360232de749b12e35d77c954f16e6992977bdde0851b8cb05c6713bdf094778d

Sharing

Copy URL Twitter E-mail

General

Target

360232de749b12e35d77c954f16e6992977bdde0851b8cb05c6713bdf094778d
Size

371KB
MD5

7e6385c503170c2d054b747caca09bc1
SHA1

b27529a022f4c3a97a626553480c4bc9e5a66bc1
SHA256

360232de749b12e35d77c954f16e6992977bdde0851b8cb05c6713bdf094778d
SHA512

518a5e0d035246386ec5b9c6c9daee4ab61b6eab2c48edbf502d7fa3c2db52ac677263e481f2ee26a2accdc0f3d710c27651d89572013d501d91d1345839fa10
SSDEEP

3072:kYpH+pvks0R0bFl0Mf7Ofx9p/DfwjEWlWLxQtI/hmhZcxLNuhmhZcxLNqvF94w3r:kYpXs1b70M6314ZlWL/hnhuhnhqvF93r

Score

1^/10

Malware Config

Signatures

Files

360232de749b12e35d77c954f16e6992977bdde0851b8cb05c6713bdf094778d
.exe windows:4 windows x86 arch:x86

cec58715b8535093f8cda87c602056cf

Code Sign

70:ba:e4:1d:10:d9:29:34:b6:38:ca:7b:03:cc:ba:bf
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

29/01/1996, 00:00

Not After

01/08/2028, 23:59

Subject

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

16/07/2004, 00:00

Not After

15/07/2014, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

41:9a:4a:00:9a:aa:4a:16:8b:66:de:0b:6e:30:c3:c2
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Not Before

09/10/2007, 00:00

Not After

08/10/2010, 23:59

Subject

CN=MYOB Technology Pty Ltd.,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=Product Development,O=MYOB Technology Pty Ltd.,L=Melbourne,ST=Victoria,C=AU

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

00:14:a7:fa:3f:3c:0d:88:44:5c:b4:2a:41:b4:59:ee:b3:3c:c9:00
Signer

Actual PE Digest

00:14:a7:fa:3f:3c:0d:88:44:5c:b4:2a:41:b4:59:ee:b3:3c:c9:00

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStringTypeW
GetStringTypeA
GetStdHandle
SetHandleCount
GetFileType
SetStdHandle
HeapAlloc
HeapFree
GetOEMCP
GetACP
HeapReAlloc
GetVersion
GetStartupInfoA
GetModuleHandleA
GetFileAttributesA
MoveFileA
SetCurrentDirectoryA
GetCurrentDirectoryA
SetEnvironmentVariableA
GetCurrentProcess
TerminateProcess
ExitProcess
RtlUnwind
HeapSize
RaiseException
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadWritePtr
IsBadCodePtr
LCMapStringA
LCMapStringW
VirtualAlloc
MultiByteToWideChar
GetCommandLineA
GetModuleFileNameA
GetPrivateProfileStringA
WritePrivateProfileStringA
GetProfileStringA
GetPrivateProfileIntA
GetCurrentThread
LoadLibraryA
GetProcAddress
lstrcmpiA
lstrcmpA
FlushFileBuffers
CreateFileA
DeleteFileA
CloseHandle
SetFilePointer
SetEndOfFile
GetLastError
WriteFile
ReadFile
SearchPathA
GlobalReAlloc
GlobalHandle
lstrcpyA
GlobalCompact
GlobalSize
GetDiskFreeSpaceA
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalFree
FindResourceA
LoadResource
LockResource
FreeResource
GetVersionExA
lstrlenA
GetCPInfo

