VirusShare_c5029415a5c6ad96cd7295a9bcfd4f7c

Sharing

Copy URL

Twitter E-mail

General

Target

VirusShare_c5029415a5c6ad96cd7295a9bcfd4f7c
Size

278KB
MD5

c5029415a5c6ad96cd7295a9bcfd4f7c
SHA1

bf884ce8eded30fa426e1dcb9a92012fd97a7baa
SHA256

76a6f986a4833d94e82216f01d3de03ff835e24f32547e4922ed4be0671e6cd0
SHA512

560ac5481d446ddd83de885335afdbe4133b0b53dad58ee1b60f6206e9ca091d360e8054f675070c65a8f415028071b0cb1cca29c9b54fecf7c020cc35960fc3
SSDEEP

6144:ve4b1G6rzysDrwsSSYgkrD77q3UwQi7oQCAEzob3:veoATkrwsSSYjn77OUZi7JCTob

Score

1^/10

Malware Config

Signatures

Files

VirusShare_c5029415a5c6ad96cd7295a9bcfd4f7c
.exe windows:4 windows x86 arch:x86

8d9b13c8956c5fb5dadb8f786d270d8f

Code Sign

18:05:63:bd:39:7c:e9:84:4e:45:32:64:33:d8:14:6a
Certificate

Issuer

CN=SDOkUGUnMWwv

Not Before

15-03-2012 10:39

Not After

31-12-2039 23:59

Subject

CN=SDOkUGUnMWwv

Extended Key Usages

ExtKeyUsageCodeSigning

b1:4d:2c:96:72:1d:f1:d8:d5:8e:57:cd:06:36:af:e7:6d:fb:ca:8f
Signer

Actual PE Digest

b1:4d:2c:96:72:1d:f1:d8:d5:8e:57:cd:06:36:af:e7:6d:fb:ca:8f

Digest Algorithm

sha1

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAllocEx
LoadLibraryW
CreateFileA
GetWindowsDirectoryA
lstrlenA
lstrcpyA
SetEnvironmentVariableA
WaitNamedPipeA
DeleteFileW
GetLongPathNameA
OpenFileMappingA
GetNumberFormatA
SetComputerNameExA
LoadLibraryA
RaiseException
SetConsoleCtrlHandler
GetCommProperties
SetCalendarInfoW
GetStartupInfoA
CreateWaitableTimerW
CreateIoCompletionPort
FindNextVolumeW
GetConsoleScreenBufferInfo
SetLocaleInfoW
GetThreadLocale
CreateDirectoryExW
SearchPathA
GetLongPathNameW
BindIoCompletionCallback
DeleteTimerQueueTimer
GetConsoleAliasExesW
GetComputerNameExW
GetProcessHeaps
GetCommConfig
PulseEvent
Thread32First
Heap32ListNext
ReadProcessMemory
GetProcessVersion
QueryDosDeviceA
ClearCommError
ExpandEnvironmentStringsA
_lclose
EnumCalendarInfoExA
lstrcmpA
AddConsoleAliasA
TerminateProcess
GetLocaleInfoA
VirtualFreeEx
GetTempPathW
SetErrorMode
OpenEventA
Heap32ListFirst
GetFileSizeEx
FatalAppExitW
CreateConsoleScreenBuffer
GetSystemDirectoryA
InitializeCriticalSection
ReadConsoleOutputCharacterW
FatalAppExitA
OpenFileMappingW
GenerateConsoleCtrlEvent
SetMailslotInfo
GetModuleFileNameA
GetProfileStringA
VerifyVersionInfoW
GetPrivateProfileIntW
GetProcessAffinityMask
MapViewOfFile
FormatMessageW
ExitProcess
CopyFileW
Toolhelp32ReadProcessMemory
lstrcpyW
GlobalMemoryStatus
WriteConsoleOutputW
EnumTimeFormatsA
VirtualUnlock
GetTickCount
GetWriteWatch
FindFirstVolumeW
GetConsoleAliasW
GetTempFileNameA
FindVolumeMountPointClose
TransmitCommChar
FreeEnvironmentStringsA
GetProcessShutdownParameters
WaitCommEvent
GetDateFormatA
CreateSemaphoreA
GetSystemWindowsDirectoryA
WriteConsoleOutputAttribute
WriteFileEx
SearchPathW
SetFileApisToOEM
LoadLibraryExA
WaitForMultipleObjectsEx
SetStdHandle
ReadConsoleW
FileTimeToSystemTime
BeginUpdateResourceW
FindClose

