reloc
Size: 1KB - Virtual size: 277KB