61756c66edbf91582ae21a8493a724de5a522caf955afcb1fdfb3899ccc8c4cc

Sharing

Copy URL Twitter E-mail

General

Target

61756c66edbf91582ae21a8493a724de5a522caf955afcb1fdfb3899ccc8c4cc
Size

3.8MB
MD5

513cc9fae0f1da1173a8209048db7281
SHA1

154be3c57d19121f5b08c0a8a59c3c0b410c29bf
SHA256

61756c66edbf91582ae21a8493a724de5a522caf955afcb1fdfb3899ccc8c4cc
SHA512

66c6bfb80f0a690367fbb9997389b94b0d77c035be655cf406cb211d200d262d9da0d1aa5588e84bf4ee74fc2ad4fb8b65edebb397a560ff5589bc11c670c6c8
SSDEEP

98304:BAVXFuqC3bKr1lRMxQ6D2UsiiUlD3OIZMi+3IfdbsZKrlbm1m9Af6dYG9laZZbfZ:BAV1GQ8VQIZMiCF

Score

1^/10

Malware Config

Signatures

Files

61756c66edbf91582ae21a8493a724de5a522caf955afcb1fdfb3899ccc8c4cc
.exe windows:5 windows x86 arch:x86

b391f1e4fbc7cbe018c7e3d295973f23

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

11:05:13:0c:98:cb:73:56:28:1b:7e:b5:b3:82:8c:a9
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

12/08/2013, 00:00

Not After

12/08/2015, 23:59

Subject

CN=Rene.E Laboratory Co.\, Ltd.,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Rene.E Laboratory Co.\, Ltd.,L=Jiangmen,ST=Guangdong,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

51:cb:8a:22:65:b0:1c:5d:03:c0:7a:e7:33:03:e4:7e:b8:08:87:d7
Signer

Actual PE Digest

51:cb:8a:22:65:b0:1c:5d:03:c0:7a:e7:33:03:e4:7e:b8:08:87:d7

Digest Algorithm

sha1

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\StarBurnSDK\Samples\StarBurn Core\MSVC\ImageBurner\Win32\Release Static libcmt\ImageBurner.pdb

Imports

kernel32

HeapReAlloc
HeapQueryInformation
HeapSize
GetSystemInfo
VirtualQuery
SetStdHandle
GetFileType
SetUnhandledExceptionFilter
GetStdHandle
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
HeapCreate
QueryPerformanceCounter
UnhandledExceptionFilter
IsDebuggerPresent
HeapAlloc
IsProcessorFeaturePresent
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
GetStringTypeW
LCMapStringW
GetConsoleCP
GetConsoleMode
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
WriteConsoleW
GetProcessHeap
SetEnvironmentVariableA
GetDateFormatW
GetTimeFormatW
ExitThread
GetSystemTimeAsFileTime
HeapFree
EncodePointer
DecodePointer
ExitProcess
RtlUnwind
RaiseException
GetStartupInfoW
HeapSetInformation
IsBadReadPtr
IsBadWritePtr
CreateEventA
FindFirstFileA
FindNextFileA
DeviceIoControl
GetTimeZoneInformation
GetModuleHandleA
GetModuleFileNameA
GetSystemTime
GetVersionExA
CreateFileA
GetUserDefaultLCID
SearchPathW
GetProfileIntW
GetTickCount
GetNumberFormatW
GetWindowsDirectoryW
GetTempPathW
GetTempFileNameW
GetFileTime
GetFileAttributesW
FileTimeToLocalFileTime
GetFileAttributesExW
SetErrorMode
FindResourceExW
lstrcpyW
GetSystemDirectoryW
GlobalFlags
SystemTimeToFileTime
FileTimeToSystemTime
GlobalGetAtomNameW
InterlockedIncrement
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
GlobalHandle
GlobalReAlloc
TlsGetValue
LocalAlloc
GetFullPathNameW
GetCurrentProcess
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
lstrcmpiW
GetThreadLocale
VirtualProtect
GetPrivateProfileStringW
WritePrivateProfileStringW
GetPrivateProfileIntW
SuspendThread
SetThreadPriority
GetCurrentThread
GetUserDefaultUILanguage
ConvertDefaultLocale
GetSystemDefaultUILanguage
GetLocaleInfoW
LoadLibraryExW
InterlockedExchange
GetCurrentProcessId
InterlockedDecrement
ReleaseActCtx
CreateActCtxW
GetCurrentThreadId
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
GetVersionExW
GetModuleHandleW
CompareStringW
InitializeCriticalSectionAndSpinCount
ActivateActCtx
DeactivateActCtx
lstrcmpW
CopyFileW
GlobalSize
lstrcmpA
SetLastError
GetVersion
GetLocalTime
Sleep
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetCurrentDirectoryW
LoadLibraryW
FreeResource
GlobalLock
GlobalUnlock
GlobalFree
MulDiv
CreateEventW
ResumeThread
CreateWaitableTimerW
SetWaitableTimer
WaitForMultipleObjects
SetEvent
ResetEvent
LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree
FreeLibrary
SetFilePointerEx
ReadFile
WriteFile
DeleteFileW
GetCurrentDirectoryA
GetLastError
GetCommandLineW
FormatMessageW
LocalFree
FindResourceW
LoadResource
LockResource
SizeofResource
FindFirstFileW
CreateFileW
GetFileSizeEx
FindClose
GetModuleFileNameW
SetCurrentDirectoryW
GlobalAlloc
CreateThread
GetDriveTypeA
WaitForSingleObject
CloseHandle
lstrlenW
QueryDosDeviceA
lstrlenA
GetVolumeInformationW
WideCharToMultiByte
MultiByteToWideChar
TerminateProcess
OutputDebugStringA

