235899222b6411686269181e377d8619

Sharing

Copy URL Twitter E-mail

General

Target

235899222b6411686269181e377d8619
Size

322KB
MD5

235899222b6411686269181e377d8619
SHA1

529440bfa365dc8b4dca4a207f1efefbbf621cac
SHA256

20e7525aacae2fedd727a9c1c75f6d872b2c296fa5d8d15d99a831ac42cfa82c
SHA512

a32d2d920b410098aa02a667d0c5812585d46eae92e1cbda24412c0c89ab4b4345e91ffa3f283b170b357586881006ace7bc2d890d82f4f050545690a7b9de4c
SSDEEP

6144:yP+DFAvOpLH1fPhn6BnzGap3ph/NaDhDUAcFppGBY6qPp:MSQ65HhkzGM3T/UD9i6up

Score

1^/10

Malware Config

Signatures

Files

235899222b6411686269181e377d8619
.exe windows:4 windows x86 arch:x86

703f317d3b4cfa129b253b962a84bb37

Code Sign

0a:0d:2d:fc:3d:7e:57:c8:be:2c:d7:91:bd:63:df:c8
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

17/09/2014, 00:00

Not After

25/11/2015, 12:00

Subject

CN=Consortium ltd.,O=Consortium ltd.,L=Roseau,ST=Commonwealth of Dominica,C=DM

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

00:b5:2b:d5:f9:61:8c:a9:c3:dd:58:d8:d6:eb:a0:66:80:4e:2b:7f
Signer

Actual PE Digest

00:b5:2b:d5:f9:61:8c:a9:c3:dd:58:d8:d6:eb:a0:66:80:4e:2b:7f

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ImageList_EndDrag
ImageList_DragShowNolock
ImageList_GetDragImage
ImageList_Read

kernel32

GetCurrentThreadId
GetTickCount
ExitProcess
VirtualAlloc
ReadFile
GetCommandLineW
LockResource
TlsSetValue
WriteFile
GetLastError
CreateThread
CloseHandle
QueryPerformanceCounter
GetSystemTimeAsFileTime
GetUserDefaultLangID
GetCurrentProcess
GetModuleHandleA
GetDefaultCommConfigA
lstrcmpiA
LCMapStringW
LCMapStringA
GetStringTypeW
GetStringTypeA
MultiByteToWideChar
LoadLibraryA
GetOEMCP
GetACP
GetCPInfo
FlushFileBuffers
SetStdHandle
HeapReAlloc
HeapAlloc
RtlUnwind
SetFilePointer
VirtualFree
HeapCreate
HeapDestroy
GetEnvironmentVariableA
GetFileType
GetStdHandle
GetVersion
GetStartupInfoA
SetHandleCount
GetEnvironmentStringsW
GetCommandLineA
GetVersionExA
GetModuleHandleW
GetProcAddress
CreateFileMappingA
GetEnvironmentStrings
WideCharToMultiByte
FreeEnvironmentStringsW
FreeEnvironmentStringsA
HeapFree
TerminateProcess
UnhandledExceptionFilter
GetModuleFileNameA

user32

WindowFromPoint
GetSystemMetrics
CreateDialogParamA
CreateWindowExA
LoadStringA
GetKeyboardType
RegisterWindowMessageA
ReleaseDC
GetClientRect
RegisterClassExA
DialogBoxParamA
GetDC

gdi32

Rectangle
GetDeviceCaps

comdlg32

GetSaveFileNameA

advapi32

GetUserNameA
RegSetValueExW
RegCloseKey
RegCreateKeyExA

ole32

CoUninitialize
CoInitialize
CoTaskMemAlloc

Sections

.text
Size: 272KB - Virtual size: 269KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

703f317d3b4cfa129b253b962a84bb37

Code Sign

0a:0d:2d:fc:3d:7e:57:c8:be:2c:d7:91:bd:63:df:c8Certificate

Extended Key Usages

Key Usages

00:b5:2b:d5:f9:61:8c:a9:c3:dd:58:d8:d6:eb:a0:66:80:4e:2b:7fSigner

Headers

File Characteristics

Imports

comctl32

kernel32

user32

gdi32

comdlg32

advapi32

ole32

Sections

.text Size: 272KB - Virtual size: 269KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 12KB - Virtual size: 24KB

.rsrc Size: 28KB - Virtual size: 25KB

0a:0d:2d:fc:3d:7e:57:c8:be:2c:d7:91:bd:63:df:c8
Certificate

00:b5:2b:d5:f9:61:8c:a9:c3:dd:58:d8:d6:eb:a0:66:80:4e:2b:7f
Signer

.text
Size: 272KB - Virtual size: 269KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 12KB - Virtual size: 24KB

.rsrc
Size: 28KB - Virtual size: 25KB