a5afde0e3e80d9a521017cdfe84064d0

Sharing

Copy URL

Twitter E-mail

General

Target

a5afde0e3e80d9a521017cdfe84064d0
Size

45KB
MD5

a5afde0e3e80d9a521017cdfe84064d0
SHA1

e51cad263e94670b073412de530742f3431db622
SHA256

d89ce9aba65ebcfd8a28321e25dea360a7965d0fda2f895bba3a9e2f1cdd5aa1
SHA512

fbceea4309e9bc39785353ad1913a1009a543ddcaa219a7b014c26941c52e39120b5bbc6925cd30b65cde8c111632ead96de358f171681459a07ca7cfb91e595
SSDEEP

768:RIhi3I9NV/K0a8pWNp1ndqvG1fGKAjHslK1ycDN4PRg8:mhi49fo/7Y18

Score

1^/10

Malware Config

Signatures

Files

a5afde0e3e80d9a521017cdfe84064d0
.exe windows:5 windows x86 arch:x86

8711c024c2cf432e8029b8cd92b75f42

Code Sign

0f:1d:b0:a6:2c:6d:d5:b2:47:86:46:85:24:2c:9b:18
Certificate

Issuer

CN=t123612333

Not Before

05-02-2012 18:21

Not After

31-12-2039 23:59

Subject

CN=t123612333

Extended Key Usages

ExtKeyUsageCodeSigning

92:8d:75:64:2a:bb:49:b8:ba:24:cf:a0:d7:42:15:8d:65:20:f4:84
Signer

Actual PE Digest

92:8d:75:64:2a:bb:49:b8:ba:24:cf:a0:d7:42:15:8d:65:20:f4:84

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetCommConfig
SetCommState
SetComputerNameExA
SetComputerNameExW
SetComputerNameW
SetConsoleMode
SetEnvironmentVariableA
SetFileAttributesA
SetFileTime
SetPriorityClass
SetStdHandle
SetCalendarInfoW
SetWaitableTimer
SignalObjectAndWait
Sleep
TerminateJobObject
TlsFree
TransactNamedPipe
UnlockFileEx
WriteFileGather
WriteProfileStringA
WriteTapemark
lstrcpyA
ResetWriteWatch
ReadConsoleOutputW
ReadConsoleInputW
QueryPerformanceFrequency
MoveFileExW
Module32First
LockFile
LocalShrink
LocalFileTimeToFileTime
LoadResource
IsBadStringPtrA
HeapAlloc
Heap32ListFirst
GlobalUnlock
GlobalSize
GlobalMemoryStatusEx
GlobalMemoryStatus
GlobalHandle
GlobalAddAtomA
GetWindowsDirectoryW
GetVersion
GetUserDefaultLCID
GetTimeFormatW
GetTimeFormatA
GetThreadSelectorEntry
GetTempFileNameA
GetSystemDefaultLangID
GetStringTypeA
GetProcessPriorityBoost
GetNumberFormatW
GetLongPathNameW
GetLocalTime
GetDiskFreeSpaceExA
GetCurrentThreadId
GetCurrentDirectoryA
GetCurrencyFormatA
GetConsoleTitleW
GetConsoleAliasesLengthA
GetComputerNameExA
GetCommState
GetCommMask
GetBinaryTypeW
GetAtomNameW
FormatMessageW
FoldStringA
FindResourceExA
FindResourceA
FindFirstVolumeMountPointA
FillConsoleOutputAttribute
EnumLanguageGroupLocalesW
EnumResourceNamesA
EnumDateFormatsExW
EnumCalendarInfoW
EndUpdateResourceA
DnsHostnameToComputerNameA
CreateTimerQueueTimer
CreateSemaphoreW
CreateRemoteThread
CreateProcessW
CreateProcessA
CreateEventW
CreateDirectoryW
CopyFileExW
CopyFileA
CompareStringA
ChangeTimerQueueTimer
BuildCommDCBAndTimeoutsW
BuildCommDCBAndTimeoutsA
BeginUpdateResourceW
LoadLibraryA
GetProcAddress
SetThreadContext
VirtualAlloc

gdi32

cGetTTFFromFOT
XFORMOBJ_bApplyXform
UnloadNetworkFonts
StartDocW
SetStretchBltMode
SetMapMode
SetLayout
SetDIBColorTable
SetBkMode
SelectPalette
SaveDC
RemoveFontResourceTracking
PtInRegion
Polyline
PolyDraw
PlayEnhMetaFile
PATHOBJ_vEnumStart
GetTextFaceAliasW
GetTextExtentExPointA
GetNearestPaletteIndex
GetLayout
GetFontAssocStatus
GetDeviceCaps
GetDCOrgEx
GetCurrentPositionEx
GetCurrentObject
GetBitmapDimensionEx
GdiGetPageHandle
GdiGetDevmodeForPage
GdiGetCharDimensions
GdiDeleteSpoolFileHandle
GdiComment
FlattenPath
FONTOBJ_pxoGetXform
EngGetDriverName
EngCreateSemaphore
EngBitBlt
EngAcquireSemaphore
EndDoc
CreateMetaFileW
CreateFontIndirectW
CreateFontIndirectA
CreateDCA
CombineTransform
ChoosePixelFormat
CheckColorsInGamut
CLIPOBJ_bEnum
AnyLinkedFonts
GetStockObject
gdiPlaySpoolStream

comdlg32

ReplaceTextA
PrintDlgW
PrintDlgExW
PrintDlgExA
PrintDlgA
PageSetupDlgW
PageSetupDlgA
GetSaveFileNameW
GetSaveFileNameA
GetOpenFileNameW
GetOpenFileNameA
GetFileTitleW
GetFileTitleA
FindTextW
FindTextA
CommDlgExtendedError
ChooseFontW
ChooseFontA
ChooseColorW
ChooseColorA
ReplaceTextW

Sections

.text
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.set
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.uuj
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 152B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8711c024c2cf432e8029b8cd92b75f42

Code Sign

0f:1d:b0:a6:2c:6d:d5:b2:47:86:46:85:24:2c:9b:18Certificate

Extended Key Usages

92:8d:75:64:2a:bb:49:b8:ba:24:cf:a0:d7:42:15:8d:65:20:f4:84Signer

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

gdi32

comdlg32

Sections

.text Size: 6KB - Virtual size: 6KB

.set Size: 25KB - Virtual size: 25KB

.uuj Size: 1KB - Virtual size: 1KB

.data Size: 512B - Virtual size: 152B

.rsrc Size: 8KB - Virtual size: 7KB

.reloc Size: 1KB - Virtual size: 1KB

0f:1d:b0:a6:2c:6d:d5:b2:47:86:46:85:24:2c:9b:18
Certificate

92:8d:75:64:2a:bb:49:b8:ba:24:cf:a0:d7:42:15:8d:65:20:f4:84
Signer

.text
Size: 6KB - Virtual size: 6KB

.set
Size: 25KB - Virtual size: 25KB

.uuj
Size: 1KB - Virtual size: 1KB

.data
Size: 512B - Virtual size: 152B

.rsrc
Size: 8KB - Virtual size: 7KB

.reloc
Size: 1KB - Virtual size: 1KB