8a08086990b8b3ab5ce013c324515e98

Sharing

Copy URL Twitter E-mail

General

Target

8a08086990b8b3ab5ce013c324515e98
Size

637KB
MD5

8a08086990b8b3ab5ce013c324515e98
SHA1

d316d6a36d88f61f3f7c5e04702fffb129a7e1b0
SHA256

a23f9d22cd5d33e7ecb042caa316f3d6e78cc34011425e886248191013350bd7
SHA512

6126177493249d300886b28d52eda9dc345967a878485ea8aa9de8484b4a75a20788f338789f49c11f9e8083dbf5e1cc0af5c0c3efbaa45bc50e833a13c24393
SSDEEP

12288:Xiaq1UMw0VcPDghnkvEo1scsAY7G8EHxhHH9oR/bN9GSW7Wir8b1IvO3izbp5Ze:SV2MpcPDy81s9ABTnWzNQ7PG1IvWizb4

Score

1^/10

Malware Config

Signatures

Files

8a08086990b8b3ab5ce013c324515e98
.exe windows:4 windows x86 arch:x86

f8b3eb52d6707e02eb3f5f4bb01411cd

Code Sign

4a:19:d2:38:8c:82:59:1c:a5:5d:73:5f:15:5d:dc:a3
Certificate

Issuer

OU=VeriSign\, Inc.+OU=VeriSign Time Stamping Service Root+OU=NO LIABILITY ACCEPTED\, (c)97 VeriSign\, Inc.,O=VeriSign Trust Network

Not Before

12/05/1997, 00:00

Not After

07/01/2004, 23:59

Subject

OU=VeriSign\, Inc.+OU=VeriSign Time Stamping Service Root+OU=NO LIABILITY ACCEPTED\, (c)97 VeriSign\, Inc.,O=VeriSign Trust Network

01
Certificate

Issuer

CN=Thawte Server CA,OU=Certification Services Division,O=Thawte Consulting cc,L=Cape Town,ST=Western Cape,C=ZA,1.2.840.113549.1.9.1=#0c177365727665722d6365727473407468617774652e636f6d

Not Before

01/08/1996, 00:00

Not After

31/12/2020, 23:59

Subject

CN=Thawte Server CA,OU=Certification Services Division,O=Thawte Consulting cc,L=Cape Town,ST=Western Cape,C=ZA,1.2.840.113549.1.9.1=#0c177365727665722d6365727473407468617774652e636f6d

1e:e6:f9
Certificate

Issuer

CN=Thawte Server CA,OU=Certification Services Division,O=Thawte Consulting cc,L=Cape Town,ST=Western Cape,C=ZA,1.2.840.113549.1.9.1=#0c177365727665722d6365727473407468617774652e636f6d

Not Before

19/08/2003, 13:34

Not After

18/08/2005, 13:34

Subject

CN=Striata Communciation Solutions (Pty) Ltd.,OU=Striata,O=Striata Communciation Solutions (Pty) Ltd.,L=Johannesburg,ST=Gauteng,C=ZA

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning

08:7a:6d:5c:6f:62:93:4f:ba:c4:fd:43:e1:14:18:9d
Certificate

Issuer

OU=VeriSign\, Inc.+OU=VeriSign Time Stamping Service Root+OU=NO LIABILITY ACCEPTED\, (c)97 VeriSign\, Inc.,O=VeriSign Trust Network

Not Before

28/02/2001, 00:00

Not After

06/01/2004, 23:59

Subject

CN=VeriSign Time Stamping Service,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)01,O=VeriSign\, Inc.

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WriteFile
DeleteFileA
FreeResource
GetTempFileNameA
GetTempPathA
LockResource
GetLastError
CreateFileA
FindResourceA
FreeLibrary
GetProcAddress
CloseHandle
LoadLibraryA
ExitProcess
LoadResource
SizeofResource
GetSystemDirectoryA

setupapi

SetupDecompressOrCopyFileA
SetupPromptReboot
SetupInstallFileExA

user32

MessageBoxA
GetDesktopWindow

advapi32

RegOpenKeyExA
RegSetValueExA

Sections

.rdata
Size: 1024B - Virtual size: 790B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 629KB - Virtual size: 628KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f8b3eb52d6707e02eb3f5f4bb01411cd

Code Sign

4a:19:d2:38:8c:82:59:1c:a5:5d:73:5f:15:5d:dc:a3Certificate

01Certificate

1e:e6:f9Certificate

Extended Key Usages

08:7a:6d:5c:6f:62:93:4f:ba:c4:fd:43:e1:14:18:9dCertificate

Extended Key Usages

Key Usages

Signer

Headers

File Characteristics

Imports

kernel32

setupapi

user32

advapi32

Sections

.rdata Size: 1024B - Virtual size: 790B

.data Size: 2KB - Virtual size: 1KB

.rsrc Size: 629KB - Virtual size: 628KB

4a:19:d2:38:8c:82:59:1c:a5:5d:73:5f:15:5d:dc:a3
Certificate

01
Certificate

1e:e6:f9
Certificate

08:7a:6d:5c:6f:62:93:4f:ba:c4:fd:43:e1:14:18:9d
Certificate

.rdata
Size: 1024B - Virtual size: 790B

.data
Size: 2KB - Virtual size: 1KB

.rsrc
Size: 629KB - Virtual size: 628KB