702d73a478cf26cfdb6ec02bcb94a8dd

Sharing

Copy URL Twitter E-mail

General

Target

702d73a478cf26cfdb6ec02bcb94a8dd
Size

29KB
MD5

702d73a478cf26cfdb6ec02bcb94a8dd
SHA1

a50ca9e93a24ae0c1617e72c35c5662b754f9ebb
SHA256

8f9012ca6f663c66ba59111880255de49c8faa51db4ec00d0c4c4bc37e714fb5
SHA512

504b1459671e0b8a75e55c067c1381cb67a467df6528cd35a8ebd9ca6ae0616857fa9fa2d64bfaf551d5628b2d1fe2b0fbc3ff7f62e32309b5439fcafdc7f8ea
SSDEEP

384:THlV9ZdgR85D2RQI9GmlG9oIkeoXeth1yvyheTloAbNK1nIa:THYuD2RQI9ReZtDMy8TlokNK1nR

Score

1^/10

Malware Config

Signatures

Files

702d73a478cf26cfdb6ec02bcb94a8dd
.exe windows:4 windows x86 arch:x86

fb8f244daf951df37b95330ccc211ce1

Code Sign

01
Certificate

Issuer

CN=Thawte Premium Server CA,OU=Certification Services Division,O=Thawte Consulting cc,L=Cape Town,ST=Western Cape,C=ZA,1.2.840.113549.1.9.1=#0c197072656d69756d2d736572766572407468617774652e636f6d

Not Before

01/08/1996, 00:00

Not After

31/12/2020, 23:59

Subject

CN=Thawte Premium Server CA,OU=Certification Services Division,O=Thawte Consulting cc,L=Cape Town,ST=Western Cape,C=ZA,1.2.840.113549.1.9.1=#0c197072656d69756d2d736572766572407468617774652e636f6d

0a
Certificate

Issuer

CN=Thawte Premium Server CA,OU=Certification Services Division,O=Thawte Consulting cc,L=Cape Town,ST=Western Cape,C=ZA,1.2.840.113549.1.9.1=#0c197072656d69756d2d736572766572407468617774652e636f6d

Not Before

06/08/2003, 00:00

Not After

05/08/2013, 23:59

Subject

CN=Thawte Code Signing CA,O=Thawte Consulting (Pty) Ltd.,C=ZA

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

64:5c:de:cf:eb:7b:4a:2f:88:3b:7c:01:2f:74:80:86
Certificate

Issuer

CN=Thawte Code Signing CA,O=Thawte Consulting (Pty) Ltd.,C=ZA

Not Before

25/10/2007, 00:00

Not After

24/10/2008, 23:59

Subject

CN=Olymp-Invest Ltd,OU=development,O=Olymp-Invest Ltd,L=Saint-Peterburg,ST=Saint-Peterburg,C=RU

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetSystemTimeAsFileTime
GetWindowsDirectoryA
WriteFile
CreateDirectoryA
GetVolumeInformationA
ExitProcess
GetStringTypeA
LCMapStringW
LCMapStringA
MultiByteToWideChar
FileTimeToLocalFileTime
GetProcAddress
GetOEMCP
GetACP
WinExec
GetModuleHandleA
GetModuleFileNameA
CopyFileA
CreateFileA
GetFileSize
GetCPInfo
RtlUnwind
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
GetStringTypeW
LoadLibraryA
CloseHandle
HeapReAlloc
HeapAlloc
GetStartupInfoA
GetCommandLineA
GetVersion
HeapDestroy
HeapCreate
VirtualFree
HeapFree
VirtualAlloc
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte

user32

wsprintfA
TranslateMessage
GetMessageA
IsWindowVisible
IsChild
IsZoomed
DispatchMessageA

advapi32

RegQueryValueExA
RegDeleteValueA
RegCreateKeyExA
RegSetValueExA
RegCloseKey

wsock32

sendto
connect
socket
WSAStartup
ioctlsocket
htons
recvfrom

comctl32

InitCommonControlsEx

Sections

.text
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 5KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 240B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fb8f244daf951df37b95330ccc211ce1

Code Sign

01Certificate

0aCertificate

Extended Key Usages

Key Usages

64:5c:de:cf:eb:7b:4a:2f:88:3b:7c:01:2f:74:80:86Certificate

Extended Key Usages

Signer

Headers

File Characteristics

Imports

kernel32

user32

advapi32

wsock32

comctl32

Sections

.text Size: 19KB - Virtual size: 19KB

.data Size: 5KB - Virtual size: 6KB

.rsrc Size: 512B - Virtual size: 240B

01
Certificate

0a
Certificate

64:5c:de:cf:eb:7b:4a:2f:88:3b:7c:01:2f:74:80:86
Certificate

.text
Size: 19KB - Virtual size: 19KB

.data
Size: 5KB - Virtual size: 6KB

.rsrc
Size: 512B - Virtual size: 240B