7ec194c02af43c8191d355138560778c

Sharing

Copy URL

Twitter E-mail

General

Target

7ec194c02af43c8191d355138560778c
Size

294KB
MD5

7ec194c02af43c8191d355138560778c
SHA1

d8b7823272a3291d8b9f60f940640ebd34127b42
SHA256

104df0c008d15f97c3b364197c24e3ef6d0847ec0173ec5c1f954ef20956fa41
SHA512

0866bdcd2ab4f969ba47e692f21678ea8f1fce503737c029e6f35e1c99143ddaf8ef1417514d03411b866fb0dec40d8b53900bd23657a8fc5677a691f9b3cfde
SSDEEP

6144:JDpWemNSKKUtjZ3szfaWDGVVGlkUiXYguBFjVWwnWTH7h0B:VoeK5ZUDmdXYrV+rQ

Score

1^/10

Malware Config

Signatures

Files

7ec194c02af43c8191d355138560778c
.exe windows:4 windows x86 arch:x86

b6fb8c055202904ba5bef332616fec47

Code Sign

7f:f5:10:74:37:ce:c2:45:bb:be:0d:12:5f:95:2f:25
Certificate

Issuer

CN=2352323

Not Before

11-02-2012 05:41

Not After

31-12-2039 23:59

Subject

CN=2352323

Extended Key Usages

ExtKeyUsageCodeSigning

83:56:e6:9b:e6:24:9c:41:08:61:c5:73:98:f1:d7:28:8d:69:f7:89
Signer

Actual PE Digest

83:56:e6:9b:e6:24:9c:41:08:61:c5:73:98:f1:d7:28:8d:69:f7:89

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetWindowsDirectoryW
lstrlenW
lstrcpyW
CreateFileW
VirtualAlloc

user32

DdeInitializeA
BroadcastSystemMessageA
CreateWindowExW
MapVirtualKeyW
GetAltTabInfoW
GetDlgItem
SetWindowRgn
EnumPropsA
GetClassInfoExA
SetClipboardData
InsertMenuW
InSendMessage
DrawFocusRect
DrawIcon
GetForegroundWindow
SetRectEmpty
DdeCmpStringHandles
RegisterWindowMessageA
MapWindowPoints
MonitorFromPoint
WinHelpA
RemoveMenu
DdeFreeStringHandle
VkKeyScanExW
GetCursorPos
IMPSetIMEA
DdeQueryConvInfo
EqualRect
RemovePropW
SetClassLongA
CreateCursor
OpenWindowStationA
GetPropW
GetWindowContextHelpId
RemovePropA
GetUpdateRect
IsZoomed
PeekMessageW
EnumWindowStationsW
wsprintfW
RealChildWindowFromPoint
DragObject
SetDoubleClickTime
ToUnicode
UnloadKeyboardLayout
GetMenuBarInfo
GetScrollRange
SetMenuInfo
LookupIconIdFromDirectory
CharToOemW
SetUserObjectSecurity
DdeGetLastError
CreateIconFromResourceEx
GetDCEx
ReuseDDElParam
SetWindowsHookW
SetMenuDefaultItem
CharPrevExA
RealGetWindowClassA
RegisterDeviceNotificationA
SetMenuItemInfoA
SubtractRect
TranslateAccelerator
TrackPopupMenu
TileChildWindows
SetWindowPlacement
CreateDesktopA
SetWindowWord
DeferWindowPos
MessageBoxExW
GetMenuDefaultItem
DefDlgProcA
MessageBoxIndirectW
LoadImageW
SetScrollRange
GetClassInfoExW
GetNextDlgTabItem
IntersectRect
OffsetRect
CharToOemA
WaitForInputIdle
ChangeDisplaySettingsA
IsCharLowerA
SetForegroundWindow
PostMessageA
CharUpperW
SetProcessWindowStation
SetProcessDefaultLayout
SwitchDesktop
ActivateKeyboardLayout

