bb3a82523131cd19322e130c39f697fb

Sharing

Copy URL Twitter E-mail

General

Target

bb3a82523131cd19322e130c39f697fb
Size

34KB
MD5

bb3a82523131cd19322e130c39f697fb
SHA1

a654076968d5e826291ff05b2555948dee68baae
SHA256

d4f039835c9a8da9810d07b4ecf25bbd43144bbafb58a80c3a000bf93cbcdad8
SHA512

b1b859c50a48b805947e4c51cb2961aa93bfcd1bc28181ef0b8ed9106cef43f167ce063acc2c47dbf670393216bc825131b16963a86bfdd5373319e26809816e
SSDEEP

768:DKnuovUvlV9+ZHFsF4tEIGSe+jy/gT9Ohiw9Djx:ZnvlD0tEdS8/2OhiEDjx

Score

1^/10

Malware Config

Signatures

Files

bb3a82523131cd19322e130c39f697fb
.exe windows:4 windows x86 arch:x86

44288b41f01b8c95746532193b5e2734

Code Sign

3a:db:3d:b1:a9:03:4e:45:b8:41:47:0b:ed:13:f0:d1
Certificate

Issuer

CN=7Tltl41ROBKK

Not Before

17/03/2012, 06:09

Not After

31/12/2039, 23:59

Subject

CN=7Tltl41ROBKK

Extended Key Usages

ExtKeyUsageCodeSigning

1c:a2:b1:ae:dc:ac:93:6b:bd:66:49:e6:20:bd:4c:56:8b:00:9c:c0
Signer

Actual PE Digest

1c:a2:b1:ae:dc:ac:93:6b:bd:66:49:e6:20:bd:4c:56:8b:00:9c:c0

Digest Algorithm

sha1

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
GetLogicalDriveStringsA
LoadLibraryW
PostQueuedCompletionStatus
WinExec
BuildCommDCBAndTimeoutsW
OpenMutexW
CreateJobObjectA
CreateFileW
GetFileAttributesExW
GetTapeParameters
GetShortPathNameW
GetStringTypeExA
HeapAlloc
RaiseException
WritePrivateProfileStructA
LoadLibraryExA
GetSystemTime
SystemTimeToFileTime
LockFileEx
GetProfileIntA
CreateWaitableTimerA
GetCommandLineW
GetAtomNameW
CommConfigDialogW
GetEnvironmentVariableA
Heap32ListNext
SetProcessWorkingSetSize
EnumLanguageGroupLocalesW
SetSystemTimeAdjustment
VerLanguageNameA
OpenJobObjectW
FindCloseChangeNotification
GetStartupInfoA
Thread32Next
AddConsoleAliasA
SetComputerNameA
GetCPInfoExA
GetFullPathNameA
UnlockFile
FreeLibrary
GetCurrentConsoleFont
GetComputerNameA
EnumResourceTypesA
CancelWaitableTimer
BackupWrite
GetStringTypeA
WritePrivateProfileSectionW
ReadConsoleA
FillConsoleOutputAttribute
GetTapeStatus
VerifyVersionInfoA
ReadConsoleOutputCharacterW
SetDefaultCommConfigA
FindNextVolumeMountPointA
VirtualProtectEx
GetComputerNameExA
GetLocaleInfoA
AddAtomA
WriteTapemark
GetVolumeNameForVolumeMountPointW
FindResourceExW
Heap32First
ClearCommError
CreateHardLinkA
GetLongPathNameW
SetPriorityClass
ContinueDebugEvent
GetHandleInformation
BuildCommDCBA
SetLastError
WriteProcessMemory
FreeConsole
TransactNamedPipe
GetFileAttributesW
MapViewOfFileEx
GetEnvironmentStringsA
lstrlenW
SignalObjectAndWait
SetComputerNameW
GetDevicePowerState
CreateSemaphoreA
SetThreadAffinityMask
OpenMutexA
FindResourceW
GetEnvironmentStringsW
DeleteVolumeMountPointW
CreateDirectoryExW
CreateIoCompletionPort
VirtualProtect
GetSystemWindowsDirectoryA
GetEnvironmentVariableW
GetLocalTime
SetThreadContext

