80054001afe33630ae6a41228590c0a7

Sharing

Copy URL

Twitter E-mail

General

Target

80054001afe33630ae6a41228590c0a7
Size

244KB
MD5

80054001afe33630ae6a41228590c0a7
SHA1

1bc14526dd9605fc3b6ad67481e95aeefd5c4d29
SHA256

c67c0da4fbf62085a5d674bcf8379b44ba810179ff34334c94beaeb4d99d48fb
SHA512

215c7bac999252e026a78755c20d6ba3d7c0bb6e9aaad6068c6315f362399899637310b4f145865c7c45027bfacd64ec441d3a8d003f8359da462b5445c33868
SSDEEP

6144:HG4tOwXcgIgfSxdL4H7de+1hxpsc1eT5L:H5vciGade2xpsc1Gl

Score

1^/10

Malware Config

Signatures

Files

80054001afe33630ae6a41228590c0a7
.dll windows:5 windows x86 arch:x86

4a0e23978d09cb70cc46d9fc142df2d4

Code Sign

2b:13:45:f9:0b:6d:15:a1:4b:21:65:ae:76:5d:b6:bc
Certificate

Issuer

CN=twrtq

Not Before

05-02-2012 17:04

Not After

31-12-2039 23:59

Subject

CN=twrtq

Extended Key Usages

ExtKeyUsageCodeSigning

2f:c8:14:f7:2e:3e:e3:af:91:99:5a:d2:00:95:11:44:61:0d:49:8e
Signer

Actual PE Digest

2f:c8:14:f7:2e:3e:e3:af:91:99:5a:d2:00:95:11:44:61:0d:49:8e

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

VirtualAlloc
ExitProcess
CreateFileA
GetProcAddress
LoadLibraryA
lstrcpyA
lstrlenA
GetWindowsDirectoryA
GetVersion
BackupSeek
CancelIo
CopyFileA
CopyFileW
CreateFileMappingW
CreateIoCompletionPort
CreateSemaphoreW
CreateTapePartition
CreateToolhelp32Snapshot
DeleteFileA
EnumCalendarInfoW
EnumDateFormatsW
EnumResourceTypesA
EnumSystemCodePagesW
EnumSystemLocalesA
EnumTimeFormatsA
EnumUILanguagesA
FatalExit
FileTimeToDosDateTime
FindCloseChangeNotification
FindFirstVolumeMountPointA
FindNextVolumeW
FormatMessageA
GetAtomNameA
GetCompressedFileSizeW
GetComputerNameExW
GetConsoleAliasA
GetConsoleAliasExesLengthA
GetConsoleAliasesW
GetConsoleOutputCP
GetConsoleTitleW
GetDefaultCommConfigW
GetDiskFreeSpaceA
GetDiskFreeSpaceExA
GetEnvironmentVariableA
GetFileAttributesExA
GetFullPathNameW
GetLocaleInfoA
GetPrivateProfileStringA
GetProcessIoCounters
GetProcessPriorityBoost
GetProcessTimes
GetStdHandle
GetStringTypeExW
GetSystemInfo
GetSystemPowerStatus
GetTempFileNameW
GetVolumeNameForVolumeMountPointW
GetVolumePathNameW
GlobalDeleteAtom
GlobalFix
GlobalSize
Heap32ListNext
IsBadCodePtr
LocalFileTimeToFileTime
LocalReAlloc
LocalUnlock
LockResource
MoveFileA
MoveFileExW
OpenEventW
OpenThread
QueryInformationJobObject
ReadConsoleInputW
ReplaceFile
ReplaceFileA
ReplaceFileW
ResetEvent
ResumeThread
ScrollConsoleScreenBufferA
SetConsoleCursorPosition
SetConsoleTitleA
SetFileAttributesW
SetLastError
SetProcessAffinityMask
SetSystemTimeAdjustment
SetTapeParameters
SetThreadContext
SetThreadExecutionState
SetupComm
SwitchToThread
SystemTimeToFileTime
SystemTimeToTzSpecificLocalTime
TerminateThread
TransactNamedPipe
UnhandledExceptionFilter
UnlockFileEx
VerSetConditionMask
WriteProfileSectionW
WriteProfileStringA
_llseek
_lopen
lstrcmpiW
lstrcpy

