2260940ada292a1725c9a37fa1f1a010

Sharing

Copy URL Twitter E-mail

General

Target

2260940ada292a1725c9a37fa1f1a010
Size

61KB
MD5

2260940ada292a1725c9a37fa1f1a010
SHA1

e239b8aab13d3537cfd7197af96836a79f034d4f
SHA256

d48f93359c9ad636370597b76583a8faf2f6893ffb455d98921d103c42a9a675
SHA512

8164042577908671c5e0e2b50656ec13e7e7ad6c4a972ce503d297b25b4a48fa373a944f5ba47f28461d90e63c19595953f979291b62d30fe4e85021b418c010
SSDEEP

1536:hKwUNdglGTz8BCrYwnjeqITGnNiBLsgXdQe4LsJ:QwpEY8jdITGgljXdooJ

Score

1^/10

Malware Config

Signatures

Files

2260940ada292a1725c9a37fa1f1a010
.exe windows:4 windows x86 arch:x86

0cd5e004960d1e916be26f8f1c663e4f

Code Sign

4a:19:d2:38:8c:82:59:1c:a5:5d:73:5f:15:5d:dc:a3
Certificate

Issuer

OU=VeriSign\, Inc.+OU=VeriSign Time Stamping Service Root+OU=NO LIABILITY ACCEPTED\, (c)97 VeriSign\, Inc.,O=VeriSign Trust Network

Not Before

12/05/1997, 00:00

Not After

07/01/2004, 23:59

Subject

OU=VeriSign\, Inc.+OU=VeriSign Time Stamping Service Root+OU=NO LIABILITY ACCEPTED\, (c)97 VeriSign\, Inc.,O=VeriSign Trust Network

71:78:4c:eb:cf:5a:6b:23:6e:a7:da:e5:f5:37:ca:b8
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

03/12/2001, 00:00

Not After

02/12/2011, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2001 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)01,O=VeriSign\, Inc.

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

08:7a:6d:5c:6f:62:93:4f:ba:c4:fd:43:e1:14:18:9d
Certificate

Issuer

OU=VeriSign\, Inc.+OU=VeriSign Time Stamping Service Root+OU=NO LIABILITY ACCEPTED\, (c)97 VeriSign\, Inc.,O=VeriSign Trust Network

Not Before

28/02/2001, 00:00

Not After

06/01/2004, 23:59

Subject

CN=VeriSign Time Stamping Service,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)01,O=VeriSign\, Inc.

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

2a:d5:8a:99:d8:ee:e8:df:9c:05:89:75:df:48:43:05
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2001 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)01,O=VeriSign\, Inc.

Not Before

13/07/2003, 00:00

Not After

22/06/2004, 23:59

Subject

CN=Flashpoint Media\, LTD.,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Flashpoint Media\, LTD.,L=Hamilton,ST=Hamilton,C=BM

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindClose
GetLastError
GetCommandLineA
RemoveDirectoryA
ResetEvent
FindFirstFileA
SetCurrentDirectoryA
WaitForSingleObject
SetEvent
Sleep
CreateEventA
CreateThread
FindNextFileA
DeleteFileA
CloseHandle
GetStartupInfoA
GetModuleHandleA
CreateProcessA

user32

DestroyMenu
CreatePopupMenu
RegisterClassA
UnregisterClassA
DestroyIcon
DefWindowProcA
DispatchMessageA
TranslateMessage
GetMessageA
InsertMenuItemA
PostMessageA
GetCursorPos
TrackPopupMenu
SetMenuItemInfoA
DestroyWindow
PostQuitMessage
FindWindowA
LoadImageA
CreateWindowExA

shell32

Shell_NotifyIconA

wininet

InternetGetConnectedState
InternetOpenA
InternetCrackUrlA
InternetConnectA
HttpOpenRequestA
HttpSendRequestA
HttpQueryInfoA
InternetOpenUrlA
InternetReadFile
InternetCloseHandle

advapi32

RegCreateKeyExA
RegCloseKey
RegEnumKeyExA
RegSetValueExA
RegDeleteKeyA
RegFlushKey
RegQueryValueExA

rpcrt4

RpcStringFreeA
UuidToStringA
UuidFromStringA

ole32

CoCreateGuid

msvcrt

strchr
strtok
_acmdln
getenv
exit
_XcptFilter
_exit
calloc
memcpy
_strnicmp
_errno
fseek
_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
_isctype
_pctype
strcspn
scanf
malloc
free
_mkdir
ftell
fopen
sprintf
fread
fwrite
__getmainargs
strstr
__mb_cur_max
mktime
gmtime
time
fflush
atoi
sscanf
_ftol
strrchr
fclose
difftime

Sections

.text
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0cd5e004960d1e916be26f8f1c663e4f

Code Sign

4a:19:d2:38:8c:82:59:1c:a5:5d:73:5f:15:5d:dc:a3Certificate

71:78:4c:eb:cf:5a:6b:23:6e:a7:da:e5:f5:37:ca:b8Certificate

Extended Key Usages

Key Usages

08:7a:6d:5c:6f:62:93:4f:ba:c4:fd:43:e1:14:18:9dCertificate

Extended Key Usages

Key Usages

2a:d5:8a:99:d8:ee:e8:df:9c:05:89:75:df:48:43:05Certificate

Extended Key Usages

Key Usages

Signer

Headers

File Characteristics

Imports

kernel32

user32

shell32

wininet

advapi32

rpcrt4

ole32

msvcrt

Sections

.text Size: 32KB - Virtual size: 31KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 8KB - Virtual size: 9KB

.rsrc Size: 8KB - Virtual size: 4KB

4a:19:d2:38:8c:82:59:1c:a5:5d:73:5f:15:5d:dc:a3
Certificate

71:78:4c:eb:cf:5a:6b:23:6e:a7:da:e5:f5:37:ca:b8
Certificate

08:7a:6d:5c:6f:62:93:4f:ba:c4:fd:43:e1:14:18:9d
Certificate

2a:d5:8a:99:d8:ee:e8:df:9c:05:89:75:df:48:43:05
Certificate

.text
Size: 32KB - Virtual size: 31KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 8KB - Virtual size: 9KB

.rsrc
Size: 8KB - Virtual size: 4KB