4c775c131676f7dd3b5a32506955fe87

Sharing

Copy URL Twitter E-mail

General

Target

4c775c131676f7dd3b5a32506955fe87
Size

446KB
MD5

4c775c131676f7dd3b5a32506955fe87
SHA1

2eab758ea57785a1b0a3fac2be758b847b14ad0d
SHA256

91107bdfe31c71ac5e5f4edec900090c10eacbcbad2b460159615e8873ec7b34
SHA512

0b7283a9bffe3cea79f316eb4169346d2cc163d758ad5007b09f7aea840775974032c38f8e6dd9596a3f70176e7e6282022889bd19a47e9fdbb211458f50d689
SSDEEP

12288:GHzVJuB/J5Y/fpc6f0LQcUtSZs2VdF+RdU5:GH+B/J2/yYi5

Score

1^/10

Malware Config

Signatures

Files

4c775c131676f7dd3b5a32506955fe87
.exe windows:4 windows x86 arch:x86

b3615e2343b75cab4dd8f4306737b6c6

Code Sign

10:df:cc:c2:09:f0:7d:93:43:71:a8:0f:17:37:92:b3
Certificate

Issuer

CN=jezsghwiwbe

Not Before

20/01/2012, 18:55

Not After

31/12/2039, 23:59

Subject

CN=Yuinoil

d1:f2:57:f0:73:51:17:c8:2b:06:ae:e1:c7:09:21:e9:eb:7a:ce:b3
Signer

Actual PE Digest

d1:f2:57:f0:73:51:17:c8:2b:06:ae:e1:c7:09:21:e9:eb:7a:ce:b3

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

ReadFmtUserTypeStg
StgCreateDocfileOnILockBytes
RevokeDragDrop
CoTreatAsClass
OleCreateDefaultHandler
MonikerCommonPrefixWith
CoGetStandardMarshal
OleRegGetUserType
OleSetContainedObject
FmtIdToPropStgName
CoUninitialize
CoGetMarshalSizeMax
CoRevokeMallocSpy
CoFreeAllLibraries

kernel32

GetFileType
GetStringTypeW
LCMapStringW
LCMapStringA
MultiByteToWideChar
HeapCreate
CompareStringA
OpenEventA
GetStringTypeA
OpenMutexA
VirtualAllocEx
GetThreadLocale
VirtualUnlock
InitializeCriticalSection
IsBadWritePtr
GetStartupInfoA
GetModuleHandleA
GetProcAddress
GetCommandLineA
GetVersion
ExitProcess
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
HeapAlloc
GetCurrentThreadId
TlsSetValue
TlsAlloc
SetLastError
TlsGetValue
GetLastError
CloseHandle
CreateFileA
GetCurrentProcessId
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
HeapDestroy
VirtualFree
HeapFree
RtlUnwind
WriteFile
VirtualAlloc
HeapReAlloc
SetStdHandle
SetEndOfFile
ReadFile
SetFilePointer
InterlockedDecrement
InterlockedIncrement
GetCPInfo
GetACP
GetOEMCP
LoadLibraryA
FlushFileBuffers

Sections

.text
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 102KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.zmf
Size: 404KB - Virtual size: 403KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b3615e2343b75cab4dd8f4306737b6c6

Code Sign

10:df:cc:c2:09:f0:7d:93:43:71:a8:0f:17:37:92:b3Certificate

d1:f2:57:f0:73:51:17:c8:2b:06:ae:e1:c7:09:21:e9:eb:7a:ce:b3Signer

Headers

File Characteristics

Imports

ole32

kernel32

Sections

.text Size: 26KB - Virtual size: 26KB

.rdata Size: 5KB - Virtual size: 5KB

.data Size: 3KB - Virtual size: 102KB

.zmf Size: 404KB - Virtual size: 403KB

.rsrc Size: 5KB - Virtual size: 5KB

10:df:cc:c2:09:f0:7d:93:43:71:a8:0f:17:37:92:b3
Certificate

d1:f2:57:f0:73:51:17:c8:2b:06:ae:e1:c7:09:21:e9:eb:7a:ce:b3
Signer

.text
Size: 26KB - Virtual size: 26KB

.rdata
Size: 5KB - Virtual size: 5KB

.data
Size: 3KB - Virtual size: 102KB

.zmf
Size: 404KB - Virtual size: 403KB

.rsrc
Size: 5KB - Virtual size: 5KB