gdi32

OffsetViewportOrgEx
SetViewportExtEx
GetStretchBltMode
SetLayoutWidth
GetCharWidthW
GdiFlush
GetMetaFileA
GdiDllInitialize
GetGlyphOutline
CreateEllipticRgnIndirect
PtVisible
GetClipBox
SetBoundsRect
GetEnhMetaFileBits
SetPolyFillMode
GdiEntry4
EngFindResource
SetMetaFileBitsEx
EngCreateDeviceBitmap
GdiEntry14
GetRegionData
GetMetaFileW
CreateEnhMetaFileA
EngDeletePalette
AddFontResourceExA
GetNearestPaletteIndex
StrokeAndFillPath
SetPixelFormat
CreatePolygonRgn
XFORMOBJ_bApplyXform
CreateRoundRectRgn
GdiEntry5
GdiGetSpoolMessage
GdiEndPageEMF
GdiConsoleTextOut
GetArcDirection
EndDoc
ExtCreatePen
GdiEntry6
PATHOBJ_vEnumStartClipLines
RemoveFontResourceExA
EqualRgn
GdiProcessSetup
CreateScalableFontResourceW
cGetTTFFromFOT
GetCharWidthInfo
PathToRegion
Polygon
GdiCleanCacheDC
PolyPolyline
LPtoDP
SetMagicColors
GdiCreateLocalEnhMetaFile
GetEUDCTimeStampExW
CreateCompatibleBitmap
CLIPOBJ_ppoGetPath
GetPath
SaveDC
FrameRgn
ResetDCA
GdiDeleteLocalDC
GdiGetPageHandle
ExtFloodFill
GetBkColor
EngComputeGlyphSet
GetTextExtentExPointWPri
GetPolyFillMode
GdiGetCodePage
GdiValidateHandle
GetOutlineTextMetricsW
CreateBrushIndirect
GetStringBitmapA
CopyEnhMetaFileA
CancelDC
EngStretchBltROP
EngCheckAbort
IntersectClipRect
GetTextMetricsA
GdiStartDocEMF
CreateEnhMetaFileW
GdiEntry8
GetAspectRatioFilterEx
GetTextExtentPointI
PlgBlt
SetBitmapDimensionEx
PolylineTo
FlattenPath
GetWinMetaFileBits
DeviceCapabilitiesExA
GdiConvertEnhMetaFile
GetColorAdjustment

Sections

.text
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text4
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text3
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text2
Size: 1024B - Virtual size: 800B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 924B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

44288b41f01b8c95746532193b5e2734

Code Sign

3a:db:3d:b1:a9:03:4e:45:b8:41:47:0b:ed:13:f0:d1Certificate

Extended Key Usages

1c:a2:b1:ae:dc:ac:93:6b:bd:66:49:e6:20:bd:4c:56:8b:00:9c:c0Signer

Headers

File Characteristics

Imports

kernel32

gdi32

Sections

.text Size: 20KB - Virtual size: 20KB

.text4 Size: 1024B - Virtual size: 1000B

.text3 Size: 1024B - Virtual size: 1000B

.text2 Size: 1024B - Virtual size: 800B

.data Size: 5KB - Virtual size: 5KB

.rsrc Size: 2KB - Virtual size: 2KB

.reloc Size: 1024B - Virtual size: 924B

3a:db:3d:b1:a9:03:4e:45:b8:41:47:0b:ed:13:f0:d1
Certificate

1c:a2:b1:ae:dc:ac:93:6b:bd:66:49:e6:20:bd:4c:56:8b:00:9c:c0
Signer

.text
Size: 20KB - Virtual size: 20KB

.text4
Size: 1024B - Virtual size: 1000B

.text3
Size: 1024B - Virtual size: 1000B

.text2
Size: 1024B - Virtual size: 800B

.data
Size: 5KB - Virtual size: 5KB

.rsrc
Size: 2KB - Virtual size: 2KB

.reloc
Size: 1024B - Virtual size: 924B