9e74d1020ac85fb218415008a4de33dee509fcd95d5f6f2b0d8545a2caa67a02

Sharing

Copy URL Twitter E-mail

General

Target

9e74d1020ac85fb218415008a4de33dee509fcd95d5f6f2b0d8545a2caa67a02
Size

2.8MB
MD5

7b73fb1ed208b37880657b42c2e2e682
SHA1

22a65477ae1ac40150b02cc553b2c4bc157e43fb
SHA256

9e74d1020ac85fb218415008a4de33dee509fcd95d5f6f2b0d8545a2caa67a02
SHA512

93085eac8f77b82a1cc0764dabb40719637d6fbbf2d55a9bc0e0af883ab791b67dac9a4115935217f212f52d7240648b8da72c52d63b35d1da4c213977c7aea9
SSDEEP

49152:NW1TFg0XW2EyMm2AkJ9ql9p5/oUzq6Z4f2O8+uBBYnlWZWi/ALASNfHbEuO0l/:Nki0mtoGF6rOL+SnlWZWi/AXN1O05

Score

1^/10

Malware Config

Signatures

Files

9e74d1020ac85fb218415008a4de33dee509fcd95d5f6f2b0d8545a2caa67a02
.exe windows:4 windows x86 arch:x86

4b81ee2e747dac86cbf875d007b416b2

Code Sign

07:a1:4f:f1:af:c7:28:73:f9:8f:af:bb:da:fe:41:0f
Certificate

Issuer

OU=VeriSign Commercial Software Publishers CA,O=VeriSign\, Inc.,L=Internet

Not Before

01/08/2000, 00:00

Not After

25/07/2001, 23:59

Subject

CN=Dell Computer Corporation,OU=VeriSign Commercial Software Publishers CA+OU=www.verisign.com/repository/RPA Incorp. by Ref.\,LIAB.LTD(c)98+OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=Personal Systems Group,O=VeriSign\, Inc.,L=Internet+L=Round Rock,ST=Texas,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageKeyEncipherment

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

DefWindowProcA
GetClientRect
GetSystemMetrics
BeginPaint
GetSysColor
SetWindowWord
SetRect
EndPaint
RegisterClassA
UpdateWindow
GetWindowWord
LoadCursorA
OemToCharA
OemToCharBuffA
EnableWindow
SetWindowTextA
SendMessageA
ShowWindow
PostMessageA
GetLastActivePopup
KillTimer
SetTimer
GetWindowRect
DialogBoxIndirectParamA
SetCursor
SetWindowPos
GetDlgItemTextA
EndDialog
GetKeyState
PeekMessageA
TranslateMessage
DispatchMessageA
GetParent
SetDlgItemTextA
SendDlgItemMessageA
GetDlgItem
InvalidateRect
wsprintfA
MessageBoxA

kernel32

CreateDirectoryA
_lwrite
RtlUnwind
SetFileTime
GetModuleHandleA
SetErrorMode
GetCommandLineA
GetTempPathA
GetModuleFileNameA
GetVersion
GetWindowsDirectoryA
LocalFree
GlobalUnlock
LocalAlloc
GlobalFree
GlobalAlloc
GlobalHandle
GetProfileStringA
lstrcmpiA
GlobalLock
_llseek
_lclose
WinExec
lstrlenA
_lread
_lopen
FindClose
FindFirstFileA
SetCurrentDirectoryA
_lcreat
lstrcpyA
lstrcatA
LocalFileTimeToFileTime
DosDateTimeToFileTime

gdi32

SetBkColor
SetTextAlign
GetTextExtentPoint32A
GetBkColor
SetTextColor
DeleteObject
ExtTextOutA
CreateDCA
GetDeviceCaps
CreateFontIndirectA
DeleteDC
SelectObject

Sections

.text
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 147B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

_winzip_
Size: 2.7MB - Virtual size: 2.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4b81ee2e747dac86cbf875d007b416b2

Code Sign

07:a1:4f:f1:af:c7:28:73:f9:8f:af:bb:da:fe:41:0fCertificate

Key Usages

Signer

Headers

File Characteristics

Imports

user32

kernel32

gdi32

Sections

.text Size: 14KB - Virtual size: 14KB

.rdata Size: 512B - Virtual size: 147B

.data Size: 3KB - Virtual size: 5KB

.idata Size: 2KB - Virtual size: 2KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 2KB - Virtual size: 1KB

_winzip_ Size: 2.7MB - Virtual size: 2.7MB

07:a1:4f:f1:af:c7:28:73:f9:8f:af:bb:da:fe:41:0f
Certificate

.text
Size: 14KB - Virtual size: 14KB

.rdata
Size: 512B - Virtual size: 147B

.data
Size: 3KB - Virtual size: 5KB

.idata
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 2KB - Virtual size: 1KB

_winzip_
Size: 2.7MB - Virtual size: 2.7MB