user32

SetDebugErrorLevel
GetWindowPlacement
AdjustWindowRect
DrawTextA
GetMenuInfo
IMPQueryIMEA
CreateMenu
InvalidateRect
GetForegroundWindow
SetSysColors
SwapMouseButton
DestroyCaret
EmptyClipboard
SetPropW
GetClassInfoExW
CallMsgFilterW
DialogBoxParamA
DrawTextExW
TrackPopupMenu
BeginPaint
IsDialogMessageA
LoadCursorFromFileA
ShowOwnedPopups
DialogBoxIndirectParamW
GetAltTabInfoW
MenuItemFromPoint
WINNLSGetEnableStatus
ImpersonateDdeClientWindow
MessageBoxA
CreateMDIWindowW
OemToCharW
LoadCursorW
TrackMouseEvent
DialogBoxParamW
CascadeWindows
IsCharLowerW
DefFrameProcA
GetNextDlgTabItem
DdeSetQualityOfService
EnumDisplaySettingsExA
GetInputState
SetDlgItemTextA
InvalidateRgn
DefWindowProcA
InSendMessageEx
GetScrollPos
CharNextW
PostQuitMessage
SetMenuItemInfoW
SetMessageQueue
DdeDisconnectList
MapDialogRect
GetMenuItemInfoW
GetCursorPos
ExcludeUpdateRgn
SetLayeredWindowAttributes
DdeCreateDataHandle
MessageBoxIndirectA
UpdateWindow
CharNextExA
SetRectEmpty
SubtractRect
ScrollWindow
CreateWindowStationA
GrayStringA
EnumWindows
FindWindowExA
UpdateLayeredWindow
ModifyMenuW
EndTask
NotifyWinEvent
ReuseDDElParam
GetUpdateRect
PeekMessageW
MessageBoxIndirectW
SetActiveWindow
IsWindowEnabled
PostThreadMessageW
WINNLSGetIMEHotkey
CopyAcceleratorTableA
MapVirtualKeyExA
OpenClipboard
PostThreadMessageA
SetShellWindow
IsClipboardFormatAvailable
DrawFrame
RemovePropA
GetWindow
GetKeyState

comdlg32

GetFileTitleW
ChooseFontW
PageSetupDlgA
ChooseColorA
ChooseColorW
PageSetupDlgW
FindTextA
GetSaveFileNameA
GetSaveFileNameW
PrintDlgA
PrintDlgExA
PrintDlgW
GetOpenFileNameW
GetOpenFileNameA
ReplaceTextW
FindTextW
ReplaceTextA
PrintDlgExW
CommDlgExtendedError
GetFileTitleA
ChooseFontA

advapi32

RegOpenKeyExW

shell32

Shell_NotifyIconA
SHBrowseForFolderA
SHFreeNameMappings
SHGetFolderPathA
SHGetMalloc
SHQueryRecycleBinA
ExtractIconEx
ShellAboutW
SHQueryRecycleBinW
ShellExecuteW
FindExecutableA
SHGetInstanceExplorer
ShellExecuteA
SHGetFileInfoA
DragQueryFileW
SHPathPrepareForWriteA
ExtractIconA
ShellHookProc
SHInvokePrinterCommandA
SHGetSettings
SHGetDiskFreeSpaceExW
ShellExecuteEx
SHGetDiskFreeSpaceExA
SHCreateDirectoryExW
DragQueryPoint
DragQueryFileAorW
ShellExecuteExA
SHGetDiskFreeSpaceA
SHGetPathFromIDList
SHIsFileAvailableOffline
CheckEscapesW
SHGetPathFromIDListW
WOWShellExecute
ExtractIconExA
FindExecutableW
SHFileOperationA
SHEmptyRecycleBinA
SHFileOperation
SHGetFolderPathW
DragQueryFile
SHGetIconOverlayIndexW
DuplicateIcon
ExtractAssociatedIconA
SHBrowseForFolder
SHGetSpecialFolderPathW
DoEnvironmentSubstA
ShellAboutA
DoEnvironmentSubstW
SHEmptyRecycleBinW
ExtractAssociatedIconExW
DragFinish
SHLoadInProc
ShellExecuteExW
SHPathPrepareForWriteW
ExtractAssociatedIconW
SHGetSpecialFolderPathA

