0276904e0d7fcf409aa770c0c6ea1a905af30ad4a06f884b8477dc385115523e

Sharing

Copy URL Twitter E-mail

General

Target

0276904e0d7fcf409aa770c0c6ea1a905af30ad4a06f884b8477dc385115523e
Size

2.4MB
MD5

8e95b38ab07339df4cea6055c9378021
SHA1

20e951b17fefd13b2ccf2b6ca52aed7ff4267b02
SHA256

0276904e0d7fcf409aa770c0c6ea1a905af30ad4a06f884b8477dc385115523e
SHA512

42b0cf13948e5910e5391a091d5ba25df7def483ccded7d1e2e66d65ababface3442021bba869fe0c69134b8bb027a5f9dc86cfd623ab3db34e05f6effc5ae7b
SSDEEP

49152:FyPcqRVOkaWAqFnpu0WqpHl3TlCI2ZbTd1/doldoD:FyPczkP9pu0pHl3TlCI2Zl5doldoD

Score

1^/10

Malware Config

Signatures

Files

0276904e0d7fcf409aa770c0c6ea1a905af30ad4a06f884b8477dc385115523e
.exe windows:4 windows x86 arch:x86

2e1ced632212fec5e1fc8c6796fb2dc3

Code Sign

42:1a:f2:94:09:84:19:1f:52:0a:4b:c6:24:26:a7:4b
Certificate

Issuer

CN=AddTrust External CA Root,OU=AddTrust External TTP Network,O=AddTrust AB,C=SE

Not Before

07/06/2005, 08:09

Not After

30/05/2020, 10:48

Subject

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

47:8a:8e:fb:59:e1:d8:3f:0c:e1:42:d2:a2:87:07:be
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

10/05/2010, 00:00

Not After

10/05/2015, 23:59

Subject

CN=COMODO Time Stamping Signer,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

10:70:9d:4f:f5:54:08:d7:30:60:01:d8:ea:91:75:bb
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

24/08/2011, 00:00

Not After

30/05/2020, 10:48

Subject

CN=COMODO Code Signing CA 2,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

37:12:b6:4c:a4:ba:3f:10:38:d9:ea:d6:a9:aa:29:77
Certificate

Issuer

CN=COMODO Code Signing CA 2,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

21/01/2013, 00:00

Not After

21/01/2016, 23:59

Subject

CN=Blue Mango Multimedia LLC,O=Blue Mango Multimedia LLC,POSTALCODE=22101,STREET=1948 Foxhall Road,L=McLean,ST=Virginia,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

b1:2a:a8:3c:91:9a:c6:f8:10:b1:26:c3:9a:8f:cd:07:71:ca:15:34
Signer

Actual PE Digest

b1:2a:a8:3c:91:9a:c6:f8:10:b1:26:c3:9a:8f:cd:07:71:ca:15:34

Digest Algorithm

sha1

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\Workspace\livecode\_build\windows\release\standalone-commercial.pdb

Imports

oleaut32

VariantInit
VariantChangeType
VariantClear
SysStringLen
SysAllocStringLen

winmm

timeKillEvent
mciSendCommandA
mciGetErrorStringA
mciSendStringA
waveOutReset
waveOutClose
waveOutGetVolume
waveOutOpen
waveOutSetVolume
waveOutWrite
waveOutUnprepareHeader
timeBeginPeriod
waveOutPrepareHeader
timeEndPeriod
timeGetTime
timeSetEvent

imm32

ImmSetCandidateWindow
ImmSetCompositionWindow
ImmReleaseContext
ImmGetCompositionStringW
ImmGetCompositionStringA
ImmGetContext
ImmNotifyIME
ImmGetProperty

ws2_32

__WSAFDIsSet
WSASetLastError
ntohs
getservbyport
gethostbyaddr
htons
getservbyname
htonl
select
sendto
recvfrom
recv
send
setsockopt
listen
bind
connect
WSAGetLastError
accept
closesocket
WSAAsyncSelect
socket
WSAIoctl
inet_ntoa
getpeername
getsockname
inet_addr
ioctlsocket
gethostname
WSAStartup
gethostbyname

