GTASACenter_Setup_Rel_2_1_1[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

GTASACenter_Setup_Rel_2_1_1.exe
Size

5.3MB
MD5

ce72f95e66381154b5f5f1ceb0fa19fc
SHA1

fa245ad14f8a353ca5034d6d6157e9b26ebee18d
SHA256

fff5760846ccb79f71a654101db72bb70e8d948b2ea5fe3b22ca7cb8152ee1d1
SHA512

e4e3ac2ec68bd45b5cd0e978f1dd3d53441614981a22633255ff4aad34d5d45ff76fcd3b8fa60105cccc1070f815f5858f0b457254aea1c2903285dcddc9ebc8
SSDEEP

98304:ZczshYuCIvSgsptJwOxEUMo9rkFgT3YMbwo/yrryzwkMlhrv3YFeFVuDEVYZ:JmmBspnvxEkeF4bwoWrIlMzj3YFauDE4

Score

1^/10

Malware Config

Signatures

Files

GTASACenter_Setup_Rel_2_1_1.exe
.exe windows:4 windows x86 arch:x86

81638d02019c0bfcaaf23a9c69f2f12c

Code Sign

Certificate

Issuer

CN=Estetiksoft Root CA,O=Estetiksoft Root CA,ST=NRW,C=DE,1.2.840.113549.1.9.1=#0c13726f6f74406573746574696b736f66742e6465

Not Before

27/08/2005, 14:40

Not After

25/08/2015, 14:40

Subject

CN=Estetiksoft Root CA,O=Estetiksoft Root CA,ST=NRW,C=DE,1.2.840.113549.1.9.1=#0c13726f6f74406573746574696b736f66742e6465

3e:5e:fe:d1:61:f0:06:4d:b0:78:87:b8:f8:27:12:2f
Certificate

Issuer

CN=Estetiksoft Root CA,O=Estetiksoft Root CA,ST=NRW,C=DE,1.2.840.113549.1.9.1=#0c13726f6f74406573746574696b736f66742e6465

Not Before

27/08/2005, 15:27

Not After

31/12/2039, 23:59

Subject

CN=GTAForums,OU=Open Source Projects,O=Estetiksoft,L=Essen,ST=Nordrhein Westfallen,C=DE,1.2.840.113549.1.9.1=#0c18677461666f72756d73406573746574696b736f66742e6465

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0d:e9:2b:f0:d4:d8:29:88:18:32:05:09:5e:9a:76:88
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

04/12/2003, 00:00

Not After

03/12/2008, 23:59

Subject

CN=VeriSign Time Stamping Services Signer,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateFileMappingA
WaitForSingleObject
CreateProcessA
GetCommandLineA
CloseHandle
UnmapViewOfFile
WriteFile
MapViewOfFile
DeleteFileA
GetTempFileNameA
GetTempPathA
CreateFileA
GetShortPathNameA
GetModuleFileNameA

user32

wsprintfA

Sections

.text
Size: 512B - Virtual size: 510B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 533B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 20B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5.3MB - Virtual size: 5.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

81638d02019c0bfcaaf23a9c69f2f12c

Code Sign

Certificate

3e:5e:fe:d1:61:f0:06:4d:b0:78:87:b8:f8:27:12:2fCertificate

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4Certificate

Extended Key Usages

Key Usages

0d:e9:2b:f0:d4:d8:29:88:18:32:05:09:5e:9a:76:88Certificate

Extended Key Usages

Key Usages

Signer

Headers

File Characteristics

Imports

kernel32

user32

Sections

.text Size: 512B - Virtual size: 510B

.rdata Size: 1024B - Virtual size: 533B

.data Size: 512B - Virtual size: 20B

.rsrc Size: 5.3MB - Virtual size: 5.3MB

3e:5e:fe:d1:61:f0:06:4d:b0:78:87:b8:f8:27:12:2f
Certificate

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

0d:e9:2b:f0:d4:d8:29:88:18:32:05:09:5e:9a:76:88
Certificate

.text
Size: 512B - Virtual size: 510B

.rdata
Size: 1024B - Virtual size: 533B

.data
Size: 512B - Virtual size: 20B

.rsrc
Size: 5.3MB - Virtual size: 5.3MB