shlwapi

StrRStrIW
StrRChrW
StrRChrIW
StrRStrIA
StrStrIW
StrRChrA
StrChrW
StrStrA
StrCmpNIA
StrRChrIA
StrChrA
StrChrIW

comctl32

FlatSB_EnableScrollBar
FlatSB_GetScrollPos
ImageList_Read
ImageList_Write
PropertySheet
ImageList_Create
CreateToolbarEx
ImageList_AddIcon
ImageList_AddMasked
ord3
ord16
ImageList_ReplaceIcon
ImageList_LoadImageA
GetMUILanguage
FlatSB_GetScrollProp
FlatSB_SetScrollPos
ImageList_SetDragCursorImage
ImageList_GetImageCount
FlatSB_SetScrollInfo
ord14
FlatSB_GetScrollInfo
ord6
ImageList_GetBkColor
ImageList_DragLeave
ord2
FlatSB_SetScrollProp
ImageList_DrawIndirect
ImageList_Add
InitMUILanguage
ImageList_Merge
ImageList_DrawEx
CreatePropertySheetPage
ImageList_LoadImage
PropertySheetA
ImageList_GetImageInfo
ImageList_DragMove
ImageList_DragShowNolock
ImageList_GetImageRect
ImageList_SetBkColor
ImageList_GetDragImage
CreatePropertySheetPageA
ImageList_SetOverlayImage
ord8
ImageList_GetIcon
ImageList_BeginDrag
ImageList_Remove
ImageList_EndDrag
DrawStatusText
ImageList_Draw
CreatePropertySheetPageW
FlatSB_ShowScrollBar
ImageList_LoadImageW
ord17
ImageList_Replace
ImageList_DragEnter
ImageList_SetImageCount
CreateStatusWindow

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

d3
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

d2
Size: 258KB - Virtual size: 257KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8d9b13c8956c5fb5dadb8f786d270d8f

Code Sign

18:05:63:bd:39:7c:e9:84:4e:45:32:64:33:d8:14:6aCertificate

Extended Key Usages

b1:4d:2c:96:72:1d:f1:d8:d5:8e:57:cd:06:36:af:e7:6d:fb:ca:8fSigner

Headers

File Characteristics

Imports

kernel32

user32

comdlg32

advapi32

shell32

shlwapi

comctl32

Sections

.text Size: 4KB - Virtual size: 3KB

d3 Size: 1024B - Virtual size: 1000B

d2 Size: 258KB - Virtual size: 257KB

.data Size: 9KB - Virtual size: 9KB

.rsrc Size: 2KB - Virtual size: 1KB

.reloc Size: 2KB - Virtual size: 1KB

18:05:63:bd:39:7c:e9:84:4e:45:32:64:33:d8:14:6a
Certificate

b1:4d:2c:96:72:1d:f1:d8:d5:8e:57:cd:06:36:af:e7:6d:fb:ca:8f
Signer

.text
Size: 4KB - Virtual size: 3KB

d3
Size: 1024B - Virtual size: 1000B

d2
Size: 258KB - Virtual size: 257KB

.data
Size: 9KB - Virtual size: 9KB

.rsrc
Size: 2KB - Virtual size: 1KB

.reloc
Size: 2KB - Virtual size: 1KB