rpcrt4

UuidToStringA
RpcStringFreeA

msimg32

AlphaBlend

user32

InvalidateRect
MessageBoxA
PostThreadMessageW
PostThreadMessageA
CreateWindowExA
wsprintfA
MsgWaitForMultipleObjects
PeekMessageA
PostMessageA
AdjustWindowRectEx
SetWindowLongA
GetWindowLongA
GetWindowRect
MoveWindow
EnableWindow
UpdateLayeredWindow
DestroyWindow
RedrawWindow
SetLayeredWindowAttributes
SetWindowPos
EnableMenuItem
GetSystemMenu
SetWindowLongW
CreateWindowExW
IsWindowVisible
GetWindowLongW
UpdateWindow
InvalidateRgn
EndPaint
BeginPaint
GetUpdateRgn
SetWindowRgn
SetParent
DefWindowProcA
GetParent
SendMessageA
SetCursorPos
GetAsyncKeyState
OffsetRect
IntersectRect
SystemParametersInfoA
IsIconic
GetWindowPlacement
DestroyIcon
LoadCursorA
SetCursor
LoadIconA
RegisterClassW
RegisterClassA
GetCaretBlinkTime
GetDoubleClickTime
GetDesktopWindow
FindWindowA
FindWindowExA
KillTimer
SetActiveWindow
GetMessageA
ScrollWindowEx
ClientToScreen
MessageBeep
SetWindowTextW
SetWindowTextA
GetActiveWindow
BeginDeferWindowPos
DeferWindowPos
GetWindow
EndDeferWindowPos
TrackPopupMenu
CreatePopupMenu
InsertMenuItemA
GetMenuItemCount
GetMenuItemInfoA
GetSystemMetrics
CreateIconIndirect
GetClipboardFormatNameA
RegisterClipboardFormatA
WindowFromPoint
RegisterWindowMessageA
TranslateMessage
DispatchMessageW
PeekMessageW
DispatchMessageA
GetFocus
IsWindowUnicode
DefWindowProcW
GetMessageTime
GetKeyboardLayout
ReleaseDC
ReleaseCapture
GetCursorPos
GetKeyboardState
GetKeyState
FillRect
GetClientRect
SetForegroundWindow
SendMessageTimeoutA
ScreenToClient
SetCapture
SetRect
SetFocus
ShowWindow
GetDC

gdi32

CreateEnhMetaFileW
CreateFontIndirectW
GetObjectType
TranslateCharsetInfo
GetTextCharset
GetDCOrgEx
SetDIBitsToDevice
CreateDCA
StartPage
AbortDoc
EndDoc
StartDocA
GetWindowOrgEx
GetWindowExtEx
CreateRectRgnIndirect
BeginPath
CreateBrushIndirect
MoveToEx
LineTo
ExtEscape
StretchDIBits
EndPath
WidenPath
SelectClipPath
GetClipBox
GetObjectW
CreateCompatibleBitmap
CreateICA
GetDeviceCaps
GetEnhMetaFileHeader
SetMapMode
SetViewportExtEx
MaskBlt
GetTextExtentPoint32W
TextOutW
TextOutA
RoundRect
Polygon
PolyPolyline
Polyline
SetBrushOrgEx
UnrealizeObject
CreateSolidBrush
CreatePatternBrush
CreateBitmap
ExtCreatePen
GdiFlush
ExtSelectClipRgn
SetTextColor
SetBkColor
GetObjectA
SetTextAlign
Ellipse
Pie
Arc
CreateDIBSection
SetWinMetaFileBits
SetEnhMetaFileBits
PlayEnhMetaFile
EnumEnhMetaFile
PlayEnhMetaFileRecord
SetROP2
SetViewportOrgEx
EnumFontFamiliesA
CreateFontIndirectA
GetTextFaceA
GetCharWidth32A
GetTextExtentPoint32A
CreateDIBitmap
GetTextMetricsA
CloseEnhMetaFile
GetEnhMetaFileBits
DeleteEnhMetaFile
CreateEnhMetaFileA
CreateCompatibleDC
DeleteDC
CreateMetaFileA
SetWindowOrgEx
SetWindowExtEx
SetBkMode
SetStretchBltMode
SaveDC
StretchBlt
RestoreDC
CloseMetaFile
DeleteMetaFile
LPtoDP
ExtCreateRegion
GetRegionData
GetStockObject
Rectangle
SelectClipRgn
CombineRgn
OffsetRgn
SetRectRgn
GetRgnBox
CreateRectRgn
DeleteObject
BitBlt
SelectObject
EndPage