advapi32

RegOpenKeyW

shell32

SHGetDataFromIDListW
SHGetFileInfo
DragQueryFile
SHGetSpecialFolderPathA
SHGetPathFromIDListW
SHCreateDirectoryExA
SHFileOperationW
SHGetFolderLocation
SHIsFileAvailableOffline
SHLoadNonloadedIconOverlayIdentifiers
SHGetIconOverlayIndexA
SHLoadInProc
SHGetDataFromIDListA
SHGetFolderPathA
SHGetSpecialFolderPathW
SHBrowseForFolderA
DragAcceptFiles
SHGetFileInfoA
SHGetDiskFreeSpaceExW
SHGetIconOverlayIndexW
SHGetInstanceExplorer
DragQueryFileAorW
FindExecutableW
SHGetDiskFreeSpaceExA
DragFinish
ExtractIconExW
ShellAboutW
SHQueryRecycleBinW
Shell_NotifyIconA
SHBindToParent
SHGetPathFromIDList
SHBrowseForFolder
FindExecutableA
SHFormatDrive
DragQueryPoint
SHGetSpecialFolderLocation
ShellExecuteW
SHChangeNotify
ShellHookProc
DragQueryFileW
ShellExecuteEx
ExtractAssociatedIconExW
ExtractIconExA
SHFileOperation
SHPathPrepareForWriteW
ShellExecuteA
ExtractAssociatedIconW
SHQueryRecycleBinA
SHPathPrepareForWriteA
SHFileOperationA
SHGetSettings
SHBrowseForFolderW
SHAppBarMessage
SHGetPathFromIDListA
SHCreateDirectoryExW
ShellExecuteExA
DoEnvironmentSubstW
SHCreateProcessAsUserW
SHEmptyRecycleBinA
SHInvokePrinterCommandW
SHGetFolderPathW
SHEmptyRecycleBinW
CheckEscapesW
ExtractIconEx
SHInvokePrinterCommandA
SHGetMalloc
ExtractAssociatedIconA
ShellExecuteExW
ExtractIconW

shlwapi

StrStrIW
StrStrW
StrChrA
StrRStrIW
StrStrA
StrCmpNIA
StrRChrW
StrRChrIA
StrChrIW
StrChrIA
StrRChrIW

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.textV2
Size: 276KB - Virtual size: 275KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.textF4
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.textV1
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.textV3
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 992B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b6fb8c055202904ba5bef332616fec47

Code Sign

7f:f5:10:74:37:ce:c2:45:bb:be:0d:12:5f:95:2f:25Certificate

Extended Key Usages

83:56:e6:9b:e6:24:9c:41:08:61:c5:73:98:f1:d7:28:8d:69:f7:89Signer

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

shlwapi

Sections

.text Size: 3KB - Virtual size: 3KB

.textV2 Size: 276KB - Virtual size: 275KB

.textF4 Size: 1KB - Virtual size: 1KB

.data Size: 5KB - Virtual size: 4KB

.textV1 Size: 1024B - Virtual size: 1000B

.textV3 Size: 1024B - Virtual size: 1000B

.rsrc Size: 4KB - Virtual size: 3KB

.reloc Size: 1024B - Virtual size: 992B

7f:f5:10:74:37:ce:c2:45:bb:be:0d:12:5f:95:2f:25
Certificate

83:56:e6:9b:e6:24:9c:41:08:61:c5:73:98:f1:d7:28:8d:69:f7:89
Signer

.text
Size: 3KB - Virtual size: 3KB

.textV2
Size: 276KB - Virtual size: 275KB

.textF4
Size: 1KB - Virtual size: 1KB

.data
Size: 5KB - Virtual size: 4KB

.textV1
Size: 1024B - Virtual size: 1000B

.textV3
Size: 1024B - Virtual size: 1000B

.rsrc
Size: 4KB - Virtual size: 3KB

.reloc
Size: 1024B - Virtual size: 992B