10782a41048591f69d7825e526f8a1cc

Sharing

Copy URL Twitter E-mail

General

Target

10782a41048591f69d7825e526f8a1cc
Size

1.4MB
MD5

10782a41048591f69d7825e526f8a1cc
SHA1

77a4363eec74d2585ae8352ad7388ae286110fa6
SHA256

21a49709d9cdd285a0839146fbc08977269ad530b82f9cad65a7e1230e7019c0
SHA512

06da20f6cfb1a8a1827abe145711c55e3d13a95b5d99ea5b64f219922ebf936144c4c28da98dee392a10a7902909def79dc4c98d2fe000625211d8ec1061ff39
SSDEEP

24576:w+8OPRGlnlhXSnJeH7nL8Wp6whEZV2rQnyhLP0R84KpUpVvmeS:qX+JetlE6rQnyhLP0R1KipgH

Score

1^/10

Malware Config

Signatures

Files

10782a41048591f69d7825e526f8a1cc
.exe windows:5 windows x86 arch:x86

38233a870b7473658b8eb9909e42d3b0

Code Sign

49:25:22:db:26:91:4d:38:c2:1a:79:77:68:b8:8a:13
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

23/07/2014, 00:00

Not After

23/07/2015, 23:59

Subject

CN=Softpulse S.l.,O=Softpulse S.l.,L=Guia de Isora,ST=Santa Cruz de Tenerife,C=ES

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

9b:02:2c:43:bf:a5:c6:f8:02:a2:cd:c6:8c:cb:cd:f5:a6:50:d8:7d
Signer

Actual PE Digest

9b:02:2c:43:bf:a5:c6:f8:02:a2:cd:c6:8c:cb:cd:f5:a6:50:d8:7d

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
VirtualAlloc
VirtualAllocEx
GetLastError
ReadProcessMemory
WriteProcessMemory
GetThreadContext
ResumeThread
LoadResource
SizeofResource
LoadLibraryW
GetModuleFileNameA
GetModuleFileNameW
GetModuleHandleW
CreateProcessA
FindResourceW
FindResourceExW
FreeLibrary
WideCharToMultiByte
FreeConsole
RaiseException
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
HeapDestroy
HeapAlloc
HeapReAlloc
HeapFree
HeapSize
GetProcessHeap
CreateFileW
CloseHandle
WriteConsoleW
SetFilePointerEx
LockResource
InterlockedDecrement
MultiByteToWideChar
InitializeCriticalSectionAndSpinCount
SetStdHandle
GetConsoleMode
GetConsoleCP
FlushFileBuffers
GetStringTypeW
LCMapStringW
LocalFree
GetCommandLineW
EncodePointer
DecodePointer
RtlUnwind
SetLastError
InterlockedIncrement
GetCurrentThreadId
ExitProcess
GetModuleHandleExW
GetStdHandle
WriteFile
GetFileType
GetStartupInfoW
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
GetEnvironmentStringsW
FreeEnvironmentStringsW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
IsProcessorFeaturePresent
Sleep
IsDebuggerPresent
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
LoadLibraryExW
OutputDebugStringW

user32

LoadCursorW
RegisterClassExW
LoadIconW

advapi32

RegOpenKeyExW
RegCloseKey
RegQueryValueExW

ole32

CoInitializeEx
CoInitializeSecurity
CoSetProxyBlanket
CoCreateInstance
CoUninitialize

oleaut32

SysAllocStringByteLen
SysStringByteLen
SysFreeString
VariantClear

shlwapi

PathFindFileNameW

Sections

.text
Size: 74KB - Virtual size: 73KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 320KB - Virtual size: 320KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 994KB - Virtual size: 993KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

38233a870b7473658b8eb9909e42d3b0

Code Sign

49:25:22:db:26:91:4d:38:c2:1a:79:77:68:b8:8a:13Certificate

Extended Key Usages

Key Usages

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7Certificate

Extended Key Usages

Key Usages

9b:02:2c:43:bf:a5:c6:f8:02:a2:cd:c6:8c:cb:cd:f5:a6:50:d8:7dSigner

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

ole32

oleaut32

shlwapi

Sections

.text Size: 74KB - Virtual size: 73KB

.rdata Size: 320KB - Virtual size: 320KB

.data Size: 5KB - Virtual size: 12KB

.rsrc Size: 994KB - Virtual size: 993KB

49:25:22:db:26:91:4d:38:c2:1a:79:77:68:b8:8a:13
Certificate

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

9b:02:2c:43:bf:a5:c6:f8:02:a2:cd:c6:8c:cb:cd:f5:a6:50:d8:7d
Signer

.text
Size: 74KB - Virtual size: 73KB

.rdata
Size: 320KB - Virtual size: 320KB

.data
Size: 5KB - Virtual size: 12KB

.rsrc
Size: 994KB - Virtual size: 993KB