winspool.drv

DeviceCapabilitiesA
DocumentPropertiesA
ClosePrinter
OpenPrinterA
ord203
ord201
EnumPrintersA

comdlg32

GetOpenFileNameA
CommDlgExtendedError
PrintDlgA
ChooseColorA
PrintDlgExA
GetSaveFileNameA
PageSetupDlgA

advapi32

RegEnumKeyExA
RegDeleteKeyA
RegCloseKey
RegQueryInfoKeyA
RegEnumValueA
CryptAcquireContextW
CryptGenRandom
CryptReleaseContext
RegCreateKeyExA
RegDeleteValueA
RegSetValueExA
RegQueryValueExA
RegOpenKeyExA

shell32

Shell_NotifyIconA
SHBrowseForFolderA
SHGetMalloc
DragQueryFileA
SHGetSpecialFolderLocation
ShellExecuteA
ShellExecuteExA
SHGetPathFromIDListA

ole32

CLSIDFromProgID
DoDragDrop
RevokeDragDrop
CoLockObjectExternal
RegisterDragDrop
ProgIDFromCLSID
OleSetClipboard
OleIsCurrentClipboard
OleFlushClipboard
ReleaseStgMedium
CoTaskMemFree
OleInitialize
CoCreateInstance
CoCreateGuid
OleUninitialize
OleGetClipboard

usp10

ScriptBreak
ScriptStringAnalyse
ScriptLayout
ScriptItemize
ScriptStringOut
ScriptShape
ScriptPlace
ScriptFreeCache

mscms

DeleteColorTransform
GetColorProfileHeader
CreateMultiProfileTransform
TranslateBitmapBits
OpenColorProfileA
CloseColorProfile

crypt32

CertEnumCertificatesInStore
CertCloseStore
CertVerifyTimeValidity
CertOpenSystemStoreW
CertVerifyCRLTimeValidity
CertEnumCRLsInStore

