44a567aac39b32993d4881fa6e11fded

Sharing

Copy URL Twitter E-mail

General

Target

44a567aac39b32993d4881fa6e11fded
Size

65KB
MD5

44a567aac39b32993d4881fa6e11fded
SHA1

4b97f5b40f426ee5e25c1d4a6bdd6e38dbbfa90d
SHA256

4a8ebcdbfff99c5ba3b287c3099cee24c70f05deeefb9378214d0cbf8c4cb70f
SHA512

899722c3f68cc3a46a05e415c7059e46df5f9d92904e5303944d0a84c0aacdc44595af9f5226bef238ea745a0e4010bcc9b0f7f86f41a71f547a17c5c2674245
SSDEEP

768:Ddojtpe8/NDrb615P2hDVwkoye2hwHETLPtdsvTn2TGT7xS2pL5uMxVNLwdp3CFU:sts6DrO1yWZ8mEf0FZS2xYc5wdp3Cqj

Score

1^/10

Malware Config

Signatures

Files

44a567aac39b32993d4881fa6e11fded
.exe windows:4 windows x86 arch:x86

ed8c984add9b74e3931592ca1382028e

Code Sign

3e:01:16:d2:a8:37:80:6c:b6:a0:b2:5d:49:9e:a8:71
Certificate

Issuer

CN=c7CD2apNdE2Co67yXFCKkD2C3K35x7xCVdTNEZLCkXDYMPKJlPTJkYOzzAbZINSQisxJwpOn6kq23BKxEki70CjzEXouH7D9irHhlzXbJ7nLXdpzAbhPgD5BEf6fpLdb84LhvOZpYf5cUgCdKi8eM32bjwJYM56VeNoYR4XtkMU0pbd3AatUdu6OfVao8j

Not Before

22/05/2012, 10:20

Not After

22/11/2012, 10:20

Subject

CN=c7CD2apNdE2Co67yXFCKkD2C3K35x7xCVdTNEZLCkXDYMPKJlPTJkYOzzAbZINSQisxJwpOn6kq23BKxEki70CjzEXouH7D9irHhlzXbJ7nLXdpzAbhPgD5BEf6fpLdb84LhvOZpYf5cUgCdKi8eM32bjwJYM56VeNoYR4XtkMU0pbd3AatUdu6OfVao8j

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

ea:bb:90:fb:ba:5c:3e:69:d1:2f:40:52:11:87:32:d4:51:bc:cb:70
Signer

Actual PE Digest

ea:bb:90:fb:ba:5c:3e:69:d1:2f:40:52:11:87:32:d4:51:bc:cb:70

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLogicalDriveStringsA
GlobalAddAtomW
CopyFileW
EnumResourceNamesW
GetSystemDefaultLangID
UnlockFile
QueryDosDeviceW
SetThreadIdealProcessor
GetPrivateProfileSectionNamesA
BuildCommDCBA
SwitchToThread
SetConsoleTitleW
WaitNamedPipeW
SetTapePosition
_llseek
FindResourceW
GetDefaultCommConfigW
WritePrivateProfileStringW
CompareStringW
_lcreat
UpdateResourceA
GetACP
ScrollConsoleScreenBufferW
GetProcessWorkingSetSize
GetLogicalDriveStringsW
CreateSemaphoreW
InterlockedExchange
IsBadStringPtrW
GetEnvironmentStrings
ReadConsoleW
Process32Next
LoadResource
RequestWakeupLatency
WaitForMultipleObjects
GetNamedPipeHandleStateA
MoveFileW
FindResourceA
FreeLibrary
GetProcessVersion
SearchPathW
SetFileAttributesA
Beep
AllocConsole
UnlockFileEx
GetCurrentConsoleFont
SetConsoleCursor
GetLastError
GetConsoleFontSize
Heap32ListFirst
ReleaseMutex
GetWindowsDirectoryA
LocalAlloc
GetTempPathW
GetConsoleScreenBufferInfo
FindFirstFileExA
AddAtomW
WriteProfileSectionW
SetThreadLocale
GetUserDefaultLCID
ResetEvent
GetLocalTime

user32

CloseWindow
RedrawWindow
GetKBCodePage
GetTopWindow
EqualRect
GetAncestor
MapVirtualKeyExW
IsWindowUnicode
UnloadKeyboardLayout
SetMenuInfo
CopyRect
CreateDesktopA
DrawIcon
VkKeyScanA
MonitorFromWindow
TrackPopupMenu
DrawFrame
LoadMenuW
EndPaint
EnumDisplaySettingsExW
CharNextExA
MessageBoxW
GetMenu
GetClassNameA
GetKeyState
SystemParametersInfoA
SetMenuDefaultItem
SetScrollPos
GetIconInfo
WINNLSGetIMEHotkey
SetCursorPos
GetPropA
FindWindowExW
InvalidateRgn
TrackMouseEvent
SetMenuContextHelpId
SetWindowLongA
DlgDirSelectExW
GetWindowThreadProcessId
PostMessageA
RegisterWindowMessageW
GetUpdateRgn
LoadCursorW
GetScrollRange
CopyAcceleratorTableA
DdeNameService
SwapMouseButton
ExitWindowsEx
CharToOemW
GetMenuItemID
MapVirtualKeyA
RegisterClassW
RegisterShellHookWindow
CharPrevExA
GetMenuCheckMarkDimensions
GetUpdateRect
IsWindow
DrawIconEx

comdlg32

FindTextW
ReplaceTextW
PageSetupDlgW
GetFileTitleW

shell32

DoEnvironmentSubstW
SHQueryRecycleBinA
DragFinish
ExtractIconExW
SHBrowseForFolderW

shlwapi

StrStrIA

comctl32

ImageList_LoadImage
ImageList_AddIcon
ImageList_SetIconSize
ImageList_Destroy

Sections

.text
Size: 54KB - Virtual size: 54KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 552B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ed8c984add9b74e3931592ca1382028e

Code Sign

3e:01:16:d2:a8:37:80:6c:b6:a0:b2:5d:49:9e:a8:71Certificate

Extended Key Usages

ea:bb:90:fb:ba:5c:3e:69:d1:2f:40:52:11:87:32:d4:51:bc:cb:70Signer

Headers

File Characteristics

Imports

kernel32

user32

comdlg32

shell32

shlwapi

comctl32

Sections

.text Size: 54KB - Virtual size: 54KB

.data Size: 4KB - Virtual size: 3KB

.rsrc Size: 2KB - Virtual size: 2KB

.reloc Size: 1024B - Virtual size: 552B

3e:01:16:d2:a8:37:80:6c:b6:a0:b2:5d:49:9e:a8:71
Certificate

ea:bb:90:fb:ba:5c:3e:69:d1:2f:40:52:11:87:32:d4:51:bc:cb:70
Signer

.text
Size: 54KB - Virtual size: 54KB

.data
Size: 4KB - Virtual size: 3KB

.rsrc
Size: 2KB - Virtual size: 2KB

.reloc
Size: 1024B - Virtual size: 552B