1039b139e624eadca4e7f6cd76777f55

Sharing

Copy URL

Twitter E-mail

General

Target

1039b139e624eadca4e7f6cd76777f55
Size

95KB
MD5

1039b139e624eadca4e7f6cd76777f55
SHA1

1afb6181c2df0c0495a81a8ac7df95320f1feb81
SHA256

17fc173ed931fdbd044fe579aa4dd285eaf77a9481c2c6e5dbcc4c74c9e28bd5
SHA512

37a5740d93ef8560155428b94185695f5a7551d47f7d4ce40c57b5a642c12eae26098945ad9d625af8e8d2cebb38f5d34ea748a784974f8d3cb36369243e0f7e
SSDEEP

1536:H8i4974x2to+LRk5E3idI40uC8TiapxZz38eQ5reKBoOslwUaVPXWCmAOZX1:H8i497YgoEzSKnuCyiOieQ5KK1kEOZX1

Score

1^/10

Malware Config

Signatures

Files

1039b139e624eadca4e7f6cd76777f55
.exe windows:5 windows x86 arch:x86

8711c024c2cf432e8029b8cd92b75f42

Code Sign

0f:1d:b0:a6:2c:6d:d5:b2:47:86:46:85:24:2c:9b:18
Certificate

Issuer

CN=t123612333

Not Before

05-02-2012 18:21

Not After

31-12-2039 23:59

Subject

CN=t123612333

Extended Key Usages

ExtKeyUsageCodeSigning

2d:cf:9f:e8:af:c9:bd:eb:a0:bb:60:f7:9b:ad:8f:f4:97:76:24:15
Signer

Actual PE Digest

2d:cf:9f:e8:af:c9:bd:eb:a0:bb:60:f7:9b:ad:8f:f4:97:76:24:15

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetCommConfig
SetCommState
SetComputerNameExA
SetComputerNameExW
SetComputerNameW
SetConsoleMode
SetEnvironmentVariableA
SetFileAttributesA
SetFileTime
SetPriorityClass
SetStdHandle
SetCalendarInfoW
SetWaitableTimer
SignalObjectAndWait
Sleep
TerminateJobObject
TlsFree
TransactNamedPipe
UnlockFileEx
WriteFileGather
WriteProfileStringA
WriteTapemark
lstrcpyA
ResetWriteWatch
ReadConsoleOutputW
ReadConsoleInputW
QueryPerformanceFrequency
MoveFileExW
Module32First
LockFile
LocalShrink
LocalFileTimeToFileTime
LoadResource
IsBadStringPtrA
HeapAlloc
Heap32ListFirst
GlobalUnlock
GlobalSize
GlobalMemoryStatusEx
GlobalMemoryStatus
GlobalHandle
GlobalAddAtomA
GetWindowsDirectoryW
GetVersion
GetUserDefaultLCID
GetTimeFormatW
GetTimeFormatA
GetThreadSelectorEntry
GetTempFileNameA
GetSystemDefaultLangID
GetStringTypeA
GetProcessPriorityBoost
GetNumberFormatW
GetLongPathNameW
GetLocalTime
GetDiskFreeSpaceExA
GetCurrentThreadId
GetCurrentDirectoryA
GetCurrencyFormatA
GetConsoleTitleW
GetConsoleAliasesLengthA
GetComputerNameExA
GetCommState
GetCommMask
GetBinaryTypeW
GetAtomNameW
FormatMessageW
FoldStringA
FindResourceExA
FindResourceA
FindFirstVolumeMountPointA
FillConsoleOutputAttribute
EnumLanguageGroupLocalesW
EnumResourceNamesA
EnumDateFormatsExW
EnumCalendarInfoW
EndUpdateResourceA
DnsHostnameToComputerNameA
CreateTimerQueueTimer
CreateSemaphoreW
CreateRemoteThread
CreateProcessW
CreateProcessA
CreateEventW
CreateDirectoryW
CopyFileExW
CopyFileA
CompareStringA
ChangeTimerQueueTimer
BuildCommDCBAndTimeoutsW
BuildCommDCBAndTimeoutsA
BeginUpdateResourceW
LoadLibraryA
GetProcAddress
SetThreadContext
VirtualAlloc

gdi32

cGetTTFFromFOT
XFORMOBJ_bApplyXform
UnloadNetworkFonts
StartDocW
SetStretchBltMode
SetMapMode
SetLayout
SetDIBColorTable
SetBkMode
SelectPalette
SaveDC
RemoveFontResourceTracking
PtInRegion
Polyline
PolyDraw
PlayEnhMetaFile
PATHOBJ_vEnumStart
GetTextFaceAliasW
GetTextExtentExPointA
GetNearestPaletteIndex
GetLayout
GetFontAssocStatus
GetDeviceCaps
GetDCOrgEx
GetCurrentPositionEx
GetCurrentObject
GetBitmapDimensionEx
GdiGetPageHandle
GdiGetDevmodeForPage
GdiGetCharDimensions
GdiDeleteSpoolFileHandle
GdiComment
FlattenPath
FONTOBJ_pxoGetXform
EngGetDriverName
EngCreateSemaphore
EngBitBlt
EngAcquireSemaphore
EndDoc
CreateMetaFileW
CreateFontIndirectW
CreateFontIndirectA
CreateDCA
CombineTransform
ChoosePixelFormat
CheckColorsInGamut
CLIPOBJ_bEnum
AnyLinkedFonts
GetStockObject
gdiPlaySpoolStream

comdlg32

ReplaceTextA
PrintDlgW
PrintDlgExW
PrintDlgExA
PrintDlgA
PageSetupDlgW
PageSetupDlgA
GetSaveFileNameW
GetSaveFileNameA
GetOpenFileNameW
GetOpenFileNameA
GetFileTitleW
GetFileTitleA
FindTextW
FindTextA
CommDlgExtendedError
ChooseFontW
ChooseFontA
ChooseColorW
ChooseColorA
ReplaceTextW

Sections

.text
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.set
Size: 75KB - Virtual size: 74KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.uuj
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 152B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 285KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8711c024c2cf432e8029b8cd92b75f42

Code Sign

0f:1d:b0:a6:2c:6d:d5:b2:47:86:46:85:24:2c:9b:18Certificate

Extended Key Usages

2d:cf:9f:e8:af:c9:bd:eb:a0:bb:60:f7:9b:ad:8f:f4:97:76:24:15Signer

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

gdi32

comdlg32

Sections

.text Size: 6KB - Virtual size: 6KB

.set Size: 75KB - Virtual size: 74KB

.uuj Size: 1KB - Virtual size: 1KB

.data Size: 512B - Virtual size: 152B

.rsrc Size: 8KB - Virtual size: 7KB

.reloc Size: 1KB - Virtual size: 285KB

0f:1d:b0:a6:2c:6d:d5:b2:47:86:46:85:24:2c:9b:18
Certificate

2d:cf:9f:e8:af:c9:bd:eb:a0:bb:60:f7:9b:ad:8f:f4:97:76:24:15
Signer

.text
Size: 6KB - Virtual size: 6KB

.set
Size: 75KB - Virtual size: 74KB

.uuj
Size: 1KB - Virtual size: 1KB

.data
Size: 512B - Virtual size: 152B

.rsrc
Size: 8KB - Virtual size: 7KB

.reloc
Size: 1KB - Virtual size: 285KB