user32

GetDesktopWindow
GetLastActivePopup
ShowWindow
GetWindowTextA
SetWindowTextA
GetPropA
SetPropA
FillRect
GetSysColor
InvertRect
DrawFocusRect
DrawTextA
GetParent
IsZoomed
ClientToScreen
GetSystemMetrics
OffsetRect
ScreenToClient
wsprintfA
InvalidateRect
IsWindowVisible
GetWindowThreadProcessId
GetActiveWindow
BringWindowToTop
LoadCursorA
DestroyCursor
HideCaret
GetKeyState
IsDialogMessageA
TranslateMDISysAccel
GetMessageA
RegisterWindowMessageA
RegisterClassA
IsChild
DefFrameProcA
DefWindowProcA
PostMessageA
GetMessageTime
DefMDIChildProcA
EndPaint
BeginPaint
CallWindowProcA
RemovePropA
CloseClipboard
GetClipboardData
OpenClipboard
EnumChildWindows
SetCursor
GetDialogBaseUnits
DestroyWindow
GetMessagePos
DialogBoxIndirectParamA
SetWindowLongA
CreateCaret
ShowCaret
GetWindowRect
EnableWindow
SendMessageA
IsWindow
GetNextDlgTabItem
GetClassNameA
IsWindowEnabled
EndDialog
GetDlgItem
GetDlgItemTextA
SetDlgItemTextA
LoadIconA
SendDlgItemMessageA
CreateWindowExA
CreateDialogIndirectParamA
GetFocus
LoadStringA
MessageBeep
MessageBoxA
GetDC
ReleaseDC
PeekMessageA
TranslateMessage
DispatchMessageA
GetClientRect
SetFocus
UpdateWindow
SetRect
PtInRect
CharUpperA
GetWindow
GetWindowLongA
InflateRect

gdi32

TextOutA
RealizePalette
CreateDIBitmap
SelectObject
PatBlt
DeleteObject
SaveDC
GetTextColor
GetBkColor
IntersectClipRect
SetTextAlign
RestoreDC
CreatePalette
CreateBitmap
GetDeviceCaps
DeleteDC
BitBlt
StretchBlt
SetStretchBltMode
CreateCompatibleDC
CreateFontIndirectA
GetStockObject
CreatePen
CreateSolidBrush
CreatePatternBrush
CreateHatchBrush
CreateRectRgn
CombineRgn
SetMapperFlags
GetTextMetricsA
GetTextFaceA
SetBkMode
SetBkColor
SetTextColor
GetTextExtentPointA
GetRgnBox
Rectangle
LineTo
MoveToEx
PaintRgn
GetCharWidthA
SelectPalette

comdlg32

GetOpenFileNameA

myobsp32

_DMSetVersionInfo@8
_DMGetVersionInfo@4
_DMGetFirstRollbackRecord@8
_DMUpdateRollbackRecord@8
_DMAddRollbackRecord@8
_DMGetNextRollbackRecord@8
_DMNewNumberedRecord@16
_DMUseRecord@12
_DMSetRecHandle@16
_DMReleaseRecord@12
_DMCloseFile@12
_DMOpenFile@8
_DMGetRecordCount@8
_DMFirstRecord@16
_DMNextRecord@16
_DMReSyncNextSetID@12
_DMInitialize@8
_DMOpenDataFile@24
_DMSetCountryCode@8
_DMCalculateApproxFileSize@12
_DMGetAlternateSequence@16
_DMGetDODANameList@12
_DMGetConditionalIndexList@12
_DMCreateMYOBDat@12
_DMCloseDataFile@8
_DMExit@4
_DMGetError@4
_DMGetLastError@8

Sections

.text
Size: 120KB - Virtual size: 119KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 216KB - Virtual size: 212KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cec58715b8535093f8cda87c602056cf

Code Sign

70:ba:e4:1d:10:d9:29:34:b6:38:ca:7b:03:cc:ba:bfCertificate

41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2Certificate

Extended Key Usages

Key Usages

41:9a:4a:00:9a:aa:4a:16:8b:66:de:0b:6e:30:c3:c2Certificate

Extended Key Usages

Key Usages

00:14:a7:fa:3f:3c:0d:88:44:5c:b4:2a:41:b4:59:ee:b3:3c:c9:00Signer

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

myobsp32

Sections

.text Size: 120KB - Virtual size: 119KB

.rdata Size: 12KB - Virtual size: 8KB

.data Size: 16KB - Virtual size: 32KB

.rsrc Size: 216KB - Virtual size: 212KB

70:ba:e4:1d:10:d9:29:34:b6:38:ca:7b:03:cc:ba:bf
Certificate

41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2
Certificate

41:9a:4a:00:9a:aa:4a:16:8b:66:de:0b:6e:30:c3:c2
Certificate

00:14:a7:fa:3f:3c:0d:88:44:5c:b4:2a:41:b4:59:ee:b3:3c:c9:00
Signer

.text
Size: 120KB - Virtual size: 119KB

.rdata
Size: 12KB - Virtual size: 8KB

.data
Size: 16KB - Virtual size: 32KB

.rsrc
Size: 216KB - Virtual size: 212KB