404a3992fb0dd28b56eb04d3ea86e7c0d636cb07d389052e7152d4f1e9a170e2

Sharing

Copy URL Twitter E-mail

General

Target

404a3992fb0dd28b56eb04d3ea86e7c0d636cb07d389052e7152d4f1e9a170e2
Size

1.1MB
MD5

63fb916d0cfe8a4e2227b9b1ccbe2359
SHA1

d60fc238912b19e105cb9a2938e06bb18bd79340
SHA256

404a3992fb0dd28b56eb04d3ea86e7c0d636cb07d389052e7152d4f1e9a170e2
SHA512

dbc274ed4e0e5f03aca5bfbef6bf3aafd1d570d4676eade8238f18624bd3a2f5540bcfa99ca8d3c5f166b814baebb1799fcf324ed1107f6a78b946ce729ae12e
SSDEEP

24576:wU0EBbVsCQU0HRc/x7K/L9jLEMMMMMMMdrEH7P9:wUzBbVsCQrRuKT9MMMMMMMMa

Score

1^/10

Malware Config

Signatures

Files

404a3992fb0dd28b56eb04d3ea86e7c0d636cb07d389052e7152d4f1e9a170e2
.exe windows:4 windows x86 arch:x86

1fd98652b63439b71407f5fbc990381e

Code Sign

04:00:00:00:00:01:2f:4e:e1:52:d7
Certificate

Issuer

CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE

Not Before

13/04/2011, 10:00

Not After

28/01/2028, 12:00

Subject

CN=GlobalSign Timestamping CA - G2,O=GlobalSign nv-sa,C=BE

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

04:00:00:00:00:01:2f:4e:e1:35:5c
Certificate

Issuer

CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE

Not Before

13/04/2011, 10:00

Not After

13/04/2019, 10:00

Subject

CN=GlobalSign CodeSigning CA - G2,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

11:21:40:5c:1f:0e:d2:58:88:2b:e5:4d:86:86:ba:11:ea:45
Certificate

Issuer

CN=GlobalSign Timestamping CA - G2,O=GlobalSign nv-sa,C=BE

Not Before

23/08/2013, 00:00

Not After

23/09/2024, 00:00

Subject

CN=GlobalSign TSA for MS Authenticode - G1,O=GMO GlobalSign Pte Ltd,C=SG

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

11:21:7b:19:af:ad:ac:a6:e4:de:40:3a:61:89:3f:e4:b7:b7
Certificate

Issuer

CN=GlobalSign CodeSigning CA - G2,O=GlobalSign nv-sa,C=BE

Not Before

02/07/2011, 13:47

Not After

07/08/2014, 00:58

Subject

CN=June Fabrics Technology Inc.,O=June Fabrics Technology Inc.,L=Fairfax,ST=VA,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\work\test3\Android\PdaGate\Release\PdaNet.pdb

Imports

winmm

PlaySoundA

shlwapi

SHGetValueA
SHDeleteValueA
PathRemoveFileSpecA
UrlEscapeA
PathAppendA

rasapi32

RasEnumEntriesA
RasGetEntryPropertiesA
RasSetEntryPropertiesA
RasEnumDevicesA
RasHangUpA
RasDialA
RasSetEntryDialParamsA

wininet

InternetOpenA
InternetCloseHandle
InternetReadFile
HttpQueryInfoA
InternetOpenUrlA

ws2_32

gethostbyname
ntohl
closesocket
send
ntohs
recv
connect
setsockopt
ioctlsocket
WSAGetLastError
inet_addr
inet_ntoa
htons
WSACleanup
sendto
select
__WSAFDIsSet
recvfrom
htonl
WSALookupServiceBeginW
WSALookupServiceNextW
WSALookupServiceEnd
WSAStartup
socket

setupapi

SetupDiGetDeviceInterfaceDetailA
SetupDiGetClassDevsA
SetupDiDestroyDeviceInfoList
SetupDiEnumDeviceInterfaces

psapi

EnumProcesses
GetModuleBaseNameA

kernel32

HeapSize
GetCurrentThread
TlsAlloc
ReadConsoleInputA
SetConsoleMode
TlsSetValue
TlsFree
GetCPInfo
TlsGetValue
GetStdHandle
ExitProcess
HeapCreate
FlushConsoleInputBuffer
GlobalMemoryStatus
GetVersion
SetEnvironmentVariableA
CompareStringW
CompareStringA
SetEndOfFile
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
HeapDestroy
FatalAppExitA
GetStartupInfoA
GetCommandLineA
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetSystemTimeAsFileTime
GlobalUnlock
GlobalLock
GlobalAlloc
MultiByteToWideChar
WideCharToMultiByte
EnterCriticalSection
LeaveCriticalSection
WaitForSingleObject
FlushInstructionCache
GetCurrentProcess
lstrlenW
CloseHandle
CreateThread
lstrlenA
GetCurrentThreadId
GetModuleFileNameA
DeleteFileA
CreateEventA
ResetEvent
RaiseException
SetLastError
Sleep
TerminateThread
GetLastError
FreeLibrary
GetProcAddress
GetOEMCP
InitializeCriticalSection
DeleteCriticalSection
GetVersionExA
SetEvent
CreateFileA
InterlockedIncrement
InterlockedDecrement
lstrcmpiA
IsDBCSLeadByte
SizeofResource
LoadResource
FindResourceA
LoadLibraryExA
GetModuleHandleA
GetOverlappedResult
WaitForMultipleObjects
DeviceIoControl
CancelIo
WriteFile
ReadFile
WriteProfileStringA
lstrcmpA
lstrcpyA
lstrcpynA
SetCommTimeouts
TerminateProcess
OpenProcess
WinExec
lstrcatA
CreateSemaphoreA
ReleaseSemaphore
GetTickCount
OutputDebugStringA
InterlockedExchange
LocalAlloc
LocalFree
GetTimeZoneInformation
HeapReAlloc
RtlUnwind
VirtualQuery
GetSystemInfo
VirtualProtect
VirtualAlloc
VirtualFree
IsProcessorFeaturePresent
HeapAlloc
GetProcessHeap
HeapFree
InterlockedCompareExchange
GetThreadLocale
GetEnvironmentStringsW
GetLocaleInfoA
GetACP
SetHandleCount
GetFileType
QueryPerformanceCounter
GetCurrentProcessId
SetConsoleCtrlHandler
GetLocaleInfoW
SetFilePointer
SetStdHandle
FlushFileBuffers
GetStringTypeA
GetStringTypeW
GetTimeFormatA
GetDateFormatA
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
IsValidCodePage
LCMapStringA
LCMapStringW
GetConsoleCP
GetConsoleMode
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
PeekConsoleInputA
LoadLibraryA
GetNumberOfConsoleInputEvents

