8b2297383964d0ee9db96de10ba4fbef

Sharing

Copy URL Twitter E-mail

General

Target

8b2297383964d0ee9db96de10ba4fbef
Size

292KB
MD5

8b2297383964d0ee9db96de10ba4fbef
SHA1

c20f8920b5cd1ab04bd571409611e8890d5eb0f8
SHA256

24b3b45091e4b23ab1152196553c31fa11eff3f5054dda04b71d0926d6dc255a
SHA512

2968d2b9ce27e9b3f66a1a6d7de33caaad714ad3332bee0b52de90f91fe8e820cc81609b0f2a04441a09d16691297696c62e3bed4145313d760a2891d893641f
SSDEEP

6144:QXglvdqWLqOKn/B5RyaynzgvGq6JhW7cQgtm0DTs2:QXg/zLa/B5YzFH9tmK

Score

1^/10

Malware Config

Signatures

Files

8b2297383964d0ee9db96de10ba4fbef
.exe windows:4 windows x86 arch:x86

3049c6c8c61f31733f57afa91aa73f29

Code Sign

55:58:79:8b:5b:cd:39:61:b0:28:04:21:04:86:2e:4a
Certificate

Issuer

CN=36262356236

Not Before

10/02/2012, 10:35

Not After

31/12/2039, 23:59

Subject

CN=36262356236

Extended Key Usages

ExtKeyUsageCodeSigning

7f:9e:b9:18:d1:bc:16:30:37:13:2e:83:bf:19:0c:96:44:18:32:e9
Signer

Actual PE Digest

7f:9e:b9:18:d1:bc:16:30:37:13:2e:83:bf:19:0c:96:44:18:32:e9

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAlloc
GetWindowsDirectoryA
LoadLibraryA
GetProcAddress
lstrlenA
lstrcpyA
CreateFileA

user32

SetLastErrorEx
MessageBoxA
ChangeMenuW
IsRectEmpty
DefMDIChildProcW
CloseClipboard
GetListBoxInfo
SetFocus
InsertMenuW
GetWindowTextA
IsCharAlphaA
GetThreadDesktop
GetMenuContextHelpId
GetDesktopWindow
DestroyMenu
GetClassNameW
GetTabbedTextExtentW
GetMessageTime
MessageBeep
LoadKeyboardLayoutW
SetProcessWindowStation
InSendMessageEx
RegisterWindowMessageA
IsChild
CopyRect
DestroyWindow
FindWindowExW
WinHelpW
GrayStringA
GetCaretPos
RegisterDeviceNotificationA
RealGetWindowClass
SendMessageA
GetMenuCheckMarkDimensions
CreateWindowExW
GetIconInfo
wvsprintfW
ValidateRect
InflateRect
LoadCursorFromFileA
DefFrameProcA
LoadKeyboardLayoutA
CopyIcon
DdeFreeDataHandle
OemToCharA
DialogBoxParamA
SetWindowWord
RemoveMenu
DdeGetLastError
GetMenu
CreateCaret
GetMessageA
GetDoubleClickTime
SendIMEMessageExW
CascadeChildWindows
GetKeyboardLayoutNameW
EndDeferWindowPos
SetCapture
ChangeDisplaySettingsW
DdeClientTransaction
wvsprintfA
GetTabbedTextExtentA
SetDeskWallpaper
UnionRect
GetWindowRect
GetSysColorBrush
IsDialogMessageA
BroadcastSystemMessage
TabbedTextOutW
CreateDialogParamA
DdeAccessData
RegisterClipboardFormatA
ScrollDC
CreateAcceleratorTableW
KillTimer
SendMessageTimeoutA
SetWindowsHookExA
ChangeDisplaySettingsExA
SetScrollInfo
OemKeyScan
HideCaret
EnumThreadWindows
MessageBoxIndirectA
DrawMenuBar
CreateDialogIndirectParamA
EnumWindowStationsA
DdeInitializeW
GetMouseMovePointsEx
ValidateRgn
GetWindowTextW
GetClassNameA
DestroyIcon
ClipCursor
GetWindowModuleFileName

comdlg32

ReplaceTextW
FindTextA
ChooseColorA
GetFileTitleW
GetSaveFileNameA
PrintDlgExW
PrintDlgExA
GetOpenFileNameA
GetSaveFileNameW
PrintDlgW
GetOpenFileNameW
PageSetupDlgA
ChooseColorW
CommDlgExtendedError
ChooseFontA
ReplaceTextA
FindTextW
PrintDlgA
ChooseFontW
GetFileTitleA
PageSetupDlgW

comctl32

ImageList_Draw
ImageList_EndDrag
ImageList_GetIcon
DrawStatusText
ord16
ord5
ImageList_Create
ImageList_Add
ImageList_SetBkColor
InitializeFlatSB
CreatePropertySheetPage
FlatSB_EnableScrollBar
ImageList_DragLeave
ord13
ImageList_BeginDrag
ImageList_DrawEx
ImageList_SetFilter
InitCommonControlsEx
GetMUILanguage
FlatSB_GetScrollProp
ImageList_GetImageInfo
FlatSB_GetScrollRange
ImageList_AddIcon
ord3
ImageList_GetBkColor
ImageList_DragMove
ImageList_SetImageCount
ImageList_SetOverlayImage
InitMUILanguage
ImageList_Copy
ImageList_LoadImageA
CreatePropertySheetPageA
ImageList_Replace
CreateToolbarEx
ImageList_SetIconSize
ImageList_GetDragImage
ImageList_DragEnter
ImageList_LoadImage
ImageList_Write
ord8
FlatSB_SetScrollRange
FlatSB_GetScrollInfo
CreatePropertySheetPageW
ImageList_DrawIndirect
ord4
PropertySheetW
ImageList_Duplicate
ImageList_GetImageRect
FlatSB_SetScrollInfo
ImageList_AddMasked
DrawStatusTextW
ImageList_Destroy

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.textF
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.textF1
Size: 273KB - Virtual size: 273KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.texth
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3049c6c8c61f31733f57afa91aa73f29

Code Sign

55:58:79:8b:5b:cd:39:61:b0:28:04:21:04:86:2e:4aCertificate

Extended Key Usages

7f:9e:b9:18:d1:bc:16:30:37:13:2e:83:bf:19:0c:96:44:18:32:e9Signer

Headers

File Characteristics

Imports

kernel32

user32

comdlg32

comctl32

Sections

.text Size: 3KB - Virtual size: 3KB

.textF Size: 1024B - Virtual size: 1000B

.textF1 Size: 273KB - Virtual size: 273KB

.texth Size: 2KB - Virtual size: 1KB

.data Size: 5KB - Virtual size: 4KB

.rsrc Size: 4KB - Virtual size: 3KB

.reloc Size: 1KB - Virtual size: 1KB

55:58:79:8b:5b:cd:39:61:b0:28:04:21:04:86:2e:4a
Certificate

7f:9e:b9:18:d1:bc:16:30:37:13:2e:83:bf:19:0c:96:44:18:32:e9
Signer

.text
Size: 3KB - Virtual size: 3KB

.textF
Size: 1024B - Virtual size: 1000B

.textF1
Size: 273KB - Virtual size: 273KB

.texth
Size: 2KB - Virtual size: 1KB

.data
Size: 5KB - Virtual size: 4KB

.rsrc
Size: 4KB - Virtual size: 3KB

.reloc
Size: 1KB - Virtual size: 1KB