545031fa5e8492908a4e9b61fdd6516e1ff4de7d7cbcf8d4a8347dfd8de466b0

Sharing

Copy URL Twitter E-mail

General

Target

545031fa5e8492908a4e9b61fdd6516e1ff4de7d7cbcf8d4a8347dfd8de466b0
Size

183KB
MD5

ead29687b7c4e76c59269e76a85341b7
SHA1

e4358328f8547d837e42fe5f9a516cba1b00c2ee
SHA256

545031fa5e8492908a4e9b61fdd6516e1ff4de7d7cbcf8d4a8347dfd8de466b0
SHA512

ba57dbb371e40f792f9e69d37bb54a74858890de72e4a5e01ccfb1f83053cb15e71de5fa25c8df748e299247ab34a3aed97acbc6153c01de7f5f348e5f043b5c
SSDEEP

3072:2PDMqqDLy/QmY2hDO1woouAq1cBGpH+H97k0n3i/Us3mPrONNKTdZdvj:ZqqDLuxv8VzA6cO23GUsWUNSn

Score

1^/10

Malware Config

Signatures

Files

545031fa5e8492908a4e9b61fdd6516e1ff4de7d7cbcf8d4a8347dfd8de466b0
.exe windows:4 windows x86 arch:x86

197fb2e5d28ad034a02e3719c06aecb6

Code Sign

01
Certificate

Issuer

O=Internet Widgits Pty Ltd,ST=B,C=AU

Not Before

14/12/2016, 00:58

Not After

14/12/2018, 00:58

Subject

O=Internet Widgits Pty Ltd,ST=Some-State,C=BV

b0:1f:8c:e4:92:f3:29:5b:84:14:0a:3a:04:65:f3:98:63:9b:f6:43
Signer

Actual PE Digest

b0:1f:8c:e4:92:f3:29:5b:84:14:0a:3a:04:65:f3:98:63:9b:f6:43

Digest Algorithm

sha1

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mfc42

ord2740
ord879
ord2614
ord1979
ord1969
ord2801
ord882
ord273
ord537
ord5186
ord1575
ord2917
ord2803
ord958
ord6312
ord4177
ord603
ord6010
ord5773
ord2601
ord3180
ord3183
ord3176
ord3507
ord3614
ord665
ord823
ord354
ord825
ord5442
ord6385
ord860
ord800
ord815
ord3318
ord561

msvcrt

_controlfp
_except_handler3
_onexit
__dllonexit
__CxxFrameHandler
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
__p___initenv
exit
_exit
_XcptFilter

kernel32

Sleep
GetCommandLineA
GetModuleHandleA

msvcp60

??0_Winit@std@@QAE@XZ
??1Init@ios_base@std@@QAE@XZ
??0Init@ios_base@std@@QAE@XZ
?cout@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
??6std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@D@Z
??6std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@PBD@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@H@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@N@Z
?endl@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@1@AAV21@@Z
??1_Winit@std@@QAE@XZ

Sections

.text
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 124KB - Virtual size: 123KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.tls
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

197fb2e5d28ad034a02e3719c06aecb6

Code Sign

01Certificate

b0:1f:8c:e4:92:f3:29:5b:84:14:0a:3a:04:65:f3:98:63:9b:f6:43Signer

Headers

File Characteristics

Imports

mfc42

msvcrt

kernel32

msvcp60

Sections

.text Size: 8KB - Virtual size: 6KB

.rdata Size: 4KB - Virtual size: 1KB

.data Size: 16KB - Virtual size: 12KB

.rsrc Size: 16KB - Virtual size: 13KB

.tls Size: 124KB - Virtual size: 123KB

.tls Size: 4KB - Virtual size: 3KB

01
Certificate

b0:1f:8c:e4:92:f3:29:5b:84:14:0a:3a:04:65:f3:98:63:9b:f6:43
Signer

.text
Size: 8KB - Virtual size: 6KB

.rdata
Size: 4KB - Virtual size: 1KB

.data
Size: 16KB - Virtual size: 12KB

.rsrc
Size: 16KB - Virtual size: 13KB

.tls
Size: 124KB - Virtual size: 123KB

.tls
Size: 4KB - Virtual size: 3KB