iphlpapi

GetNetworkParams
GetAdaptersInfo

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

kernel32

SetHandleInformation
CreateProcessA
ResumeThread
GetModuleHandleA
GetProcAddress
FreeLibrary
IsDBCSLeadByteEx
WideCharToMultiByte
GetLocaleInfoA
MultiByteToWideChar
FindClose
WriteFile
SetFilePointer
FlushFileBuffers
SetEndOfFile
ReadFile
CloseHandle
UnmapViewOfFile
GetFileSize
GetLastError
GetLogicalDriveStringsA
GetCurrentDirectoryA
TerminateProcess
GetExitCodeProcess
WaitForSingleObject
PeekNamedPipe
Sleep
TerminateThread
FindNextFileA
FindFirstFileA
MapViewOfFile
CreateFileMappingA
SetCommTimeouts
SetCommState
BuildCommDCBA
GetCommState
CreateFileA
SetThreadPriority
CreateThread
GetShortPathNameA
lstrcpyA
FreeEnvironmentStringsA
GetEnvironmentStrings
GetCurrentThreadId
GetWindowsDirectoryA
GetTempPathA
lstrlenA
SetEvent
ResetEvent
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
CreateEventW
DeleteCriticalSection
SwitchToFiber
DeleteFiber
CreateFiberEx
ConvertThreadToFiber
GetModuleFileNameA
SetErrorMode
GlobalAlloc
GlobalUnlock
GlobalLock
OpenProcess
LoadLibraryA
DuplicateHandle
MulDiv
GetCurrentProcessId
GetFileInformationByHandle
DeleteFileA
GetACP
GetLocaleInfoW
GlobalSize
GetProfileStringA
GlobalFree
Beep
CreateMutexA
GetModuleHandleW
ReleaseMutex
FindNextFileW
FindFirstFileW
GetFileAttributesW
GlobalReAlloc
ExitProcess
GetCommandLineA
HeapFree
HeapAlloc
GetProcessHeap
GetStartupInfoA
HeapReAlloc
FileTimeToSystemTime
FileTimeToLocalFileTime
GetDriveTypeA
GetTimeZoneInformation
GetSystemTimeAsFileTime
SetFileAttributesA
MoveFileA
SetConsoleCtrlHandler
InterlockedIncrement
InterlockedDecrement
UnhandledExceptionFilter
SetUnhandledExceptionFilter
ExitThread
RtlUnwind
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
RaiseException
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
HeapDestroy
WriteConsoleW
HeapCreate
VirtualFree
QueryPerformanceCounter
GetTickCount
VirtualAlloc
GetCPInfo
GetOEMCP
OpenThread
SetCurrentDirectoryA
GetFileAttributesA
GetNamedPipeInfo
GetCurrentProcess
GetSystemDirectoryA
CreatePipe
CreateDirectoryA
RemoveDirectoryA
LoadLibraryExA
GetVersionExA
CopyFileA
GetStdHandle
LCMapStringA
LCMapStringW
IsDebuggerPresent
GetFullPathNameA
SetEnvironmentVariableA
SetEnvironmentVariableW
HeapSize
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
IsValidCodePage
GetStringTypeA
GetStringTypeW
CompareStringA
CompareStringW
SetStdHandle
GetConsoleCP
GetConsoleMode
WriteConsoleA
GetConsoleOutputCP
GetDiskFreeSpaceW

Sections

.text
Size: 1.8MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 196KB - Virtual size: 194KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 88KB - Virtual size: 99KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.project
Size: 44KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 312KB - Virtual size: 312KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2e1ced632212fec5e1fc8c6796fb2dc3

Code Sign

42:1a:f2:94:09:84:19:1f:52:0a:4b:c6:24:26:a7:4bCertificate

Key Usages

47:8a:8e:fb:59:e1:d8:3f:0c:e1:42:d2:a2:87:07:beCertificate

Extended Key Usages

Key Usages

10:70:9d:4f:f5:54:08:d7:30:60:01:d8:ea:91:75:bbCertificate

Extended Key Usages

Key Usages

37:12:b6:4c:a4:ba:3f:10:38:d9:ea:d6:a9:aa:29:77Certificate

Extended Key Usages

Key Usages

b1:2a:a8:3c:91:9a:c6:f8:10:b1:26:c3:9a:8f:cd:07:71:ca:15:34Signer

Headers

File Characteristics

PDB Paths

Imports

oleaut32

winmm

imm32

ws2_32

rpcrt4

msimg32

user32

gdi32

winspool.drv

comdlg32

advapi32

shell32

ole32

usp10

mscms

crypt32

iphlpapi

version

kernel32

Sections

.text Size: 1.8MB - Virtual size: 1.8MB

.rdata Size: 196KB - Virtual size: 194KB

.data Size: 88KB - Virtual size: 99KB

.project Size: 44KB - Virtual size: 44KB

.rsrc Size: 312KB - Virtual size: 312KB

42:1a:f2:94:09:84:19:1f:52:0a:4b:c6:24:26:a7:4b
Certificate

47:8a:8e:fb:59:e1:d8:3f:0c:e1:42:d2:a2:87:07:be
Certificate

10:70:9d:4f:f5:54:08:d7:30:60:01:d8:ea:91:75:bb
Certificate

37:12:b6:4c:a4:ba:3f:10:38:d9:ea:d6:a9:aa:29:77
Certificate

b1:2a:a8:3c:91:9a:c6:f8:10:b1:26:c3:9a:8f:cd:07:71:ca:15:34
Signer

.text
Size: 1.8MB - Virtual size: 1.8MB

.rdata
Size: 196KB - Virtual size: 194KB

.data
Size: 88KB - Virtual size: 99KB

.project
Size: 44KB - Virtual size: 44KB

.rsrc
Size: 312KB - Virtual size: 312KB