44354548bc3f927bb33d28c3a242c913

Sharing

Copy URL Twitter E-mail

General

Target

44354548bc3f927bb33d28c3a242c913
Size

425KB
MD5

44354548bc3f927bb33d28c3a242c913
SHA1

e3952cea2f58673ebbe0a07797a091069c17908e
SHA256

df9f94ea6e1f6c9cc0f5e36e89d8e0b5e5ed9c4069c3d2a770901655e75606f3
SHA512

d929ce26c6eadafe30dec945a6a84f6826d65c138b366c2b0b63c2f48857ceb27b2ee3d9f200053fb8b65e58a48e00993385771c1f343c28e3e4b745fafe7ada
SSDEEP

12288:WuK9s0ywmrm/igfhpvh+f2SpIzDlNwfcvRs:zaywb/9fhS24ItNwUG

Score

1^/10

Malware Config

Signatures

Files

44354548bc3f927bb33d28c3a242c913
.exe windows:4 windows x86 arch:x86

c320aeca298b16ec8d0f238c5f90a2b5

Code Sign

63:15:f8:e4:72:9c:cc:ab:41:84:fe:91:76:f2:bf:19
Certificate

Issuer

CN=zwpgqveiioi

Not Before

28/01/2012, 19:54

Not After

31/12/2039, 23:59

Subject

CN=Gasqipo

df:0d:cb:0b:81:db:68:cb:a2:b8:91:02:7b:0a:01:bf:d7:eb:62:87
Signer

Actual PE Digest

df:0d:cb:0b:81:db:68:cb:a2:b8:91:02:7b:0a:01:bf:d7:eb:62:87

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

StgIsStorageILockBytes
StgCreatePropSetStg
FreePropVariantArray
OleCreateFromFileEx
OleNoteObjectVisible
CoRegisterSurrogate
CoRevokeClassObject
IsAccelerator
OleSaveToStream
CoDosDateTimeToFileTime
SetConvertStg
CreateAntiMoniker

kernel32

GetStringTypeA
LCMapStringW
LCMapStringA
MultiByteToWideChar
LoadLibraryA
HeapReAlloc
GetOEMCP
GetCPInfo
LeaveCriticalSection
EnterCriticalSection
GetACP
VirtualQuery
GetSystemDefaultLangID
GetDateFormatA
LocalUnlock
CreateSemaphoreA
VirtualAlloc
WaitForSingleObject
IsValidLocale
PulseEvent
LocalAlloc
GlobalMemoryStatus
LocalSize
ReleaseSemaphore
LocalReAlloc
GetProcAddress
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
GetCurrentThreadId
TlsSetValue
TlsAlloc
GetStringTypeW
SetLastError
TlsGetValue
GetLastError
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
HeapDestroy
HeapCreate
VirtualFree
HeapFree
RtlUnwind
WriteFile
HeapAlloc
InitializeCriticalSection

Sections

.text
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 402KB - Virtual size: 401KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 87KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c320aeca298b16ec8d0f238c5f90a2b5

Code Sign

63:15:f8:e4:72:9c:cc:ab:41:84:fe:91:76:f2:bf:19Certificate

df:0d:cb:0b:81:db:68:cb:a2:b8:91:02:7b:0a:01:bf:d7:eb:62:87Signer

Headers

File Characteristics

Imports

ole32

kernel32

Sections

.text Size: 15KB - Virtual size: 14KB

.rdata Size: 402KB - Virtual size: 401KB

.data Size: 1KB - Virtual size: 87KB

.rsrc Size: 5KB - Virtual size: 5KB

63:15:f8:e4:72:9c:cc:ab:41:84:fe:91:76:f2:bf:19
Certificate

df:0d:cb:0b:81:db:68:cb:a2:b8:91:02:7b:0a:01:bf:d7:eb:62:87
Signer

.text
Size: 15KB - Virtual size: 14KB

.rdata
Size: 402KB - Virtual size: 401KB

.data
Size: 1KB - Virtual size: 87KB

.rsrc
Size: 5KB - Virtual size: 5KB