98ace3d18e218b70b6360efb011ac63f

Sharing

Copy URL

Twitter E-mail

General

Target

98ace3d18e218b70b6360efb011ac63f
Size

293KB
MD5

98ace3d18e218b70b6360efb011ac63f
SHA1

db59a89b27d527f8ac2ac323a3113658793aa4fa
SHA256

e3db52c5a5bd87e91f5a7a929c0d4619bb414715a2a99b869473f6034ae63b90
SHA512

fc1fe348e3c18fd7e77358ff617d8e92a403e41c5929a2b3a7d4c238799fc0dfd36f7089f4df72bbc17908ae5d7bdcfc927876b43f5207eb732e476d87e1b65c
SSDEEP

6144:zPdMdMANEVzGlcEDUl4qaRYVQ/JTGbusJRhgnGXczD7Xm2BeddhMHisjQ:8NEh8cSLqd0sisDhgnGcBBedDMCss

Score

1^/10

Malware Config

Signatures

Files

98ace3d18e218b70b6360efb011ac63f
.exe windows:4 windows x86 arch:x86

001acfa1c7ef8aa1a8bdc2548f818da7

Code Sign

74:48:7d:56:15:ac:a8:4b:b1:09:39:39:ae:6c:14:77
Certificate

Issuer

CN=ggggggggg

Not Before

17-01-2012 12:30

Not After

31-12-2039 23:59

Subject

CN=ggggggggg

Extended Key Usages

ExtKeyUsageCodeSigning

20:ca:bc:8f:e5:6a:22:da:01:28:82:1d:47:09:cd:7e:3e:3b:09:27
Signer

Actual PE Digest

20:ca:bc:8f:e5:6a:22:da:01:28:82:1d:47:09:cd:7e:3e:3b:09:27

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetVolumeInformationA
SetThreadLocale
GetDateFormatW
GlobalMemoryStatus
SetThreadPriorityBoost
SetTapePosition
LocalLock
lstrcmpi
GenerateConsoleCtrlEvent
FreeConsole
MoveFileWithProgressA
GetVersionExA
SetConsoleActiveScreenBuffer
BindIoCompletionCallback
ChangeTimerQueueTimer
GetFileSize
IsDebuggerPresent
SetFileAttributesA
GetQueuedCompletionStatus
GetExitCodeThread
MoveFileWithProgressW
HeapUnlock
GetCommState
ReadConsoleOutputA
GetConsoleTitleW
GetProcessHeap
WaitCommEvent
LocalSize
GlobalFindAtomW
GlobalFlags
OpenProcess
GetVersionExW
OpenFileMappingW
GetProcAddress
FormatMessageA
HeapWalk
GetFileAttributesA
SetMailslotInfo
EndUpdateResourceA
lstrcpyW
PurgeComm
EnumResourceNamesW
GlobalAddAtomA
GetACP
SetDefaultCommConfigA
VerSetConditionMask
CompareStringW
GetPrivateProfileSectionNamesA
Thread32First
GetLocaleInfoA
GlobalGetAtomNameA
QueryDosDeviceW
HeapLock
SetEndOfFile
GetProcessShutdownParameters
IsBadStringPtrA
FindFirstVolumeW
LoadLibraryExA
GetFileAttributesExA
QueryPerformanceCounter
SetEnvironmentVariableW
GetCommandLineA
EnumDateFormatsExA
CancelWaitableTimer
WriteProfileStringA
RtlUnwind
GetCPInfo
lstrcpy
GetLastError
GetStartupInfoA
VirtualLock
GetVolumePathNameA
CreateTimerQueueTimer
HeapSize
SetConsoleMode
_lwrite
HeapAlloc
OpenWaitableTimerA
CreateSemaphoreW
FillConsoleOutputCharacterW
CreateNamedPipeW
CommConfigDialogA
GetCompressedFileSizeW
SetCommMask
ScrollConsoleScreenBufferA
CreateMutexA
CreateRemoteThread
IsBadReadPtr
FindNextVolumeA
InterlockedIncrement
GetThreadSelectorEntry
WideCharToMultiByte
FreeEnvironmentStringsA
VirtualAlloc
GetWindowsDirectoryA
lstrlenA
lstrcpyA
CreateFileA
GetModuleHandleA

