8efb655c41fc4ef6ace03824b2679170

Sharing

Copy URL Twitter E-mail

General

Target

8efb655c41fc4ef6ace03824b2679170
Size

284KB
MD5

8efb655c41fc4ef6ace03824b2679170
SHA1

6ba131487f5ac9f4d363b3f2abc85a22f3b83dc3
SHA256

c61b3abe9547b5e8a166a7177e447016256f3db973383aaa801532ef19e9fb32
SHA512

dbf887dae4dc642c9a0e83b0570dfed5cb72372169c349cf451df479449b58c31a61d113719facab918c3d67f46c9a6eda3d2a2cfc90b3099e65ff22cbf7f538
SSDEEP

6144:JXuNinWXl11JML6uim2TF4FZCJ98YeCjlAX:J+081TTbm2qFsJ98YxQ

Score

1^/10

Malware Config

Signatures

Files

8efb655c41fc4ef6ace03824b2679170
.exe windows:4 windows x86 arch:x86

25e1e2b199f893e9f5d56f0838a9d85f

Code Sign

0a
Certificate

Issuer

CN=Thawte Premium Server CA,OU=Certification Services Division,O=Thawte Consulting cc,L=Cape Town,ST=Western Cape,C=ZA,1.2.840.113549.1.9.1=#0c197072656d69756d2d736572766572407468617774652e636f6d

Not Before

06/08/2003, 00:00

Not After

05/08/2013, 23:59

Subject

CN=Thawte Code Signing CA,O=Thawte Consulting (Pty) Ltd.,C=ZA

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

01
Certificate

Issuer

CN=Thawte Premium Server CA,OU=Certification Services Division,O=Thawte Consulting cc,L=Cape Town,ST=Western Cape,C=ZA,1.2.840.113549.1.9.1=#0c197072656d69756d2d736572766572407468617774652e636f6d

Not Before

01/08/1996, 00:00

Not After

31/12/2020, 23:59

Subject

CN=Thawte Premium Server CA,OU=Certification Services Division,O=Thawte Consulting cc,L=Cape Town,ST=Western Cape,C=ZA,1.2.840.113549.1.9.1=#0c197072656d69756d2d736572766572407468617774652e636f6d

01:26:7c:2c:61:d7:20:7e:75:d3:7d:02:72:b2:a1:3b
Certificate

Issuer

CN=Thawte Code Signing CA,O=Thawte Consulting (Pty) Ltd.,C=ZA

Not Before

15/08/2008, 00:00

Not After

14/08/2009, 23:59

Subject

CN=The Monolit Center Ltd. Co,OU=SECURE APPLICATION DEVELOPMENT,O=The Monolit Center Ltd. Co,L=s. Bogdanivci,ST=Hmel'nickyi region,C=UA

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
FreeLibrary
GetProcAddress
GetProcessHeap
HeapAlloc
GetModuleHandleW
HeapSize
IsBadReadPtr
LoadLibraryA
VirtualFree
VirtualProtect
FindNextChangeNotification
GetLocalTime
ResumeThread
FindNextFileW
ResetEvent
WaitForSingleObject
SetCurrentDirectoryW
SetFilePointer
GetVersion
GlobalDeleteAtom
SetEvent
VirtualAlloc
FindFirstFileW
GetFileAttributesExW
TerminateThread
GetUserDefaultLangID
GetTickCount
CreateWaitableTimerW
HeapFree
lstrlenW

user32

CreateWindowExW
RedrawWindow
DestroyIcon
GetMessageW
PostMessageW
LoadStringW
IsDlgButtonChecked
UpdateWindow
TranslateMessage
GetClassNameW
ReleaseDC
OffsetRect

gdi32

CreatePen
DPtoLP
GetMapMode
CreateBitmap
CreateRoundRectRgn
SetDIBits
CreateDCW
GetClipBox
CreateICW
DeleteDC
GetDeviceCaps
GetStockObject
SetTextColor

advapi32

LookupAccountSidW
RegNotifyChangeKeyValue
RegQueryValueExW
StartServiceW
RegDeleteValueW

shell32

SHChangeNotify

ole32

CoUninitialize
CoInitialize

Sections

.text
Size: 244KB - Virtual size: 241KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

25e1e2b199f893e9f5d56f0838a9d85f

Code Sign

0aCertificate

Extended Key Usages

Key Usages

01Certificate

01:26:7c:2c:61:d7:20:7e:75:d3:7d:02:72:b2:a1:3bCertificate

Extended Key Usages

Signer

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

Sections

.text Size: 244KB - Virtual size: 241KB

.rdata Size: 4KB - Virtual size: 1KB

.data Size: 20KB - Virtual size: 18KB

.rsrc Size: 8KB - Virtual size: 6KB

0a
Certificate

01
Certificate

01:26:7c:2c:61:d7:20:7e:75:d3:7d:02:72:b2:a1:3b
Certificate

.text
Size: 244KB - Virtual size: 241KB

.rdata
Size: 4KB - Virtual size: 1KB

.data
Size: 20KB - Virtual size: 18KB

.rsrc
Size: 8KB - Virtual size: 6KB