user32

GetParent
GetWindow
SystemParametersInfoA
GetCursorPos
LoadMenuA
GetSubMenu
DeleteMenu
EnableMenuItem
CheckMenuItem
ModifyMenuA
TrackPopupMenu
DestroyMenu
GetDoubleClickTime
CharNextA
GetActiveWindow
FlashWindowEx
MapWindowPoints
MessageBoxA
ShowWindow
DefWindowProcA
GetWindowRect
SetWindowPos
SetWindowTextA
GetWindowLongA
SetWindowLongA
MsgWaitForMultipleObjects
PeekMessageA
IsWindowUnicode
GetMessageW
GetMessageA
TranslateMessage
DispatchMessageW
DispatchMessageA
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
LoadImageA
CallWindowProcA
IsChild
EnableWindow
DestroyWindow
PostMessageA
BringWindowToTop
GetClassInfoExA
UnregisterClassA
GetUserObjectInformationW
GetProcessWindowStation
GetDesktopWindow
FindWindowA
LoadCursorA
RegisterClassExA
CreateWindowExA
IsWindowVisible
SetTimer
KillTimer
PostQuitMessage
SetForegroundWindow
IsWindow
GetKeyState
RegisterDeviceNotificationA
GetClientRect
RegisterWindowMessageA
SendMessageA

advapi32

RegCloseKey
RegCreateKeyExA
RegSetValueExW
RegQueryValueExA
RegOpenKeyExA
RegDeleteKeyA
RegDeleteValueA
RegQueryInfoKeyA
RegEnumKeyExA
RegSetValueExA
DeregisterEventSource
ReportEventA
RegisterEventSourceA

shell32

ShellExecuteA
Shell_NotifyIconA

ole32

CoTaskMemFree
OleUninitialize
CoTaskMemRealloc
CLSIDFromProgID
StringFromIID
CoTaskMemAlloc
CoInitialize
CoUninitialize
OleInitialize
CoCreateInstance

oleaut32

VarBstrCat
DispCallFunc
VarUI4FromStr
LoadTypeLi
SysStringLen
SysStringByteLen
SysAllocStringByteLen
SysAllocString
SysAllocStringLen
VariantCopy
VariantClear
VariantInit
SysFreeString

wtsapi32

WTSUnRegisterSessionNotification
WTSRegisterSessionNotification

iphlpapi

GetAdaptersInfo

gdi32

CreateDCA
DeleteObject
GetBitmapBits
BitBlt
GetObjectA
SelectObject
CreateCompatibleBitmap
GetDeviceCaps
DeleteDC
CreateCompatibleDC

Sections

.text
Size: 756KB - Virtual size: 754KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 152KB - Virtual size: 151KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 52KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 60KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1fd98652b63439b71407f5fbc990381e

Code Sign

04:00:00:00:00:01:2f:4e:e1:52:d7Certificate

Key Usages

04:00:00:00:00:01:2f:4e:e1:35:5cCertificate

Extended Key Usages

Key Usages

11:21:40:5c:1f:0e:d2:58:88:2b:e5:4d:86:86:ba:11:ea:45Certificate

Extended Key Usages

Key Usages

11:21:7b:19:af:ad:ac:a6:e4:de:40:3a:61:89:3f:e4:b7:b7Certificate

Extended Key Usages

Key Usages

Signer

Headers

File Characteristics

PDB Paths

Imports

winmm

shlwapi

rasapi32

wininet

ws2_32

setupapi

psapi

kernel32

user32

advapi32

shell32

ole32

oleaut32

wtsapi32

iphlpapi

gdi32

Sections

.text Size: 756KB - Virtual size: 754KB

.rdata Size: 152KB - Virtual size: 151KB

.data Size: 52KB - Virtual size: 72KB

.rsrc Size: 60KB - Virtual size: 57KB

04:00:00:00:00:01:2f:4e:e1:52:d7
Certificate

04:00:00:00:00:01:2f:4e:e1:35:5c
Certificate

11:21:40:5c:1f:0e:d2:58:88:2b:e5:4d:86:86:ba:11:ea:45
Certificate

11:21:7b:19:af:ad:ac:a6:e4:de:40:3a:61:89:3f:e4:b7:b7
Certificate

.text
Size: 756KB - Virtual size: 754KB

.rdata
Size: 152KB - Virtual size: 151KB

.data
Size: 52KB - Virtual size: 72KB

.rsrc
Size: 60KB - Virtual size: 57KB