8819400b069741b2825f42866b829403

Sharing

Copy URL

Twitter E-mail

General

Target

8819400b069741b2825f42866b829403
Size

277KB
MD5

8819400b069741b2825f42866b829403
SHA1

22aff8fb92fe1b841833067d3f4f2733bd516788
SHA256

129f269bfa75ab836e642592988ba7fb203d573e25262b81e4a51d1b09a9a4ca
SHA512

94944cecaf33f683df55b2dc77de0faff6d063033d5d4183a5579a089c7ce0db86b11af26ea46faa352c02f4922b9b602289ebc378b27656cb46154306ba2db5
SSDEEP

6144:84b3G6rzysDrwsSSYskrD77q3UwQi7WQCAEzov:8o2TkrwsSSYHn77OUZi7LCTo

Score

1^/10

Malware Config

Signatures

Files

8819400b069741b2825f42866b829403
.exe windows:4 windows x86 arch:x86

3ef916ac15c55cbd600f3413a6974ca2

Code Sign

18:05:63:bd:39:7c:e9:84:4e:45:32:64:33:d8:14:6a
Certificate

Issuer

CN=SDOkUGUnMWwv

Not Before

15-03-2012 10:39

Not After

31-12-2039 23:59

Subject

CN=SDOkUGUnMWwv

Extended Key Usages

ExtKeyUsageCodeSigning

e8:2b:94:b7:0e:e9:e5:bc:1a:48:c9:65:53:71:99:30:d9:8d:d7:72
Signer

Actual PE Digest

e8:2b:94:b7:0e:e9:e5:bc:1a:48:c9:65:53:71:99:30:d9:8d:d7:72

Digest Algorithm

sha1

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAllocEx
LoadLibraryW
CreateFileA
GetWindowsDirectoryA
lstrlenA
lstrcpyA
DnsHostnameToComputerNameA
CreateDirectoryA
HeapCompact
EnumUILanguagesA
ReadConsoleInputA
GetLocalTime
SetConsoleTitleA
FindFirstFileExW
SetFilePointerEx
GetStringTypeA
GetSystemTimeAdjustment
GetCompressedFileSizeW
GlobalGetAtomNameW
GetConsoleAliasExesLengthA
ExpandEnvironmentStringsA
GetProcessVersion
DeleteCriticalSection
SetConsoleTextAttribute
DisconnectNamedPipe
CreateMailslotW
IsSystemResumeAutomatic
FlushFileBuffers
GetSystemWindowsDirectoryW
SetComputerNameExW
WriteConsoleA
ReadConsoleOutputAttribute
ResetEvent
ChangeTimerQueueTimer
IsBadWritePtr
lstrcpyn
Module32Next
GetThreadLocale
WriteProfileStringW
WriteConsoleInputW
VerifyVersionInfoA
GetTapePosition
GetSystemTimeAsFileTime
GetVersionExW
GetProcessHeap
SetTapePosition
SetVolumeLabelA
FreeUserPhysicalPages
LocalHandle
GlobalFindAtomW
CreateThread
CreateTimerQueueTimer
GlobalMemoryStatusEx
GlobalAlloc
GetProcessAffinityMask
IsProcessorFeaturePresent
OpenWaitableTimerW
SetComputerNameExA
GetDiskFreeSpaceW
FindFirstChangeNotificationA
GetBinaryTypeA
GetCPInfoExA
Thread32First
FindFirstChangeNotificationW
FindCloseChangeNotification
GetMailslotInfo
GetPrivateProfileSectionA
SetThreadPriority
SetVolumeMountPointW
VirtualQueryEx
SetSystemPowerState
CreateSemaphoreW
SetThreadContext
SetErrorMode
GetTapeParameters
CreateConsoleScreenBuffer
DisableThreadLibraryCalls
TlsSetValue
TerminateJobObject
GetCommandLineW
GlobalUnWire
DosDateTimeToFileTime
GetCompressedFileSizeA
CreateNamedPipeA
GetConsoleCP
DeleteFileW
PrepareTape
BeginUpdateResourceA
Beep
GetBinaryType
HeapReAlloc
SetCurrentDirectoryW
MapUserPhysicalPages
GetEnvironmentVariableA
GetSystemPowerStatus
ReadFileScatter
GetPrivateProfileStructA
OpenEventA
GetConsoleAliasExesA
SetThreadAffinityMask

