56681ada29622d9038ce4672424d98c7

Sharing

Copy URL

Twitter E-mail

General

Target

56681ada29622d9038ce4672424d98c7
Size

293KB
MD5

56681ada29622d9038ce4672424d98c7
SHA1

c0573ba87af065ec42ded136c1621a9bb54ca4b5
SHA256

14ae5fb1b00525a6035f46ddb9ab6698a7f83d60bf2436e48983fdd4ea0234d0
SHA512

8689649178c0bafdadf8414bc49f852d7d7b046c0fc9c3938fa9e7f6374a3c54b2d90150e46249a1d8136f0580a1d72834e97280bb5dc6f3f0492abed6371fce
SSDEEP

6144:ePdMXMANEVzGlcEDUl4qaRYVQcJTGbusJRhgnGXccD7Xm2BeddhMHeEYHl:BNEh8cSLqdnsisDhgnGHBBedDMJYF

Score

1^/10

Malware Config

Signatures

Files

56681ada29622d9038ce4672424d98c7
.exe windows:4 windows x86 arch:x86

001acfa1c7ef8aa1a8bdc2548f818da7

Code Sign

74:48:7d:56:15:ac:a8:4b:b1:09:39:39:ae:6c:14:77
Certificate

Issuer

CN=ggggggggg

Not Before

17-01-2012 12:30

Not After

31-12-2039 23:59

Subject

CN=ggggggggg

Extended Key Usages

ExtKeyUsageCodeSigning

b3:07:22:e6:99:32:74:72:66:9a:85:55:98:85:6f:69:33:52:c7:d2
Signer

Actual PE Digest

b3:07:22:e6:99:32:74:72:66:9a:85:55:98:85:6f:69:33:52:c7:d2

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetVolumeInformationA
SetThreadLocale
GetDateFormatW
GlobalMemoryStatus
SetThreadPriorityBoost
SetTapePosition
LocalLock
lstrcmpi
GenerateConsoleCtrlEvent
FreeConsole
MoveFileWithProgressA
GetVersionExA
SetConsoleActiveScreenBuffer
BindIoCompletionCallback
ChangeTimerQueueTimer
GetFileSize
IsDebuggerPresent
SetFileAttributesA
GetQueuedCompletionStatus
GetExitCodeThread
MoveFileWithProgressW
HeapUnlock
GetCommState
ReadConsoleOutputA
GetConsoleTitleW
GetProcessHeap
WaitCommEvent
LocalSize
GlobalFindAtomW
GlobalFlags
OpenProcess
GetVersionExW
OpenFileMappingW
GetProcAddress
FormatMessageA
HeapWalk
GetFileAttributesA
SetMailslotInfo
EndUpdateResourceA
lstrcpyW
PurgeComm
EnumResourceNamesW
GlobalAddAtomA
GetACP
SetDefaultCommConfigA
VerSetConditionMask
CompareStringW
GetPrivateProfileSectionNamesA
Thread32First
GetLocaleInfoA
GlobalGetAtomNameA
QueryDosDeviceW
HeapLock
SetEndOfFile
GetProcessShutdownParameters
IsBadStringPtrA
FindFirstVolumeW
LoadLibraryExA
GetFileAttributesExA
QueryPerformanceCounter
SetEnvironmentVariableW
GetCommandLineA
EnumDateFormatsExA
CancelWaitableTimer
WriteProfileStringA
RtlUnwind
GetCPInfo
lstrcpy
GetLastError
GetStartupInfoA
VirtualLock
GetVolumePathNameA
CreateTimerQueueTimer
HeapSize
SetConsoleMode
_lwrite
HeapAlloc
OpenWaitableTimerA
CreateSemaphoreW
FillConsoleOutputCharacterW
CreateNamedPipeW
CommConfigDialogA
GetCompressedFileSizeW
SetCommMask
ScrollConsoleScreenBufferA
CreateMutexA
CreateRemoteThread
IsBadReadPtr
FindNextVolumeA
InterlockedIncrement
GetThreadSelectorEntry
WideCharToMultiByte
FreeEnvironmentStringsA
VirtualAlloc
GetWindowsDirectoryA
lstrlenA
lstrcpyA
CreateFileA
GetModuleHandleA

