8e445fdc624f556e5ad55b46546f063a

Sharing

Copy URL Twitter E-mail

General

Target

8e445fdc624f556e5ad55b46546f063a
Size

434KB
MD5

8e445fdc624f556e5ad55b46546f063a
SHA1

b2d71a7cb75325557c18a111fc77e7bc4fe82b46
SHA256

b578fbe0f87e2f81b39c032b418bf29cc7717d355d929a7cce5fafd618d7f8c9
SHA512

86443aba95c2cbd3d8fae0faff28e69ff50b39219bf35c6e54be59b3f7d7beb907c06ea3977c5ec60396974336a071ea91b64784ba416b49e40d67640ac5863b
SSDEEP

6144:5C5LBHhrBD1vN96J3Cx13w/QrGQL0EiY2BLzyMLwsVuGdp8WS5SuMpQeimfKX2:cNBr3jvxcgL/MLwaJj8WHVBir2

Score

1^/10

Malware Config

Signatures

Files

8e445fdc624f556e5ad55b46546f063a
.exe windows:4 windows x86 arch:x86

931441030860a7046e10a4aab2b8acff

Code Sign

45:91:d6:e2:fc:f1:d8:ac:40:d1:95:c2:14:5e:b2:b2
Certificate

Issuer

CN=xcarpzekbxs

Not Before

23/01/2012, 14:26

Not After

31/12/2039, 23:59

Subject

CN=Kiretj

87:51:35:58:14:0b:28:52:b6:a3:ff:54:14:78:57:c9:2e:c6:fb:4c
Signer

Actual PE Digest

87:51:35:58:14:0b:28:52:b6:a3:ff:54:14:78:57:c9:2e:c6:fb:4c

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

StgCreatePropSetStg
SetConvertStg
CreatePointerMoniker
OleCreateLink
OleSave
CoSuspendClassObjects
FmtIdToPropStgName
OleCreateLinkToFileEx
RevokeDragDrop
ReleaseStgMedium
OleCreateDefaultHandler
StgCreateStorageEx
CoBuildVersion
PropStgNameToFmtId
CoRegisterMessageFilter
CreateBindCtx

kernel32

EnterCriticalSection
GetStringTypeA
LCMapStringW
LCMapStringA
LoadLibraryA
HeapReAlloc
GetOEMCP
GetACP
GetCPInfo
HeapAlloc
WriteFile
RtlUnwind
HeapFree
VirtualFree
HeapCreate
IsBadReadPtr
GetTimeFormatA
ResetEvent
HeapDestroy
VirtualAlloc
FoldStringA
GetDateFormatA
PulseEvent
MultiByteToWideChar
GlobalFree
InitializeCriticalSection
GetStartupInfoA
GetModuleHandleA
GetProcAddress
GetLastError
MoveFileA
DeleteFileA
ReadFile
GetCommandLineA
GetVersion
ExitProcess
LeaveCriticalSection
GetStringTypeW
GetFileType
SetHandleCount
GetStdHandle
SetFilePointer
GetCurrentThreadId
TlsSetValue
TlsAlloc
SetLastError
TlsGetValue
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW

Sections

.text
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 404KB - Virtual size: 403KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 86KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

931441030860a7046e10a4aab2b8acff

Code Sign

45:91:d6:e2:fc:f1:d8:ac:40:d1:95:c2:14:5e:b2:b2Certificate

87:51:35:58:14:0b:28:52:b6:a3:ff:54:14:78:57:c9:2e:c6:fb:4cSigner

Headers

File Characteristics

Imports

ole32

kernel32

Sections

.text Size: 17KB - Virtual size: 16KB

.rdata Size: 404KB - Virtual size: 403KB

.data Size: 3KB - Virtual size: 86KB

.rsrc Size: 5KB - Virtual size: 5KB

.reloc Size: 3KB - Virtual size: 2KB

45:91:d6:e2:fc:f1:d8:ac:40:d1:95:c2:14:5e:b2:b2
Certificate

87:51:35:58:14:0b:28:52:b6:a3:ff:54:14:78:57:c9:2e:c6:fb:4c
Signer

.text
Size: 17KB - Virtual size: 16KB

.rdata
Size: 404KB - Virtual size: 403KB

.data
Size: 3KB - Virtual size: 86KB

.rsrc
Size: 5KB - Virtual size: 5KB

.reloc
Size: 3KB - Virtual size: 2KB