e0d653d44beae8134c0d67093adbe318

Sharing

Copy URL Twitter E-mail

General

Target

e0d653d44beae8134c0d67093adbe318
Size

113KB
MD5

e0d653d44beae8134c0d67093adbe318
SHA1

161791d50442b6926a52de9408215f19fcd78699
SHA256

e30e37930a7220840f467ace15f0b430df052625d4ad5cdaac28360b2831ab5b
SHA512

b0731960615ca330d6672a4f3b874276e00bffe2a4843d00a008054bc25940e5fe96a1e70d240635389292e14335b879a16a0eb2b72208c89c5dff712778e7ec
SSDEEP

3072:JK0N5HrqWEnO4jOKl6YJkwL+OgZCBL5tcRz:JK0Nptu56eL+FZML5Ez

Score

1^/10

Malware Config

Signatures

Files

e0d653d44beae8134c0d67093adbe318
.exe windows:4 windows x86 arch:x86

417c57956f366dceed9706012d0863fc

Code Sign

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0d:e9:2b:f0:d4:d8:29:88:18:32:05:09:5e:9a:76:88
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

04/12/2003, 00:00

Not After

03/12/2008, 23:59

Subject

CN=VeriSign Time Stamping Services Signer,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

ad:40:a2:d9:7f:94:49:05:78:88:43:ef:22:60:41:70
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

17/11/2005, 00:00

Not After

17/11/2007, 23:59

Subject

CN=Digital Enterprises\, Inc.,O=Digital Enterprises\, Inc.,POSTALCODE=91307,STREET=23705 Vanowen St. #119,L=West Hills,ST=CA,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

44:be:0c:8b:50:00:24:b4:11:d3:36:2d:e0:b3:5f:1b
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

09/07/1999, 18:31

Not After

09/07/2019, 18:40

Subject

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment
KeyUsageCertSign
KeyUsageCRLSign

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

e:\Dev\SuperNodes\TrayIcon\Release\TrayIcon.pdb

Imports

kernel32

lstrlenW
FlushInstructionCache
GetCurrentProcess
GetCurrentThreadId
SetLastError
InitializeCriticalSection
DeleteCriticalSection
GetLastError
lstrcmpiA
lstrcatA
CloseHandle
lstrcpyA
lstrcpynA
Sleep
IsDBCSLeadByte
InterlockedIncrement
SetEvent
FreeLibrary
SizeofResource
LoadResource
FindResourceA
LoadLibraryExA
GetCommandLineA
LocalFree
FormatMessageA
GetExitCodeProcess
CreateProcessA
EnterCriticalSection
FlushFileBuffers
VirtualQuery
GetSystemInfo
VirtualProtect
SetStdHandle
LCMapStringW
LCMapStringA
GetStringTypeW
GetStringTypeA
SetFilePointer
GetCPInfo
GetOEMCP
IsBadCodePtr
IsBadReadPtr
GetFileType
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetStdHandle
WriteFile
IsBadWritePtr
HeapCreate
HeapDestroy
HeapSize
TerminateProcess
TlsAlloc
GetModuleFileNameA
lstrlenA
LeaveCriticalSection
InterlockedDecrement
MultiByteToWideChar
WideCharToMultiByte
InterlockedExchange
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
TlsGetValue
TlsSetValue
TlsFree
SetUnhandledExceptionFilter
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetStartupInfoA
GetModuleHandleA
GetSystemTimeAsFileTime
HeapReAlloc
RtlUnwind
RaiseException
ExitProcess
VirtualAlloc
VirtualFree
IsProcessorFeaturePresent
LoadLibraryA
GetProcAddress
HeapAlloc
InterlockedCompareExchange
GetProcessHeap
HeapFree

user32

RegisterClassExA
UnregisterClassA
wsprintfA
SetWindowLongA
PostMessageA
UpdateWindow
PeekMessageA
PostQuitMessage
GetMessageA
TranslateMessage
DispatchMessageA
ShowWindow
PostThreadMessageA
FindWindowA
CharUpperA
CharNextA
LoadIconA
CallWindowProcA
GetWindowLongA
CreateWindowExA
IsWindow
DestroyIcon
DefWindowProcA
GetDoubleClickTime
SetTimer
KillTimer
SetForegroundWindow
LoadMenuA
GetSubMenu
EnableMenuItem
GetCursorPos
TrackPopupMenu
DestroyMenu
DestroyWindow
LoadCursorA
GetClassInfoExA

advapi32

RegQueryInfoKeyA
RegEnumKeyExA
RegSetValueExA
RegOpenKeyExA
RegCreateKeyExA
RegCloseKey
RegDeleteValueA
RegDeleteKeyA

shell32

Shell_NotifyIconA

ole32

CoInitialize
CoTaskMemRealloc
CoTaskMemFree
CoCreateInstance
CoUninitialize
StringFromGUID2
CoTaskMemAlloc

oleaut32

VarUI4FromStr
RegisterTypeLi
UnRegisterTypeLi
SysStringLen
LoadTypeLi
LoadRegTypeLi
SysAllocString
VariantClear
VariantInit
SysFreeString
SysAllocStringLen

shlwapi

PathFindExtensionA

Sections

.text
Size: 68KB - Virtual size: 66KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

417c57956f366dceed9706012d0863fc

Code Sign

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4Certificate

Extended Key Usages

Key Usages

0d:e9:2b:f0:d4:d8:29:88:18:32:05:09:5e:9a:76:88Certificate

Extended Key Usages

Key Usages

ad:40:a2:d9:7f:94:49:05:78:88:43:ef:22:60:41:70Certificate

Extended Key Usages

Key Usages

44:be:0c:8b:50:00:24:b4:11:d3:36:2d:e0:b3:5f:1bCertificate

Extended Key Usages

Key Usages

Signer

Headers

File Characteristics

PDB Paths

Imports

kernel32

user32

advapi32

shell32

ole32

oleaut32

shlwapi

Sections

.text Size: 68KB - Virtual size: 66KB

.rdata Size: 16KB - Virtual size: 12KB

.data Size: 8KB - Virtual size: 10KB

.rsrc Size: 12KB - Virtual size: 10KB

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

0d:e9:2b:f0:d4:d8:29:88:18:32:05:09:5e:9a:76:88
Certificate

ad:40:a2:d9:7f:94:49:05:78:88:43:ef:22:60:41:70
Certificate

44:be:0c:8b:50:00:24:b4:11:d3:36:2d:e0:b3:5f:1b
Certificate

.text
Size: 68KB - Virtual size: 66KB

.rdata
Size: 16KB - Virtual size: 12KB

.data
Size: 8KB - Virtual size: 10KB

.rsrc
Size: 12KB - Virtual size: 10KB