user32

WindowFromPoint
DeleteMenu
IntersectRect
UnregisterClassW
SetLayeredWindowAttributes
EnumDisplayMonitors
SetRectEmpty
CopyImage
RealChildWindowFromPoint
GetSysColorBrush
SystemParametersInfoW
DestroyMenu
GetMenuItemInfoW
InflateRect
MapVirtualKeyW
GetKeyNameTextW
CharUpperW
GetSystemMetrics
LoadMenuW
SetWindowContextHelpId
MapDialogRect
GetAsyncKeyState
ShowOwnedPopups
GetMessageW
TranslateMessage
GetCursorPos
PostQuitMessage
GetDesktopWindow
GetActiveWindow
CreateDialogIndirectParamW
GetNextDlgTabItem
EndDialog
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
ModifyMenuW
EnableMenuItem
CheckMenuItem
GetWindowThreadProcessId
EndPaint
BeginPaint
ClientToScreen
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
IsWindowEnabled
MoveWindow
SetWindowTextW
IsDialogMessageW
SetDlgItemTextW
CheckDlgButton
RegisterWindowMessageW
SendDlgItemMessageW
SendDlgItemMessageA
WinHelpW
IsChild
GetCapture
SetWindowsHookExW
CallNextHookEx
GetClassLongW
GetClassNameW
SetPropW
GetPropW
RemovePropW
GetFocus
GetWindowTextLengthW
GetWindowTextW
GetForegroundWindow
GetLastActivePopup
DispatchMessageW
BeginDeferWindowPos
EndDeferWindowPos
GetDlgItem
IsCharLowerW
DestroyWindow
WaitMessage
GetMessageTime
GetMessagePos
PeekMessageW
MonitorFromWindow
GetMonitorInfoW
MapWindowPoints
ScrollWindow
TrackPopupMenu
GetKeyState
SetMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
ShowScrollBar
IsWindowVisible
ValidateRect
UpdateWindow
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
AdjustWindowRectEx
ScreenToClient
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
SetWindowPlacement
GetWindowPlacement
GetDlgCtrlID
DefWindowProcW
CallWindowProcW
GetMenu
GetWindowLongW
CopyRect
GetWindow
GetMenuState
GetMenuStringW
AppendMenuW
GetMenuItemID
GetMenuItemCount
GetSubMenu
GetDoubleClickTime
CharUpperBuffW
CopyIcon
RemoveMenu
RedrawWindow
MessageBoxW
SendMessageW
DestroyCursor
PtInRect
GetClientRect
LoadImageW
KillTimer
SetTimer
ShowWindow
BringWindowToTop
IsWindow
SetWindowPos
GetWindowRect
SendNotifyMessageW
SetWindowLongW
LoadIconW
SetForegroundWindow
GetSystemMenu
InsertMenuW
PostMessageW
GetParent
InvalidateRect
GetDC
IsIconic
DestroyIcon
CharNextW
OffsetRect
CopyAcceleratorTableW
IsRectEmpty
SetRect
InvalidateRgn
GetNextDlgGroupItem
MessageBeep
IsZoomed
SetWindowRgn
GetProcessWindowStation
ReleaseDC
GetSysColor
FillRect
SetFocus
ReleaseCapture
SetCapture
SetActiveWindow
EnableWindow
SetCursor
LoadCursorW
GetWindowDC
GetUserObjectInformationA
MessageBoxA
GetWindowRgn
DrawIcon
SubtractRect
UnhookWindowsHookEx
MapVirtualKeyExW
EmptyClipboard
CloseClipboard
SetClipboardData
OpenClipboard
GetUpdateRect
FrameRect
IsClipboardFormatAvailable
SetMenuDefaultItem
PostThreadMessageW
CreateMenu
IsMenu
UpdateLayeredWindow
UnionRect
MonitorFromPoint
TranslateMDISysAccel
DrawMenuBar
DefMDIChildProcW
DefFrameProcW
RegisterClipboardFormatW
UnpackDDElParam
ReuseDDElParam
InsertMenuItemW
TranslateAcceleratorW
SetParent
GetIconInfo
EnableScrollBar
HideCaret
InvertRect
GetMenuDefaultItem
LockWindowUpdate
SetCursorPos
CreateAcceleratorTableW
LoadAcceleratorsW
GetKeyboardState
GetKeyboardLayout
ToUnicodeEx
DrawFocusRect
DrawFrameControl
DrawEdge
DrawIconEx
DrawStateW
SetClassLongW
NotifyWinEvent
CreatePopupMenu
GetTopWindow
DestroyAcceleratorTable

