566d92f857b8a790d34be4a63db3d452

Sharing

Copy URL Twitter E-mail

General

Target

566d92f857b8a790d34be4a63db3d452
Size

318KB
MD5

566d92f857b8a790d34be4a63db3d452
SHA1

c2dafba40ba737b8b7eaf8f1d8a5110bb7d23162
SHA256

248ef7cf55ba333899fff14e9d6ea8d0621f9a2c495edf5af243de845aa50524
SHA512

f2e7ef5b65538e7edd9de76a8d56a7a9bd2e4ec72c2f87b17cefe390555cab5e763eb64a7a41e8f9dcb422c465e439bf0e8fed77e7dc98cdc166c39bf53a8bb0
SSDEEP

6144:K/7nEQ0yyyOszpA0sUe6fFvs6eRLKue/KHgopIUEOD/YKB6EWL:ip0uNAXUe6fneRLKue/KHgF50Y9L

Score

1^/10

Malware Config

Signatures

Files

566d92f857b8a790d34be4a63db3d452
.exe windows:4 windows x86 arch:x86

88282de21e73b28f65a2d0868b5b843e

Code Sign

0a:0d:2d:fc:3d:7e:57:c8:be:2c:d7:91:bd:63:df:c8
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

17/09/2014, 00:00

Not After

25/11/2015, 12:00

Subject

CN=Consortium ltd.,O=Consortium ltd.,L=Roseau,ST=Commonwealth of Dominica,C=DM

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

9f:7c:32:a5:4e:6a:84:9f:d9:56:6c:9d:cc:34:1e:b8:f2:73:81:84
Signer

Actual PE Digest

9f:7c:32:a5:4e:6a:84:9f:d9:56:6c:9d:cc:34:1e:b8:f2:73:81:84

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ord17

version

VerQueryValueW

kernel32

GetCurrentThreadId
WriteFile
GetCommandLineW
GetTickCount
GetSystemTimeAsFileTime
ExitProcess
VirtualAlloc
ReadFile
lstrcmpiA
LockResource
GetLastError
CloseHandle
CreateFileMappingA
GetCurrentProcess
GetModuleHandleA
GetVersion
LCMapStringA
MultiByteToWideChar
LoadLibraryA
GetOEMCP
GetACP
GetCPInfo
SetFilePointer
FlushFileBuffers
SetStdHandle
HeapReAlloc
HeapAlloc
RtlUnwind
VirtualFree
HeapCreate
HeapDestroy
GetStringTypeW
GetEnvironmentVariableA
GetFileType
TlsGetValue
GetStartupInfoA
GetVersionExA
DeleteFileW
GetModuleHandleW
GetProcAddress
GetCommandLineA
LCMapStringW
GetStringTypeA
GetUserDefaultLangID
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
WideCharToMultiByte
FreeEnvironmentStringsW
FreeEnvironmentStringsA
HeapFree
TerminateProcess
UnhandledExceptionFilter
GetModuleFileNameA

user32

GetSystemMetrics
CreateWindowExA
EndPaint
RegisterClipboardFormatA
ShowWindow
RegisterClassExA
CreateDialogParamA
MessageBoxA

gdi32

SetBkColor
Rectangle

advapi32

GetUserNameA
AllocateAndInitializeSid

ole32

CoTaskMemAlloc
CoInitialize

oleaut32

SysAllocStringLen
SysReAllocStringLen

Sections

.text
Size: 268KB - Virtual size: 264KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.qdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

88282de21e73b28f65a2d0868b5b843e

Code Sign

0a:0d:2d:fc:3d:7e:57:c8:be:2c:d7:91:bd:63:df:c8Certificate

Extended Key Usages

Key Usages

9f:7c:32:a5:4e:6a:84:9f:d9:56:6c:9d:cc:34:1e:b8:f2:73:81:84Signer

Headers

File Characteristics

Imports

comctl32

version

kernel32

user32

gdi32

advapi32

ole32

oleaut32

Sections

.text Size: 268KB - Virtual size: 264KB

.qdata Size: 4KB - Virtual size: 3KB

.data Size: 12KB - Virtual size: 23KB

.rsrc Size: 28KB - Virtual size: 25KB

0a:0d:2d:fc:3d:7e:57:c8:be:2c:d7:91:bd:63:df:c8
Certificate

9f:7c:32:a5:4e:6a:84:9f:d9:56:6c:9d:cc:34:1e:b8:f2:73:81:84
Signer

.text
Size: 268KB - Virtual size: 264KB

.qdata
Size: 4KB - Virtual size: 3KB

.data
Size: 12KB - Virtual size: 23KB

.rsrc
Size: 28KB - Virtual size: 25KB