user32

GetCaretPos
GetClipCursor
SetPropW
InvalidateRect
UnregisterDeviceNotification
GetDesktopWindow
DestroyWindow
FrameRect
PostMessageA
DdeUninitialize
SetUserObjectInformationW
CreateAcceleratorTableA
GetMenuStringA
CountClipboardFormats
CloseWindowStation
RealGetWindowClassW
CharToOemBuffA
GetWindowDC
RegisterDeviceNotificationW
CharLowerA
GetClassWord
GetAsyncKeyState
SendInput
SetLayeredWindowAttributes
LookupIconIdFromDirectoryEx
IsDlgButtonChecked
AppendMenuW
ChangeMenuW
OemKeyScan
FillRect
OemToCharBuffA
SetProcessDefaultLayout
SetKeyboardState
GetAltTabInfo
RegisterWindowMessageW
EnumThreadWindows
RegisterClassExA
GetWindowModuleFileName
GetKeyboardLayout
DrawTextW
CreatePopupMenu
SendDlgItemMessageA
ChildWindowFromPointEx
SetMessageQueue
DdeSetUserHandle
SetCursor
GetClipboardFormatNameA
ScrollWindowEx
OemToCharW
SetDoubleClickTime
DrawFrame
IsWindowVisible
ChangeDisplaySettingsA
GetDlgItemInt
GetKeyboardLayoutList
LoadAcceleratorsA
CharToOemW
UpdateWindow
GetIconInfo
SetLastErrorEx
RegisterClassA
IMPSetIMEA
ModifyMenuW
GetListBoxInfo
RegisterClipboardFormatW
SetDlgItemTextW
SetWindowLongA
EnumChildWindows
IsIconic
GetMenuItemCount
ValidateRect
CreateIcon
IsRectEmpty
GetKeyboardLayoutNameA
GetWindow
MsgWaitForMultipleObjects
CreateDialogParamW
GetPropA
GetDCEx
GetDC
IsWindow
CloseWindow
GetDlgItem
CharPrevExA
GetPropW
GetShellWindow
IsDialogMessageA
LoadIconA

advapi32

RegOpenKeyExW

ole32

HMETAFILEPICT_UserFree
HICON_UserUnmarshal
CoGetPSClsid
CoRevertToSelf
WdtpInterfacePointer_UserFree
SetConvertStg
CoGetMalloc
OleSaveToStream
CLSIDFromString
StgOpenStorageOnILockBytes
CoUninitialize
CoMarshalHresult
CoGetInterfaceAndReleaseStream
UtGetDvtd32Info
CoRegisterPSClsid
OleCreateFromDataEx
CoDisableCallCancellation
OleCreateFromFileEx
MkParseDisplayName
CreateStdProgressIndicator
OleConvertIStorageToOLESTREAMEx
OleCreateEmbeddingHelper
HMETAFILE_UserSize
HBITMAP_UserMarshal
OleQueryLinkFromData
PropStgNameToFmtId
GetClassFile
OleLoad
FreePropVariantArray
GetConvertStg
HWND_UserUnmarshal
CoGetStdMarshalEx
OleSetMenuDescriptor
CoGetInstanceFromIStorage
WriteOleStg
HENHMETAFILE_UserFree
CoGetCurrentProcess
HMETAFILE_UserFree
OleRegEnumFormatEtc
HENHMETAFILE_UserMarshal
OleRegGetUserType
OleLoadFromStream
ProgIDFromCLSID
HkOleRegisterObject
UtConvertDvtd16toDvtd32
CoGetInstanceFromFile
WriteClassStg
CoLoadLibrary
CoAddRefServerProcess
CoQueryProxyBlanket
ReadClassStg
CoRevokeMallocSpy
HBRUSH_UserFree
CoGetCallerTID
CoGetMarshalSizeMax
HMETAFILEPICT_UserUnmarshal
CoAllowSetForegroundWindow
CoTaskMemFree
CoQueryClientBlanket
OleCreateDefaultHandler
HGLOBAL_UserSize
CoBuildVersion
CoCancelCall
HICON_UserSize
StgCreateDocfile
CoSuspendClassObjects
EnableHookObject
OleDraw
OleConvertOLESTREAMToIStorageEx
MonikerCommonPrefixWith
OleSetContainedObject
CLIPFORMAT_UserSize
HGLOBAL_UserFree
SNB_UserFree
CoRegisterSurrogate
HPALETTE_UserSize
CoReleaseMarshalData
OleNoteObjectVisible
CoTaskMemRealloc
CoTreatAsClass
StgCreatePropStg
OleDoAutoConvert
OleTranslateAccelerator
SetDocumentBitStg
CoGetObjectContext

Sections

.text
Size: 259KB - Virtual size: 258KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

001acfa1c7ef8aa1a8bdc2548f818da7

Code Sign

74:48:7d:56:15:ac:a8:4b:b1:09:39:39:ae:6c:14:77Certificate

Extended Key Usages

20:ca:bc:8f:e5:6a:22:da:01:28:82:1d:47:09:cd:7e:3e:3b:09:27Signer

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ole32

Sections

.text Size: 259KB - Virtual size: 258KB

.data Size: 8KB - Virtual size: 7KB

.rsrc Size: 23KB - Virtual size: 22KB

.reloc Size: 1KB - Virtual size: 1KB

74:48:7d:56:15:ac:a8:4b:b1:09:39:39:ae:6c:14:77
Certificate

20:ca:bc:8f:e5:6a:22:da:01:28:82:1d:47:09:cd:7e:3e:3b:09:27
Signer

.text
Size: 259KB - Virtual size: 258KB

.data
Size: 8KB - Virtual size: 7KB

.rsrc
Size: 23KB - Virtual size: 22KB

.reloc
Size: 1KB - Virtual size: 1KB