721530e47b96623a18a77da1dee22be2

Sharing

Copy URL

Twitter E-mail

General

Target

721530e47b96623a18a77da1dee22be2
Size

75KB
MD5

721530e47b96623a18a77da1dee22be2
SHA1

935d5efb9937d23f9133aba4f83292bf127ca324
SHA256

f172b5f916dc497a9e4db6e5699a9dffeea9ea158260f61a814f5619c744c9a5
SHA512

0949762e69d79b9b2351c3789fb50eab3d39607e9c0a271a6df4b3e3edf38fbba564ed02a491295e5a585400a22ddf9e300172077bb64fd2f252cfc4e366fc27
SSDEEP

1536:FF9CxX81MCUyGYs3m2BG2vytaxIuMnt0chTE9ZcF/rhhdeSM:FF9C9KbdGyQyFnOpMdeS

Score

1^/10

Malware Config

Signatures

Files

721530e47b96623a18a77da1dee22be2
.exe windows:5 windows x86 arch:x86

6a6588e0964c292f6ac4705d9e739805

Code Sign

1b:5d:65:19:a1:99:87:a7:49:c4:c9:0a:ec:f1:a3:3b
Certificate

Issuer

CN=NCrG992VieeQ

Not Before

14/03/2012, 06:19

Not After

31/12/2039, 23:59

Subject

CN=NCrG992VieeQ

Extended Key Usages

ExtKeyUsageCodeSigning

4a:cd:b5:a4:54:6e:3b:35:33:d4:34:fc:ed:03:cf:2e:63:cf:32:94
Signer

Actual PE Digest

4a:cd:b5:a4:54:6e:3b:35:33:d4:34:fc:ed:03:cf:2e:63:cf:32:94

Digest Algorithm

sha1

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

InterlockedCompareExchange
LoadLibraryA
CreateFileA
lstrlenA
GetWindowsDirectoryA
lstrcpyA
GetProcAddress

user32

ShowCaret
ShowOwnedPopups
SwitchToThisWindow
TabbedTextOutA
ToUnicode
UnhookWindowsHook
UnregisterHotKey
wsprintfW
SetWindowTextW
SetUserObjectSecurity
SetUserObjectInformationW
SetSystemCursor
SetScrollRange
SetMenuItemInfoW
SetMenuItemBitmaps
SetLayeredWindowAttributes
SetDeskWallpaper
SetClassLongW
SetCapture
ScrollWindow
ScrollDC
ReuseDDElParam
ReplyMessage
RemovePropW
RemoveMenu
RegisterHotKey
RegisterClassW
RegisterClassA
PostThreadMessageA
OpenDesktopA
NotifyWinEvent
MapVirtualKeyExW
BringWindowToTop
ChangeClipboardChain
ChangeDisplaySettingsW
ChangeMenuA
CharNextW
CharUpperBuffA
ChildWindowFromPointEx
CopyIcon
CreateDialogIndirectParamA
CreateMDIWindowW
MapDialogRect
DdeAccessData
DdeAddData
DdeDisconnect
DdeFreeStringHandle
DdeInitializeW
DdeQueryStringA
DdeReconnect
DdeUnaccessData
DdeUninitialize
DestroyWindow
DlgDirSelectComboBoxExW
DrawAnimatedRects
DrawFrame
DrawTextExW
EndPaint
EnumClipboardFormats
EnumDesktopsW
EnumDisplayMonitors
EnumDisplaySettingsW
FindWindowExW
GetAsyncKeyState
GetClassInfoExA
GetClassNameA
GetDlgItem
GetFocus
GetInputDesktop
GetKeyNameTextA
GetKeyboardType
GetMenuDefaultItem
GetMenuInfo
GetMenuItemCount
GetMenuItemID
GetMessageA
GetMessageTime
GetParent
GetScrollBarInfo
GetSubMenu
GetUpdateRgn
GetWindowContextHelpId
GetWindowPlacement
GetWindowThreadProcessId
IMPSetIMEA
IsCharAlphaW
IsDialogMessage
IsHungAppWindow
IsWindow
AppendMenuA
IsWindowEnabled
LoadIconA
LoadImageA
LoadKeyboardLayoutA
LoadMenuW

comdlg32

PageSetupDlgW
ChooseColorW
ChooseFontA
ChooseFontW
CommDlgExtendedError
FindTextA
FindTextW
GetFileTitleA
ReplaceTextW
ReplaceTextA
PrintDlgW
PrintDlgExW
PrintDlgExA
PrintDlgA
ChooseColorA
PageSetupDlgA
GetSaveFileNameW
GetSaveFileNameA
GetOpenFileNameW
GetOpenFileNameA
GetFileTitleW

