VirusShare_4878f378159ec1311c9d2ccf9b6c4fcb

Sharing

Copy URL

Twitter E-mail

General

Target

VirusShare_4878f378159ec1311c9d2ccf9b6c4fcb
Size

44KB
MD5

4878f378159ec1311c9d2ccf9b6c4fcb
SHA1

a6b36d4aaf4aa40f4b61815405fa26bf9acfc429
SHA256

37b69c38b01c6ae16ef39e09586f57fc91af5323c87e78b2593f5b63d121bedc
SHA512

c2b8af91fd9de2dbdcd069ad7a3bf1848ad1a58ec5fc076d8bcc7a9b096ed0d9b9edc210d90d35fc9ebfb8a359b6c3a3bb0c1b1e4843173068e9ec42fffc2c92
SSDEEP

768:jUn9FnHtvgXT30XpU6URhEViMNd09hJD0Z2phpKpSpav4CkDrN:jkHJg4ZPCEQD0dvqN

Score

1^/10

Malware Config

Signatures

Files

VirusShare_4878f378159ec1311c9d2ccf9b6c4fcb
.exe windows:4 windows x86 arch:x86

9e3d3af2f967f7aeb7c32c76105af63d

Code Sign

48:a8:43:d4:ca:72:fa:88:4a:e0:47:5b:2b:d2:d3:42
Certificate

Issuer

CN=rzvsqzsjsrmx4sl5pxp5zwk8mzotsrkwj6yntx59o4v5hlopyvrqx6rzoornilqoxk9rjyqjzphjuwv7yt49wy69h8t47j9qoinxjo4758iqnprsui7xyj8v8nivuxz7nrtp55nzv5o8sz6kokn9rzztsh6z7lh7um6o9q4k8suw5hx8i8vjykixiqz8sx6tl4v7x67szwz4rklhz74v6voh84yo8995hzliq88pyp9r55ruk46ywitxp7hsw5z969mlkizmt9w76ukvhvhijtswpw9yitllqwsomr6ywj9m7xyrhvu97tu87ojzon9wmj67rhvpvwy8xnhnzr8l8r449ri54isw6mr96zy6yzuink5qw979vs6oq5x4pxwqz7rjii55m5okmhri9pmlvwlw5u58lvimksmriri9qyjnuo4wk86ljwz979zl9lluotqtl6nhmpkktkurou75z8mwl5y7zt5wq6vtmq9zzi477v86tjxvr974i8jh9sy8qwylqwp74qul6qhpz7upv4558xuhtyi7onyxljkpmmio9jop8tlyhlviiq46xw497s54yi76yyl9nijp7ynv77t5t7zjiutyikozouxr6n8t9pn5oxzu6ottrot44qstpwyr5qn5muryh6qo4zwy7xnvz8mtp8tiprvkrljjkw87uoys7xlxr88tprpqx5n6vq444polix9hkkj5hpytn8uyhxpi9p6wrunz69wjjojs5vjhuh59ylvzr59yhwm7jpi9ljr7sojl9w74xojnnhpmlqih8v6s6rt8tq4vm47wsjpzu6sjjvyw5juom8895z9wjqsonlw6sw8yn76zwzlwy9xn4kom8tiwxqzlskrpwt6pzzt9xn96kqyn9rr8lns7mrzrwvzm977u69wltthhp7kku5s9pzjkmqjjqzjj8zvirxyk44z4tpvlwmmkkh9qu7lvpmnhry94i6qpxjp8v75q4jlpmtpqsr8h8yh4xp8wqlrwtnwlui5k88rsk4tnyijyxpssn66s7p4so6kqmsxqs6zroz94o77hyry5qp6m9qt6nn8pqjvxk5umixsk4wqnoyilqwx99y6plx77xp98lt75y8zlh5j6w9jnmnzxh5n8i7rhx ys5jrworq5kq ys5jrworq5kq

Not Before

03/12/2012, 15:08

Not After

31/12/2039, 23:59

Subject

CN=rzvsqzsjsrmx4sl5pxp5zwk8mzotsrkwj6yntx59o4v5hlopyvrqx6rzoornilqoxk9rjyqjzphjuwv7yt49wy69h8t47j9qoinxjo4758iqnprsui7xyj8v8nivuxz7nrtp55nzv5o8sz6kokn9rzztsh6z7lh7um6o9q4k8suw5hx8i8vjykixiqz8sx6tl4v7x67szwz4rklhz74v6voh84yo8995hzliq88pyp9r55ruk46ywitxp7hsw5z969mlkizmt9w76ukvhvhijtswpw9yitllqwsomr6ywj9m7xyrhvu97tu87ojzon9wmj67rhvpvwy8xnhnzr8l8r449ri54isw6mr96zy6yzuink5qw979vs6oq5x4pxwqz7rjii55m5okmhri9pmlvwlw5u58lvimksmriri9qyjnuo4wk86ljwz979zl9lluotqtl6nhmpkktkurou75z8mwl5y7zt5wq6vtmq9zzi477v86tjxvr974i8jh9sy8qwylqwp74qul6qhpz7upv4558xuhtyi7onyxljkpmmio9jop8tlyhlviiq46xw497s54yi76yyl9nijp7ynv77t5t7zjiutyikozouxr6n8t9pn5oxzu6ottrot44qstpwyr5qn5muryh6qo4zwy7xnvz8mtp8tiprvkrljjkw87uoys7xlxr88tprpqx5n6vq444polix9hkkj5hpytn8uyhxpi9p6wrunz69wjjojs5vjhuh59ylvzr59yhwm7jpi9ljr7sojl9w74xojnnhpmlqih8v6s6rt8tq4vm47wsjpzu6sjjvyw5juom8895z9wjqsonlw6sw8yn76zwzlwy9xn4kom8tiwxqzlskrpwt6pzzt9xn96kqyn9rr8lns7mrzrwvzm977u69wltthhp7kku5s9pzjkmqjjqzjj8zvirxyk44z4tpvlwmmkkh9qu7lvpmnhry94i6qpxjp8v75q4jlpmtpqsr8h8yh4xp8wqlrwtnwlui5k88rsk4tnyijyxpssn66s7p4so6kqmsxqs6zroz94o77hyry5qp6m9qt6nn8pqjvxk5umixsk4wqnoyilqwx99y6plx77xp98lt75y8zlh5j6w9jnmnzxh5n8i7rhx ys5jrworq5kq ys5jrworq5kq