user32

LoadBitmapA
ArrangeIconicWindows
AttachThreadInput
BeginDeferWindowPos
BeginPaint
CallMsgFilterA
ChangeDisplaySettingsA
CharLowerA
CharToOemA
CheckDlgButton
ChildWindowFromPoint
ClientToScreen
CloseWindowStation
CopyAcceleratorTableW
CountClipboardFormats
CreateIconIndirect
CreateWindowStationW
DdeEnableCallback
DdeFreeStringHandle
DdeQueryNextServer
DefDlgProcA
DefFrameProcW
DialogBoxParamW
DlgDirListA
DrawEdge
DrawTextExA
DrawTextExW
EnumDisplayDevicesA
EnumDisplaySettingsExW
EnumWindowStationsA
FindWindowExW
GetAsyncKeyState
GetClassInfoExW
GetClassInfoW
GetClassLongA
GetClassLongW
GetClassNameA
GetClipboardOwner
GetDlgItemTextA
GetGUIThreadInfo
GetKeyNameTextW
GetKeyboardLayout
GetKeyboardType
GetLastInputInfo
GetMenuCheckMarkDimensions
GetMenuContextHelpId
GetMenuInfo
GetParent
GetScrollRange
GetTopWindow
GetWindowLongW
IMPGetIMEW
IMPQueryIMEW
ImpersonateDdeClientWindow
IntersectRect
IsClipboardFormatAvailable
IsDialogMessageW
LoadAcceleratorsW
LoadCursorFromFileA
LoadCursorW
LoadKeyboardLayoutW
MessageBoxIndirectA
MonitorFromWindow
OemToCharA
PackDDElParam
PeekMessageA
RealGetWindowClass
RegisterHotKey
RegisterWindowMessageA
RemoveMenu
ScrollDC
ScrollWindowEx
SendInput
SendMessageA
SetActiveWindow
SetForegroundWindow
SetLayeredWindowAttributes
SetMenu
SetMessageExtraInfo
SetParent
SetWinEventHook
SetWindowContextHelpId
SetWindowPos
SetWindowTextW
ShowCaret
ShowOwnedPopups
SubtractRect
SwitchToThisWindow
SystemParametersInfoA
ToUnicode
UnregisterDeviceNotification
UnregisterHotKey
ValidateRgn
WINNLSEnableIME
wvsprintfA

ole32

CLSIDFromString
CoAddRefServerProcess
CoBuildVersion
CoCreateFreeThreadedMarshaler
CoCreateGuid
CoFreeUnusedLibraries
CoGetApartmentID
CoGetCallContext
CoGetClassVersion
CoGetInterfaceAndReleaseStream
CoGetMarshalSizeMax
CoInitializeEx
CoIsOle1Class
CoMarshalInterThreadInterfaceInStream
CoQueryReleaseObject
CoRegisterMessageFilter
CoRegisterSurrogateEx
CoRevertToSelf
CoSwitchCallContext
CoTaskMemAlloc
CoTaskMemRealloc
CoTestCancel
CoUnloadingWOW
CoUnmarshalInterface
CreateAntiMoniker
CreateBindCtx
CreateDataCache
CreateFileMoniker
CreateItemMoniker
CreateObjrefMoniker
CreatePointerMoniker
CreateStreamOnHGlobal
DoDragDrop
FmtIdToPropStgName
HACCEL_UserFree
HACCEL_UserMarshal
HACCEL_UserSize
HBITMAP_UserFree
HBRUSH_UserMarshal
HDC_UserMarshal
HENHMETAFILE_UserMarshal
HENHMETAFILE_UserSize
HGLOBAL_UserMarshal
HICON_UserUnmarshal
HMENU_UserMarshal
HMENU_UserSize
HMENU_UserUnmarshal
HMETAFILEPICT_UserMarshal
HPALETTE_UserUnmarshal
HWND_UserSize
HkOleRegisterObject
IsAccelerator
MkParseDisplayName
OleConvertIStorageToOLESTREAM
OleConvertOLESTREAMToIStorage
OleCreate
OleCreateFromData
OleCreateFromFileEx
OleCreateLinkToFile
OleCreateLinkToFileEx
OleGetClipboard
OleInitialize
OleLoad
OleLoadFromStream
OleNoteObjectVisible
OleQueryLinkFromData
OleRegEnumFormatEtc
OleRegEnumVerbs
OleRegGetUserType
OpenOrCreateStream
ReadClassStm
ReadStringStream
RevokeDragDrop
SNB_UserFree
SNB_UserMarshal
SNB_UserSize
STGMEDIUM_UserSize
STGMEDIUM_UserUnmarshal
StgConvertPropertyToVariant
StgOpenStorageEx
StringFromGUID2
UpdateDCOMSettings
UtConvertDvtd16toDvtd32
UtConvertDvtd32toDvtd16
WriteOleStg

Sections

.text
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text2
Size: 228KB - Virtual size: 227KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 104B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4a0e23978d09cb70cc46d9fc142df2d4

Code Sign

2b:13:45:f9:0b:6d:15:a1:4b:21:65:ae:76:5d:b6:bcCertificate

Extended Key Usages

2f:c8:14:f7:2e:3e:e3:af:91:99:5a:d2:00:95:11:44:61:0d:49:8eSigner

Headers

File Characteristics

Imports

kernel32

user32

ole32

Sections

.text Size: 9KB - Virtual size: 9KB

.text2 Size: 228KB - Virtual size: 227KB

.data Size: 512B - Virtual size: 104B

.rsrc Size: 2KB - Virtual size: 2KB

.reloc Size: 2KB - Virtual size: 1KB

2b:13:45:f9:0b:6d:15:a1:4b:21:65:ae:76:5d:b6:bc
Certificate

2f:c8:14:f7:2e:3e:e3:af:91:99:5a:d2:00:95:11:44:61:0d:49:8e
Signer

.text
Size: 9KB - Virtual size: 9KB

.text2
Size: 228KB - Virtual size: 227KB

.data
Size: 512B - Virtual size: 104B

.rsrc
Size: 2KB - Virtual size: 2KB

.reloc
Size: 2KB - Virtual size: 1KB