gdi32

SetTextAlign
GetLayout
SetLayout
SelectClipRgn
CreateRectRgn
GetViewportExtEx
GetWindowExtEx
GetPixel
PtVisible
RectVisible
TextOutW
ExtTextOutW
Escape
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
OffsetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
ExtSelectClipRgn
CreatePatternBrush
CreateBitmap
SelectPalette
GetObjectType
CreateHatchBrush
CreateRectRgnIndirect
PatBlt
CreateFontIndirectW
GetTextExtentPoint32W
CreateDIBitmap
GetTextMetricsW
EnumFontFamiliesW
GetTextCharsetInfo
SetRectRgn
MoveToEx
GetMapMode
DPtoLP
EnumFontFamiliesExW
GetBkColor
GetTextColor
GetRgnBox
CreateDIBSection
CreateRoundRectRgn
CreatePolygonRgn
CreateEllipticRgn
Polyline
Ellipse
Polygon
CreatePalette
GetPaletteEntries
GetNearestPaletteIndex
RealizePalette
GetSystemPaletteEntries
OffsetRgn
SetDIBColorTable
StretchBlt
SetPixel
Rectangle
LPtoDP
GetWindowOrgEx
GetViewportOrgEx
PtInRegion
FillRgn
FrameRgn
GetBoundsRect
ExtFloodFill
SetPaletteEntries
GetTextFaceW
SetPixelV
LineTo
IntersectClipRect
ExcludeClipRect
GetClipBox
SetMapMode
SetROP2
SetPolyFillMode
SetBkMode
RestoreDC
SaveDC
GetObjectW
SetBkColor
SetTextColor
CreateDCW
CopyMetaFileW
CreateFontW
GetDeviceCaps
DeleteObject
CreateCompatibleBitmap
DeleteDC
CreateSolidBrush
BitBlt
CreatePen
SelectObject
CombineRgn
GetStockObject
CreateCompatibleDC

msimg32

AlphaBlend
TransparentBlt

comdlg32

GetFileTitleA
GetFileTitleW

winspool.drv

OpenPrinterW
DocumentPropertiesW
ClosePrinter

advapi32

RegQueryValueExW
RegOpenKeyExW
RegCreateKeyExW
RegSetValueExW
RegDeleteValueW
RegDeleteKeyW
RegEnumKeyW
RegQueryValueW
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
RegEnumKeyExW
RegEnumValueW

