1c0c4bcb44bb5ce386d360d8957529d5

Sharing

Copy URL Twitter E-mail

General

Target

1c0c4bcb44bb5ce386d360d8957529d5
Size

427KB
MD5

1c0c4bcb44bb5ce386d360d8957529d5
SHA1

9bab39d2e77ed8a37a2f1dbe0a5c329da680437d
SHA256

78f646fa28b43d8c0984a02b391b072a888c42a9c0beef7aed911ce66712af41
SHA512

27e8d8853e234ae19477deb0492b282aa41631c16258af9a8c8004380cd7b0c38e2dd277a6e1754e5f88cbec19f503ba7042f318f98c4ab3e7a3d320be4d9e88
SSDEEP

6144:ruQNBFFY80SzY5Oq5bNE1kgbgJOpS1FFu/l/FoCYDsZxzC8gWx7v/GagCK:fYSOOqTwbWOM1FFuPoCfZx5gWxD/GaFK

Score

1^/10

Malware Config

Signatures

Files

1c0c4bcb44bb5ce386d360d8957529d5
.exe windows:4 windows x86 arch:x86

16987faa06b73d2a3382bac4339010c5

Code Sign

30:75:8d:ab:d1:04:f3:44:bf:58:67:91:bc:5d:06:bc
Certificate

Issuer

CN=sbwrhqqictx

Not Before

30/01/2012, 21:18

Not After

31/12/2039, 23:59

Subject

CN=Largo

24:aa:de:c1:ca:82:a1:21:bc:f7:91:6e:c5:d6:e4:61:91:4a:39:a2
Signer

Actual PE Digest

24:aa:de:c1:ca:82:a1:21:bc:f7:91:6e:c5:d6:e4:61:91:4a:39:a2

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

ArrangeIconicWindows
GetSysColor
ShowOwnedPopups
CreateDialogParamA
SetWindowPlacement
GetNextDlgTabItem
GetDlgItemTextA
MessageBoxA
BringWindowToTop
GetForegroundWindow
EnumWindows

ole32

StgGetIFillLockBytesOnILockBytes
GetHGlobalFromStream
ReadClassStg
CoReleaseServerProcess
CoBuildVersion
SetConvertStg
StgIsStorageFile
CoTaskMemAlloc
OleGetIconOfClass
OleCreate
CoLoadLibrary
WriteClassStm
MkParseDisplayName
OleSetClipboard
OleCreateLink

oledlg

ord3
ord9
ord5
ord2
ord1
ord12
ord10
ord7
ord8
ord11

advapi32

RegCreateKeyA
RegEnumKeyA
RegOverridePredefKey
RegOpenKeyA
RegLoadKeyA
RegSetValueA
RegReplaceKeyA
RegQueryValueExA
RegUnLoadKeyA

kernel32

GetModuleHandleA
GetCommandLineA
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetProcAddress
GetFileType
GetCurrentThreadId
TlsSetValue
TlsAlloc
GetStringTypeW
TlsGetValue
GetLastError
HeapDestroy
HeapCreate
VirtualFree
HeapFree
WriteFile
InitializeCriticalSection
EnterCriticalSection
GetStartupInfoA
GetStringTypeA
SetLastError
lstrcpyA
lstrcatA
QueryPerformanceCounter
GetProcessHeap
GetTickCount
GetStdHandle
GetUserDefaultLCID
VirtualFreeEx
LocalAlloc
IsValidCodePage
ReleaseSemaphore
GetSystemDefaultLCID
GetThreadLocale
SetEvent
GlobalSize
GlobalAlloc
HeapSize
WritePrivateProfileSectionA
GetPrivateProfileStringA
GetProfileStringA
WriteProfileStringA
WritePrivateProfileStringA
WritePrivateProfileStructA
LCMapStringW
LCMapStringA
MultiByteToWideChar
LoadLibraryA
HeapReAlloc
VirtualAlloc
HeapAlloc
GetOEMCP
GetACP
GetCPInfo
LeaveCriticalSection

Sections

.text
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 82KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tdknl
Size: 400KB - Virtual size: 399KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

16987faa06b73d2a3382bac4339010c5

Code Sign

30:75:8d:ab:d1:04:f3:44:bf:58:67:91:bc:5d:06:bcCertificate

24:aa:de:c1:ca:82:a1:21:bc:f7:91:6e:c5:d6:e4:61:91:4a:39:a2Signer

Headers

File Characteristics

Imports

user32

ole32

oledlg

advapi32

kernel32

Sections

.text Size: 14KB - Virtual size: 13KB

.rdata Size: 5KB - Virtual size: 5KB

.data Size: 512B - Virtual size: 82KB

.tdknl Size: 400KB - Virtual size: 399KB

.rsrc Size: 5KB - Virtual size: 5KB

30:75:8d:ab:d1:04:f3:44:bf:58:67:91:bc:5d:06:bc
Certificate

24:aa:de:c1:ca:82:a1:21:bc:f7:91:6e:c5:d6:e4:61:91:4a:39:a2
Signer

.text
Size: 14KB - Virtual size: 13KB

.rdata
Size: 5KB - Virtual size: 5KB

.data
Size: 512B - Virtual size: 82KB

.tdknl
Size: 400KB - Virtual size: 399KB

.rsrc
Size: 5KB - Virtual size: 5KB