70220eb276a5903e7d09f04b587cb960

Sharing

Copy URL

Twitter E-mail

General

Target

70220eb276a5903e7d09f04b587cb960
Size

176KB
MD5

70220eb276a5903e7d09f04b587cb960
SHA1

7902f2d9d0c373a38d45dfeb1bde8345104d4615
SHA256

bec51ef5298233473f36854ffa4d4f5cad6282ff414339e710298a095829ad53
SHA512

9462f1c23aaf45f6fe26b2919b85e3d09923850f0d9f2ec7969d8ab880106fba5d9c69c7eaae332c09e8640b8a04b18eb012cf4312cc79b0c287c94f4f9b328e
SSDEEP

3072:bd+R0L5iwelGCh9EyNUXkuUbxDaihr68c6loTwrjDAd7VS12qT8M23M2N+f62Bys:oSgwBCUkJpWasS0dYgYByxXowk

Score

1^/10

Malware Config

Signatures

Files

70220eb276a5903e7d09f04b587cb960
.exe windows:4 windows x86 arch:x86

b79a2e9b945e7165b2166fa98e7c2334

Code Sign

18:da:d1:9e:26:7d:e8:bb:4a:21:58:cd:cc:6b:3b:4a
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08-11-2006 00:00

Not After

16-07-2036 23:59

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

70:39:94:f6:41:c1:81:1b:b6:d5:aa:ac:bf:a1:05:c1
Certificate

Issuer

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

25-11-2016 00:00

Not After

24-02-2019 23:59

Subject

CN=Digital River\, Inc.,OU=eSellerate,O=Digital River\, Inc.,L=Minnetonka,ST=Minnesota,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

3d:78:d7:f9:76:49:60:b2:61:7d:f4:f0:1e:ca:86:2a
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

10-12-2013 00:00

Not After

09-12-2023 23:59

Subject

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

36:4e:7c:ce:60:dd:a5:1e:c1:4f:e5:77:15:50:b0:96:c4:05:b6:c2
Signer

Actual PE Digest

36:4e:7c:ce:60:dd:a5:1e:c1:4f:e5:77:15:50:b0:96:c4:05:b6:c2

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

InternetSetCookieA

kernel32

CompareFileTime
FreeLibrary
GetLastError
CloseHandle
GetExitCodeProcess
Sleep
OpenProcess
SetLastError
GetProcAddress
LoadLibraryA
GetVersion
GetFileAttributesA
FindFirstFileA
_lwrite
_lread
CreateProcessA
lstrlenA
lstrcatA
HeapFree
GetLogicalDriveStringsA
GetDriveTypeA
GetDiskFreeSpaceA
RemoveDirectoryA
_lclose
_lcreat
CreateDirectoryA
DeleteFileA
GetTempFileNameA
GetTempPathA
_llseek
_lopen
GetModuleFileNameA
SetStdHandle
GetSystemInfo
VirtualProtect
GetLocaleInfoA
VirtualQuery
GetProcessHeap
HeapAlloc
HeapReAlloc
FlushFileBuffers
FormatMessageA
HeapSize
lstrcpyA
ExitProcess
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersionExA
GetACP
GetOEMCP
GetCPInfo
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
WriteFile
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
GetFileType
LCMapStringA
MultiByteToWideChar
LCMapStringW
GetStringTypeA
GetStringTypeW
SetFilePointer
RtlUnwind
InterlockedExchange

user32

PeekMessageA
TranslateMessage
DispatchMessageA
MessageBoxA

advapi32

RegOpenKeyExA
RegCreateKeyExA
RegSetValueExA
RegQueryValueExA
RegEnumKeyExA
RegCloseKey

Sections

.text
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b79a2e9b945e7165b2166fa98e7c2334

Code Sign

18:da:d1:9e:26:7d:e8:bb:4a:21:58:cd:cc:6b:3b:4aCertificate

Key Usages

70:39:94:f6:41:c1:81:1b:b6:d5:aa:ac:bf:a1:05:c1Certificate

Extended Key Usages

Key Usages

3d:78:d7:f9:76:49:60:b2:61:7d:f4:f0:1e:ca:86:2aCertificate

Extended Key Usages

Key Usages

36:4e:7c:ce:60:dd:a5:1e:c1:4f:e5:77:15:50:b0:96:c4:05:b6:c2Signer

Headers

File Characteristics

Imports

wininet

kernel32

user32

advapi32

Sections

.text Size: 28KB - Virtual size: 27KB

.rdata Size: 8KB - Virtual size: 6KB

.data Size: 4KB - Virtual size: 7KB

.rsrc Size: 4KB - Virtual size: 1KB

18:da:d1:9e:26:7d:e8:bb:4a:21:58:cd:cc:6b:3b:4a
Certificate

70:39:94:f6:41:c1:81:1b:b6:d5:aa:ac:bf:a1:05:c1
Certificate

3d:78:d7:f9:76:49:60:b2:61:7d:f4:f0:1e:ca:86:2a
Certificate

36:4e:7c:ce:60:dd:a5:1e:c1:4f:e5:77:15:50:b0:96:c4:05:b6:c2
Signer

.text
Size: 28KB - Virtual size: 27KB

.rdata
Size: 8KB - Virtual size: 6KB

.data
Size: 4KB - Virtual size: 7KB

.rsrc
Size: 4KB - Virtual size: 1KB