advapi32

RegOpenKeyW

ole32

OleSaveToStream
OleTranslateAccelerator
ProgIDFromCLSID
ReadOleStg
RegisterDragDrop
ReleaseStgMedium
SNB_UserFree
SNB_UserUnmarshal
SetConvertStg
StgConvertVariantToProperty
StgGetIFillLockBytesOnFile
StgOpenAsyncDocfileOnIFillLockBytes
StgPropertyLengthAsVariant
StringFromCLSID
UtConvertDvtd16toDvtd32
UtGetDvtd16Info
UtGetDvtd32Info
WdtpInterfacePointer_UserFree
WdtpInterfacePointer_UserSize
WriteFmtUserTypeStg
WriteStringStream
OleRegGetMiscStatus
OleMetafilePictFromIconAndLabel
OleIsRunning
OleGetIconOfFile
OleDoAutoConvert
OleCreateLinkFromDataEx
OleCreateLinkEx
OleCreateLink
OleCreateEx
OleCreate
OleConvertOLESTREAMToIStorage
MonikerCommonPrefixWith
IsAccelerator
HkOleRegisterObject
HWND_UserSize
HMETAFILE_UserSize
HMETAFILE_UserMarshal
HMETAFILEPICT_UserUnmarshal
HMETAFILEPICT_UserMarshal
HMENU_UserFree
HICON_UserUnmarshal
HGLOBAL_UserUnmarshal
HGLOBAL_UserSize
HDC_UserUnmarshal
HBRUSH_UserUnmarshal
HBRUSH_UserSize
HBITMAP_UserSize
HBITMAP_UserFree
HACCEL_UserMarshal
EnableHookObject
CreateObjrefMoniker
CreateDataAdviseHolder
CoUnmarshalInterface
CoUnmarshalHresult
CoTestCancel
CoTaskMemRealloc
CoTaskMemFree
CoTaskMemAlloc
CoSetCancelObject
CoReleaseServerProcess
CoRegisterPSClsid
CoRegisterClassObject
CoReactivateObject
CoQueryClientBlanket
CoMarshalInterface
CoMarshalInterThreadInterfaceInStream
CoIsOle1Class
CoInitializeWOW
CoGetTreatAsClass
CoGetPSClsid
CoGetInterfaceAndReleaseStream
CoGetCurrentLogicalThreadId
CoGetCallContext
CoFreeUnusedLibraries
CoDosDateTimeToFileTime
CoDisableCallCancellation
CoCreateInstanceEx
CoCancelCall
CoAllowSetForegroundWindow
CLIPFORMAT_UserSize
CLIPFORMAT_UserMarshal
OleCreateStaticFromData
CoGetInstanceFromFile

comctl32

ord8
CreatePropertySheetPageA
CreatePropertySheetPageW
CreateStatusWindow
ord6
_TrackMouseEvent
UninitializeFlatSB
ord3
PropertySheetA
PropertySheet
ord2
ord13
ord14
InitializeFlatSB
InitMUILanguage
InitCommonControlsEx
ord17
ImageList_Write
ImageList_SetOverlayImage
ImageList_SetImageCount
ImageList_SetIconSize
ImageList_SetFilter
ImageList_SetDragCursorImage
ImageList_ReplaceIcon
ImageList_Remove
ImageList_Read
ImageList_LoadImageW
ImageList_LoadImageA
ImageList_LoadImage
ImageList_GetImageRect
ImageList_GetIconSize
ImageList_GetDragImage
ImageList_GetBkColor
ImageList_EndDrag
ImageList_Duplicate
ImageList_DrawIndirect
ImageList_DrawEx
ImageList_Draw
ImageList_DragShowNolock
ImageList_DragMove
ImageList_DragLeave
ImageList_Destroy
ImageList_Create
ImageList_Copy
ImageList_BeginDrag
ImageList_AddIcon
ImageList_Add
ord4
FlatSB_ShowScrollBar
FlatSB_SetScrollPos
FlatSB_GetScrollRange
FlatSB_GetScrollProp
FlatSB_GetScrollPos
FlatSB_GetScrollInfo
FlatSB_EnableScrollBar
DrawStatusTextW
ord5
DrawStatusText
ord15
DestroyPropertySheetPage
CreateToolbarEx
CreateStatusWindowW

Sections

.text
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text1
Size: 55KB - Virtual size: 54KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 644B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6a6588e0964c292f6ac4705d9e739805

Code Sign

1b:5d:65:19:a1:99:87:a7:49:c4:c9:0a:ec:f1:a3:3bCertificate

Extended Key Usages

4a:cd:b5:a4:54:6e:3b:35:33:d4:34:fc:ed:03:cf:2e:63:cf:32:94Signer

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

comdlg32

advapi32

ole32

comctl32

Sections

.text Size: 12KB - Virtual size: 12KB

.text1 Size: 55KB - Virtual size: 54KB

.data Size: 1024B - Virtual size: 644B

.rsrc Size: 3KB - Virtual size: 2KB

.reloc Size: 2KB - Virtual size: 1KB

1b:5d:65:19:a1:99:87:a7:49:c4:c9:0a:ec:f1:a3:3b
Certificate

4a:cd:b5:a4:54:6e:3b:35:33:d4:34:fc:ed:03:cf:2e:63:cf:32:94
Signer

.text
Size: 12KB - Virtual size: 12KB

.text1
Size: 55KB - Virtual size: 54KB

.data
Size: 1024B - Virtual size: 644B

.rsrc
Size: 3KB - Virtual size: 2KB

.reloc
Size: 2KB - Virtual size: 1KB