Extended Key Usages

ExtKeyUsageCodeSigning

b5:71:1c:e8:d3:d5:dc:41:9c:53:20:f8:80:91:44:4a:c9:75:f2:d6
Signer

Actual PE Digest

b5:71:1c:e8:d3:d5:dc:41:9c:53:20:f8:80:91:44:4a:c9:75:f2:d6

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetWindowsDirectoryW
ReadFile
GetCommandLineW
CreateFileW
LoadLibraryW
GetProcAddress
GetVersionExA
UnhandledExceptionFilter
CloseHandle
ReleaseMutex
GetFileAttributesA
GetLastError
FreeLibrary
LoadLibraryA
lstrlenW
WaitForSingleObject
CreateMutexA
ExitProcess
GetModuleHandleA
GetStartupInfoA
SetErrorMode
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
lstrcpynA
SetUnhandledExceptionFilter
lstrlenA
GetEnvironmentVariableA
GetModuleFileNameA
lstrcpyW
SetCurrentDirectoryW
GetFullPathNameW
HeapFree
HeapAlloc
GetProcessHeap
lstrcatW
GetSystemDirectoryW
GetFileAttributesW
GetSystemInfo
GetVersionExW
GetCurrentDirectoryW
lstrcmpW
FileTimeToSystemTime
FileTimeToLocalFileTime
GetFileAttributesExW
GetDateFormatW
CompareStringW
CompareFileTime
SystemTimeToFileTime
DeleteFileW
LocalFree
FormatMessageW
WriteFile
GetTimeFormatW
GetFileSize
SetEndOfFile
SetFilePointer
MulDiv
CreateThread
FlushFileBuffers
FindClose
FindNextFileW
GetShortPathNameW
FindFirstFileW

user32

GetWindowThreadProcessId
SetForegroundWindow
SendMessageTimeoutA
LoadStringA
MessageBoxA
SetFocus
CreateWindowExW
MoveWindow
GetClientRect
GetWindowRect
wsprintfW
GetDlgItem
EndDialog
DestroyWindow
SetWindowLongW
EndPaint
GetSysColor
GetParent
BeginPaint
GetWindowLongW
DefWindowProcW
RegisterClassW
LoadCursorW
LoadStringW
MessageBoxW
PostMessageW
ShowWindow
WinHelpW
ChildWindowFromPoint
ScreenToClient
DestroyIcon
DialogBoxParamW
LoadIconW
FindWindowW
CharUpperBuffW
CharLowerBuffW
IsDlgButtonChecked
GetDlgItemTextW
CheckRadioButton
InvalidateRect
SetDlgItemTextW
EnableWindow
SendMessageW
SetClassLongW
CheckDlgButton

gdi32

GetStockObject
SetTextAlign
SelectObject
SetTextColor
SetBkColor
GetTextExtentPoint32W
ExtTextOutW

msvcrt

memcpy
_vsnprintf
_XcptFilter
_exit
_cexit
wcsstr
_wcsnicmp
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
_c_exit
_wcsicmp
wcschr

advapi32

RegOpenKeyExW
RegOpenKeyExA
RegCloseKey
RegQueryValueExA

shell32

SHGetFileInfoW
SHGetSpecialFolderLocation
SHBrowseForFolderW
SHGetPathFromIDListW
ShellExecuteW

shlwapi

SHGetValueA
StrCmpIW
SHSetValueA
StrStrIA
PathRemoveFileSpecA

comctl32

PropertySheetW
CreateStatusWindowW

Sections

.text
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 820B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9e3d3af2f967f7aeb7c32c76105af63d

Code Sign

48:a8:43:d4:ca:72:fa:88:4a:e0:47:5b:2b:d2:d3:42Certificate

Extended Key Usages

b5:71:1c:e8:d3:d5:dc:41:9c:53:20:f8:80:91:44:4a:c9:75:f2:d6Signer

Headers

File Characteristics

Imports

kernel32

user32

gdi32

msvcrt

advapi32

shell32

shlwapi

comctl32

Sections

.text Size: 22KB - Virtual size: 21KB

.data Size: 5KB - Virtual size: 5KB

.rsrc Size: 7KB - Virtual size: 6KB

.reloc Size: 1024B - Virtual size: 820B

48:a8:43:d4:ca:72:fa:88:4a:e0:47:5b:2b:d2:d3:42
Certificate

b5:71:1c:e8:d3:d5:dc:41:9c:53:20:f8:80:91:44:4a:c9:75:f2:d6
Signer

.text
Size: 22KB - Virtual size: 21KB

.data
Size: 5KB - Virtual size: 5KB

.rsrc
Size: 7KB - Virtual size: 6KB

.reloc
Size: 1024B - Virtual size: 820B