user32

SetCursor
GetWindowTextW
GetClipboardFormatNameA
EnumDisplaySettingsExA
GetClassWord
RegisterClipboardFormatW
TranslateAcceleratorA
LoadImageW
GetClassLongW
GetDoubleClickTime
DdeCreateStringHandleA
EditWndProc
DrawIconEx
GetClassNameA
DdeEnableCallback
BeginDeferWindowPos
GetIconInfo
OpenWindowStationA
SetDlgItemTextA
GetMouseMovePointsEx
WINNLSGetIMEHotkey
IsDialogMessageA
EnumPropsA
SetScrollRange
GetScrollRange
DestroyMenu
DdeQueryConvInfo
GetMenuItemRect
SetUserObjectSecurity
EnumDisplaySettingsW
SetMessageQueue
GetMessagePos
SetCaretPos
DdeInitializeW
GetThreadDesktop
RegisterWindowMessageW
CharUpperW
GetWindowThreadProcessId
GetCursor
FlashWindowEx
DrawTextExW
AllowSetForegroundWindow
TrackPopupMenuEx
UnregisterClassA
DlgDirSelectExA
GetUpdateRgn
FreeDDElParam
GetClipboardData
WaitMessage
SendMessageCallbackW
IsHungAppWindow
GetKeyNameTextW
SendMessageW
WinHelpW
LoadMenuIndirectW
SetSysColors
GetClipboardOwner
GetNextDlgTabItem
GetKeyboardLayoutNameA
CharPrevExA
GetWindowLongW
SetRect
IsCharAlphaNumericA
CreateIconFromResource
DdeFreeDataHandle
CharLowerW
SetWinEventHook
SetThreadDesktop
DdeReconnect
SetMessageExtraInfo
CheckMenuItem
CreateCursor
DdeQueryStringW
SetDoubleClickTime
ReuseDDElParam
GetTabbedTextExtentW
InsertMenuItemW
DdeGetLastError
MonitorFromWindow
GrayStringW
CreateWindowStationA
CharUpperBuffA
wsprintfW
VkKeyScanW
InvalidateRgn
GetAncestor
CountClipboardFormats
WindowFromPoint
UserHandleGrantAccess
UnloadKeyboardLayout
GetDlgItemInt
SwitchDesktop
CreateDialogIndirectParamW
SendMessageA
RegisterWindowMessageA
TranslateMDISysAccel

comdlg32

PrintDlgA
PrintDlgExW
GetOpenFileNameW
ChooseFontA
GetSaveFileNameW
GetSaveFileNameA
ChooseFontW
PageSetupDlgW
ReplaceTextW
CommDlgExtendedError
ChooseColorA
GetFileTitleA
GetFileTitleW
ReplaceTextA
GetOpenFileNameA
PrintDlgExA
PrintDlgW
FindTextA
ChooseColorW
PageSetupDlgA
FindTextW

advapi32

RegOpenKeyExW

comctl32

ImageList_Remove
ord13
DestroyPropertySheetPage
ImageList_AddMasked
ImageList_DragEnter
ImageList_GetImageInfo
InitMUILanguage
FlatSB_GetScrollPos
FlatSB_GetScrollInfo
ImageList_Destroy
ImageList_Duplicate
ImageList_DragLeave
CreateStatusWindowW
ImageList_DrawEx
InitializeFlatSB
ImageList_DragShowNolock
FlatSB_SetScrollInfo
CreatePropertySheetPageW
ImageList_BeginDrag
ImageList_LoadImageA
ord6
ord4
ImageList_LoadImageW
ImageList_GetImageRect
CreateToolbarEx
InitCommonControlsEx
ord14
GetMUILanguage
ImageList_GetIcon
ImageList_DrawIndirect
_TrackMouseEvent
ord7
CreatePropertySheetPage
ImageList_Replace
CreateStatusWindow
ImageList_DragMove
ImageList_SetBkColor
ImageList_SetDragCursorImage
ImageList_SetFilter
PropertySheetW
ImageList_EndDrag
ImageList_Read
ord17
ImageList_Create
FlatSB_GetScrollProp
FlatSB_SetScrollProp
ord2
ImageList_SetImageCount
ord3
ImageList_Copy
FlatSB_SetScrollRange
DrawStatusText
ImageList_Draw
ImageList_GetDragImage
UninitializeFlatSB
CreatePropertySheetPageA
ImageList_Add

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

d4
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

d3
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

d2
Size: 258KB - Virtual size: 257KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3ef916ac15c55cbd600f3413a6974ca2

Code Sign

18:05:63:bd:39:7c:e9:84:4e:45:32:64:33:d8:14:6aCertificate

Extended Key Usages

e8:2b:94:b7:0e:e9:e5:bc:1a:48:c9:65:53:71:99:30:d9:8d:d7:72Signer

Headers

File Characteristics

Imports

kernel32

user32

comdlg32

advapi32

comctl32

Sections

.text Size: 4KB - Virtual size: 3KB

d4 Size: 1024B - Virtual size: 1000B

d3 Size: 1024B - Virtual size: 1000B

d2 Size: 258KB - Virtual size: 257KB

.data Size: 8KB - Virtual size: 7KB

.rsrc Size: 2KB - Virtual size: 1KB

.reloc Size: 1KB - Virtual size: 1KB

18:05:63:bd:39:7c:e9:84:4e:45:32:64:33:d8:14:6a
Certificate

e8:2b:94:b7:0e:e9:e5:bc:1a:48:c9:65:53:71:99:30:d9:8d:d7:72
Signer

.text
Size: 4KB - Virtual size: 3KB

d4
Size: 1024B - Virtual size: 1000B

d3
Size: 1024B - Virtual size: 1000B

d2
Size: 258KB - Virtual size: 257KB

.data
Size: 8KB - Virtual size: 7KB

.rsrc
Size: 2KB - Virtual size: 1KB

.reloc
Size: 1KB - Virtual size: 1KB