4e49ab306b1295ad408e28c377e59421

Sharing

Copy URL Twitter E-mail

General

Target

4e49ab306b1295ad408e28c377e59421
Size

60KB
MD5

4e49ab306b1295ad408e28c377e59421
SHA1

b5983063c7378307af23194bca0f86ee0b099846
SHA256

c0c148f1ce495ea367e5f35cb7974e17216f720dd3836f0d5658308f90349aea
SHA512

749806269ff0ba49717506360013a2058d14735d016834e3e9250f78af408fab37f30663866586297715862ced978fcad5d617943bcfc340d27217dc415d34d9
SSDEEP

1536:qZNSvAR0DPtoltpbtIn7rf8VtISL2aVPPMeMo:qzRRCobt0ctPMeMo

Score

1^/10

Malware Config

Signatures

Files

4e49ab306b1295ad408e28c377e59421
.exe windows:4 windows x86 arch:x86

cc6f790f43d3b6e7edc2f1b09317f725

Code Sign

5a:9e:b3:65:ce:d2:dc:4a:b8:18:06:e0:1b:eb:e0:a1
Certificate

Issuer

CN=UD48SN2pZFYF

Not Before

13/03/2012, 06:18

Not After

31/12/2039, 23:59

Subject

CN=UD48SN2pZFYF

Extended Key Usages

ExtKeyUsageCodeSigning

b3:a8:7f:45:6e:bc:69:6f:97:96:0f:0b:f3:2e:32:40:ab:5a:7e:d8
Signer

Actual PE Digest

b3:a8:7f:45:6e:bc:69:6f:97:96:0f:0b:f3:2e:32:40:ab:5a:7e:d8

Digest Algorithm

sha1

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetWindowsDirectoryA
lstrlenA
lstrcpyA
CreateFileA
VirtualAlloc
GetComputerNameA
WaitForSingleObject
CreateProcessA
CreateDirectoryExW
SignalObjectAndWait
GetProfileSectionW
BindIoCompletionCallback
ExitThread
SetVolumeMountPointA
FreeUserPhysicalPages
QueryDosDeviceW
GetCommState
SetLastError
SystemTimeToTzSpecificLocalTime
OpenWaitableTimerA
BackupWrite
FindFirstFileW
_hwrite
CommConfigDialogW
EnumResourceTypesA
DisableThreadLibraryCalls
QueryInformationJobObject
SetConsoleCursor
FindFirstFileExW
GetUserDefaultUILanguage
GetVolumePathNameW
FatalExit
GetProfileSectionA
CreateConsoleScreenBuffer
WritePrivateProfileStringA
VerifyVersionInfoA
WaitNamedPipeA
GetProfileIntW
ConnectNamedPipe
Module32First
InterlockedIncrement
FindNextFileA
Process32FirstW
GetCPInfoExW
Module32FirstW
GetTapeParameters
QueryDosDeviceA
PostQueuedCompletionStatus
SetHandleCount
IsBadStringPtrW
_hread
HeapSize
GetProcAddress
SetTapePosition
GetEnvironmentStrings
SleepEx
RtlMoveMemory
LocalFlags
AddConsoleAliasA
VirtualQueryEx
RaiseException
EraseTape
HeapDestroy
LocalShrink
GetTapeStatus
GetConsoleDisplayMode
GetThreadLocale
UnlockFileEx
GetVolumeNameForVolumeMountPointA
ReadProcessMemory
OpenThread
FindNextChangeNotification
GetPrivateProfileIntW
SetFileApisToANSI
SetProcessPriorityBoost
GetPrivateProfileStructA
GetFileSize
IsProcessorFeaturePresent
GetTempFileNameW
FindNextVolumeMountPointA
EnumDateFormatsExA
ExitProcess
ReadConsoleOutputCharacterA
LocalFileTimeToFileTime
SetThreadPriority
IsBadStringPtrA
SetSystemTime
ContinueDebugEvent
HeapLock
Heap32ListFirst
GetVolumePathNameA
lstrcpynW
LocalLock
GetFileAttributesExA
HeapValidate
GetSystemDirectoryA
GetExitCodeThread
AllocConsole
GetConsoleFontSize
GetDiskFreeSpaceExA
SetEndOfFile
GetAtomNameW