shell32

SHBrowseForFolderW
ShellExecuteW
CommandLineToArgvW
SHGetFileInfoW
SHGetDesktopFolder
SHGetSpecialFolderLocation
DragFinish
SHGetPathFromIDListW
SHAppBarMessage
DragQueryFileW

comctl32

ord17
ImageList_GetIconSize

shlwapi

PathFileExistsA
SHGetValueW
PathFindExtensionW
PathFindFileNameW
PathStripToRootW
PathIsUNCW
PathRemoveFileSpecW

ole32

DoDragDrop
OleFlushClipboard
OleIsCurrentClipboard
OleLockRunning
IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CoInitializeEx
CoCreateInstance
CLSIDFromString
CLSIDFromProgID
CoCreateGuid
OleDuplicateData
CoTaskMemAlloc
ReleaseStgMedium
CreateStreamOnHGlobal
CoInitialize
CoTaskMemFree
CoUninitialize
CoRevokeClassObject
CoRegisterMessageFilter
RevokeDragDrop
CoLockObjectExternal
RegisterDragDrop
OleGetClipboard

oleaut32

SysAllocString
VariantCopy
VariantInit
SafeArrayDestroy
VariantTimeToSystemTime
SystemTimeToVariantTime
SysStringLen
VarBstrFromDate
OleCreateFontIndirect
VariantChangeType
VariantClear
SysAllocStringLen
OleLoadPicture
SysFreeString

oledlg

OleUIBusyW

oleacc

AccessibleObjectFromWindow
CreateStdAccessibleObject
LresultFromObject

gdiplus

GdipGetImageGraphicsContext
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStream
GdipGetImagePalette
GdipGetImagePaletteSize
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipCloneImage
GdipDrawImageRectI
GdipSetInterpolationMode
GdipCreateFromHDC
GdiplusShutdown
GdiplusStartup
GdipCreateBitmapFromHBITMAP
GdipDisposeImage
GdipDeleteGraphics
GdipAlloc
GdipFree
GdipDrawImageI

imm32

ImmReleaseContext
ImmGetContext
ImmGetOpenStatus

winmm

PlaySoundW

Exports

Exports

A0DB34FC6FE35D429A28ADDE5467D4D7

Sections

.text
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

SPTD
Size: 1024B - Virtual size: 921B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 447KB - Virtual size: 446KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 43KB - Virtual size: 144KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.9MB - Virtual size: 1.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b391f1e4fbc7cbe018c7e3d295973f23

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3bCertificate

Extended Key Usages

Key Usages

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50Certificate

Extended Key Usages

Key Usages

11:05:13:0c:98:cb:73:56:28:1b:7e:b5:b3:82:8c:a9Certificate

Extended Key Usages

Key Usages

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7Certificate

Extended Key Usages

Key Usages

51:cb:8a:22:65:b0:1c:5d:03:c0:7a:e7:33:03:e4:7e:b8:08:87:d7Signer

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

msimg32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

ole32

oleaut32

oledlg

oleacc

gdiplus

imm32

winmm

Exports

Exports

Sections

.text Size: 1.4MB - Virtual size: 1.4MB

SPTD Size: 1024B - Virtual size: 921B

.rdata Size: 447KB - Virtual size: 446KB

.data Size: 43KB - Virtual size: 144KB

.rsrc Size: 1.9MB - Virtual size: 1.9MB

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

11:05:13:0c:98:cb:73:56:28:1b:7e:b5:b3:82:8c:a9
Certificate

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

51:cb:8a:22:65:b0:1c:5d:03:c0:7a:e7:33:03:e4:7e:b8:08:87:d7
Signer

.text
Size: 1.4MB - Virtual size: 1.4MB

SPTD
Size: 1024B - Virtual size: 921B

.rdata
Size: 447KB - Virtual size: 446KB

.data
Size: 43KB - Virtual size: 144KB

.rsrc
Size: 1.9MB - Virtual size: 1.9MB