79512740226bb52869feb97e8aab70fa

Sharing

Copy URL Twitter E-mail

General

Target

79512740226bb52869feb97e8aab70fa
Size

395KB
MD5

79512740226bb52869feb97e8aab70fa
SHA1

da6b5f4a5405b5d0e1a09cf8e3e333dca8a9a974
SHA256

18d76f8f08a6fbb8c409c217c012c0a7191c3950e12185bd22ed99477c5d13e1
SHA512

a804df48affc1a5bb802043ea8cc2a55baff19f54ed7b3f62a2cf3fd9d451d656bc863b4ece05c914dda6bbfa52c41409feec4b96dd42fff78b2365b2dc5f835
SSDEEP

12288:8WK9hT1T4HXnz1N6jDVA3ZpSjRht1X3+6bcO:sx1MXTku3XY/+VO

Score

1^/10

Malware Config

Signatures

Files

79512740226bb52869feb97e8aab70fa
.exe windows:4 windows x86 arch:x86

2d17529397c6e3bd999d295ed14abc3a

Code Sign

3e:e8:a2:cf:83:b0:3a:61:bd:44:04:01:ff:3d:e4:8c
Certificate

Issuer

CN=Root Agency

Not Before

29/10/2011, 05:44

Not After

31/12/2039, 23:59

Subject

CN=Joe's-Software-Emporium

a1:6d:c4:43:47:51:14:8c:ad:b0:54:d1:30:6c:e8:d7:94:95:a7:43
Signer

Actual PE Digest

a1:6d:c4:43:47:51:14:8c:ad:b0:54:d1:30:6c:e8:d7:94:95:a7:43

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

opengl32

glColor3ub
glVertex2i
glNormal3d
glTexCoord3s
glIndexPointer
glColor3dv
glMapGrid2f
glTexCoord4iv
glTexCoord1d

glu32

gluScaleImage
gluTessBeginContour
gluOrtho2D
gluBeginCurve
gluNewTess
gluPerspective
gluQuadricOrientation
gluUnProject
gluEndCurve

ole32

OleRun

urlmon

CreateFormatEnumerator

msvcrt

_exit
_XcptFilter
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp

kernel32

CloseHandle
CreateFileA
GetLastError
GetProcAddress
GetModuleHandleA
ExitProcess
VirtualAlloc
GetStartupInfoA
ResetEvent
CreateEventA
GetUserDefaultLCID
OpenMutexA
GetCPInfo

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 373KB - Virtual size: 436KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2d17529397c6e3bd999d295ed14abc3a

Code Sign

3e:e8:a2:cf:83:b0:3a:61:bd:44:04:01:ff:3d:e4:8cCertificate

a1:6d:c4:43:47:51:14:8c:ad:b0:54:d1:30:6c:e8:d7:94:95:a7:43Signer

Headers

File Characteristics

Imports

opengl32

glu32

ole32

urlmon

msvcrt

kernel32

Sections

.text Size: 13KB - Virtual size: 13KB

.rdata Size: 1KB - Virtual size: 1KB

.data Size: 373KB - Virtual size: 436KB

.rsrc Size: 5KB - Virtual size: 5KB

3e:e8:a2:cf:83:b0:3a:61:bd:44:04:01:ff:3d:e4:8c
Certificate

a1:6d:c4:43:47:51:14:8c:ad:b0:54:d1:30:6c:e8:d7:94:95:a7:43
Signer

.text
Size: 13KB - Virtual size: 13KB

.rdata
Size: 1KB - Virtual size: 1KB

.data
Size: 373KB - Virtual size: 436KB

.rsrc
Size: 5KB - Virtual size: 5KB