user32

GetCaretPos
GetClipCursor
SetPropW
InvalidateRect
UnregisterDeviceNotification
GetDesktopWindow
DestroyWindow
FrameRect
PostMessageA
DdeUninitialize
SetUserObjectInformationW
CreateAcceleratorTableA
GetMenuStringA
CountClipboardFormats
CloseWindowStation
RealGetWindowClassW
CharToOemBuffA
GetWindowDC
RegisterDeviceNotificationW
CharLowerA
GetClassWord
GetAsyncKeyState
SendInput
SetLayeredWindowAttributes
LookupIconIdFromDirectoryEx
IsDlgButtonChecked
AppendMenuW
ChangeMenuW
OemKeyScan
FillRect
OemToCharBuffA
SetProcessDefaultLayout
SetKeyboardState
GetAltTabInfo
RegisterWindowMessageW
EnumThreadWindows
RegisterClassExA
GetWindowModuleFileName
GetKeyboardLayout
DrawTextW
CreatePopupMenu
SendDlgItemMessageA
ChildWindowFromPointEx
SetMessageQueue
DdeSetUserHandle
SetCursor
GetClipboardFormatNameA
ScrollWindowEx
OemToCharW
SetDoubleClickTime
DrawFrame
IsWindowVisible
ChangeDisplaySettingsA
GetDlgItemInt
GetKeyboardLayoutList
LoadAcceleratorsA
CharToOemW
UpdateWindow
GetIconInfo
SetLastErrorEx
RegisterClassA
IMPSetIMEA
ModifyMenuW
GetListBoxInfo
RegisterClipboardFormatW
SetDlgItemTextW
SetWindowLongA
EnumChildWindows
IsIconic
GetMenuItemCount
ValidateRect
CreateIcon
IsRectEmpty
GetKeyboardLayoutNameA
GetWindow
MsgWaitForMultipleObjects
CreateDialogParamW
GetPropA
GetDCEx
GetDC
IsWindow
CloseWindow
GetDlgItem
CharPrevExA
GetPropW
GetShellWindow
IsDialogMessageA
LoadIconA

advapi32

RegOpenKeyExW

ole32

HMETAFILEPICT_UserFree
HICON_UserUnmarshal
CoGetPSClsid
CoRevertToSelf
WdtpInterfacePointer_UserFree
SetConvertStg
CoGetMalloc
OleSaveToStream
CLSIDFromString
StgOpenStorageOnILockBytes
CoUninitialize
CoMarshalHresult
CoGetInterfaceAndReleaseStream
UtGetDvtd32Info
CoRegisterPSClsid
OleCreateFromDataEx
CoDisableCallCancellation
OleCreateFromFileEx
MkParseDisplayName
CreateStdProgressIndicator
OleConvertIStorageToOLESTREAMEx
OleCreateEmbeddingHelper
HMETAFILE_UserSize
HBITMAP_UserMarshal
OleQueryLinkFromData
PropStgNameToFmtId
GetClassFile
OleLoad
FreePropVariantArray
GetConvertStg
HWND_UserUnmarshal
CoGetStdMarshalEx
OleSetMenuDescriptor
CoGetInstanceFromIStorage
WriteOleStg
HENHMETAFILE_UserFree
CoGetCurrentProcess
HMETAFILE_UserFree
OleRegEnumFormatEtc
HENHMETAFILE_UserMarshal
OleRegGetUserType
OleLoadFromStream
ProgIDFromCLSID
HkOleRegisterObject
UtConvertDvtd16toDvtd32
CoGetInstanceFromFile
WriteClassStg
CoLoadLibrary
CoAddRefServerProcess
CoQueryProxyBlanket
ReadClassStg
CoRevokeMallocSpy
HBRUSH_UserFree
CoGetCallerTID
CoGetMarshalSizeMax
HMETAFILEPICT_UserUnmarshal
CoAllowSetForegroundWindow
CoTaskMemFree
CoQueryClientBlanket
OleCreateDefaultHandler
HGLOBAL_UserSize
CoBuildVersion
CoCancelCall
HICON_UserSize
StgCreateDocfile
CoSuspendClassObjects
EnableHookObject
OleDraw
OleConvertOLESTREAMToIStorageEx
MonikerCommonPrefixWith
OleSetContainedObject
CLIPFORMAT_UserSize
HGLOBAL_UserFree
SNB_UserFree
CoRegisterSurrogate
HPALETTE_UserSize
CoReleaseMarshalData
OleNoteObjectVisible
CoTaskMemRealloc
CoTreatAsClass
StgCreatePropStg
OleDoAutoConvert
OleTranslateAccelerator
SetDocumentBitStg
CoGetObjectContext

Sections

.text
Size: 259KB - Virtual size: 258KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

001acfa1c7ef8aa1a8bdc2548f818da7

Code Sign

74:48:7d:56:15:ac:a8:4b:b1:09:39:39:ae:6c:14:77Certificate

Extended Key Usages

b3:07:22:e6:99:32:74:72:66:9a:85:55:98:85:6f:69:33:52:c7:d2Signer

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ole32

Sections

.text Size: 259KB - Virtual size: 258KB

.data Size: 8KB - Virtual size: 7KB

.rsrc Size: 23KB - Virtual size: 22KB

.reloc Size: 1KB - Virtual size: 1KB

74:48:7d:56:15:ac:a8:4b:b1:09:39:39:ae:6c:14:77
Certificate

b3:07:22:e6:99:32:74:72:66:9a:85:55:98:85:6f:69:33:52:c7:d2
Signer

.text
Size: 259KB - Virtual size: 258KB

.data
Size: 8KB - Virtual size: 7KB

.rsrc
Size: 23KB - Virtual size: 22KB

.reloc
Size: 1KB - Virtual size: 1KB