user32

LoadIconA
SendDlgItemMessageA
SetUserObjectInformationA
CreateDialogIndirectParamA
InvalidateRgn
FindWindowA
GetScrollBarInfo
TileWindows
BringWindowToTop
GetAncestor
VkKeyScanExA
ChangeDisplaySettingsW
ReplyMessage
SetMessageExtraInfo
ChildWindowFromPointEx
SendMessageCallbackA
GetDCEx
ChangeDisplaySettingsExW
IMPSetIMEA
GetWindowTextW
HideCaret
IMPQueryIMEA
EndDialog
SetWindowPos
DdeReconnect
CallWindowProcW
GetMenuDefaultItem
EnumChildWindows
ExitWindowsEx
ModifyMenuW
CreateIconFromResource
SetWindowsHookExW
RegisterDeviceNotificationW
SetDlgItemTextA
SetWindowPlacement
DestroyMenu
RegisterClassExA
MessageBoxA
SetWindowWord
FindWindowW
WinHelpA
SetScrollPos
wvsprintfW
ToAscii
MapDialogRect
SetFocus
UnregisterHotKey
TrackPopupMenuEx
IMPSetIMEW
GetUpdateRect
DrawTextW
GetMenuBarInfo
EndPaint
CopyIcon
SetProcessDefaultLayout
LoadBitmapW
SetMenu
GetMenuContextHelpId
GetCursorInfo
DialogBoxParamA
AnimateWindow
DragObject
SendNotifyMessageW
RemoveMenu
DdeFreeStringHandle
OemToCharW
OpenIcon
IsDlgButtonChecked
CallWindowProcA
GetClipboardViewer
CreateDialogIndirectParamW
CallNextHookEx
mouse_event
DlgDirSelectExA
UpdateLayeredWindow
GetClassNameA
CreateMenu
DdePostAdvise
GetMenuItemCount
SetLayeredWindowAttributes
GetMenuItemInfoA
PostMessageW
CreateDesktopW
SendInput
PackDDElParam
SwitchToThisWindow
GetDlgItemInt
CharPrevW
DlgDirSelectComboBoxExA

advapi32

RegOpenKeyExA
RegQueryValueExA

ole32

HMETAFILEPICT_UserUnmarshal
OleCreateFromFile
StgConvertPropertyToVariant
OleDuplicateData
OleCreateLinkToFile
CoInitializeWOW
OleQueryLinkFromData
CoCreateObjectInContext
OleCreateFromFileEx
CoCreateInstanceEx
HMENU_UserUnmarshal
SNB_UserSize
OleSetAutoConvert
HGLOBAL_UserSize
ReadClassStg
CoFreeLibrary
CoCreateInstance
OleSetContainedObject
CoSwitchCallContext
OleBuildVersion
StgOpenStorageOnILockBytes
CoRegisterPSClsid
HENHMETAFILE_UserFree
PropStgNameToFmtId
OleCreateLinkFromData
CoResumeClassObjects
CoTaskMemFree
CoFileTimeToDosDateTime
CoDosDateTimeToFileTime
CoGetInstanceFromIStorage
HGLOBAL_UserUnmarshal
CoCancelCall
OleDestroyMenuDescriptor
HPALETTE_UserFree
CoImpersonateClient
UtGetDvtd32Info
CoGetCurrentProcess
HICON_UserUnmarshal
CoInstall
StgCreateStorageEx
DllGetClassObjectWOW
CoInitialize
CoRegisterMessageFilter
ReadClassStm
WdtpInterfacePointer_UserMarshal
OleLoadFromStream
CoRevokeMallocSpy
CoUnmarshalInterface
GetConvertStg
HBRUSH_UserUnmarshal
UtConvertDvtd16toDvtd32
CreateFileMoniker
OleCreate
CoRegisterClassObject
HkOleRegisterObject
StgIsStorageILockBytes
BindMoniker
StgCreateDocfileOnILockBytes
HPALETTE_UserUnmarshal
HPALETTE_UserSize
OleSetClipboard
CoFileTimeNow
CreateGenericComposite
OleConvertIStorageToOLESTREAM
OleCreateFromDataEx
OpenOrCreateStream
CoMarshalInterThreadInterfaceInStream
HWND_UserFree
HWND_UserUnmarshal
CoGetCancelObject
StgOpenStorage
HICON_UserFree
OleQueryCreateFromData
CoLockObjectExternal
ReleaseStgMedium
STGMEDIUM_UserSize
HMETAFILEPICT_UserFree
CoAllowSetForegroundWindow
CoSetCancelObject
CoGetMalloc
OleSetMenuDescriptor

Sections

.data
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 46KB - Virtual size: 46KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cc6f790f43d3b6e7edc2f1b09317f725

Code Sign

5a:9e:b3:65:ce:d2:dc:4a:b8:18:06:e0:1b:eb:e0:a1Certificate

Extended Key Usages

b3:a8:7f:45:6e:bc:69:6f:97:96:0f:0b:f3:2e:32:40:ab:5a:7e:d8Signer

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ole32

Sections

.data Size: 8KB - Virtual size: 7KB

.text Size: 46KB - Virtual size: 46KB

.rsrc Size: 2KB - Virtual size: 2KB

.reloc Size: 1KB - Virtual size: 1KB

5a:9e:b3:65:ce:d2:dc:4a:b8:18:06:e0:1b:eb:e0:a1
Certificate

b3:a8:7f:45:6e:bc:69:6f:97:96:0f:0b:f3:2e:32:40:ab:5a:7e:d8
Signer

.data
Size: 8KB - Virtual size: 7KB

.text
Size: 46KB - Virtual size: 46KB

.rsrc
Size: 2KB - Virtual size: 2KB

.reloc
Size: 1KB - Virtual size: 1KB