cd5b83d0bd0c77e8019ac2576cb21e00N[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

cd5b83d0bd0c77e8019ac2576cb21e00N.exe
Size

182KB
MD5

cd5b83d0bd0c77e8019ac2576cb21e00
SHA1

667b974c4267f8da8db53f4fe52ad7c7afb6b185
SHA256

636a02316b0d9d5e76a8cda37d264afa2fdf955c394ada2d9349711d29273ddf
SHA512

93c553139e5bcd3447342b83b039da318d14e71b7c67262f7a341f2d613de493927d358a0666b1d5f0c453a91cdf0709df350125c4f0a949451d2ae1f7ebcba4
SSDEEP

3072:P9RJi5HnWCbpxAwlO6oNBKTUUrV7PORyrU41fW2l/ZyWUjz65FnFmDUPEPd:hi9nWWxzU9jUJ7POR1yfW2lBdSzqWDU+

Score

1^/10

Malware Config

Signatures

Files

cd5b83d0bd0c77e8019ac2576cb21e00N.exe
.exe windows:5 windows x86 arch:x86

27c356765b9ab8092cbb8eb7c6552602

Code Sign

46:ee:15:bb:9a:4e:fa:74:b9:39:db:2c:e7:08:fd:83
Certificate

Issuer

CN=222222222

Not Before

13/02/2012, 04:39

Not After

31/12/2039, 23:59

Subject

CN=222222222

Extended Key Usages

ExtKeyUsageCodeSigning

cf:04:db:a4:c9:07:00:4b:ee:9a:34:96:ac:30:0e:dc:a3:fd:34:77
Signer

Actual PE Digest

cf:04:db:a4:c9:07:00:4b:ee:9a:34:96:ac:30:0e:dc:a3:fd:34:77

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetSystemInfo
GetProcAddress
LoadLibraryA
VirtualAlloc
GetWindowsDirectoryW

user32

DdeClientTransaction
DdeConnect
DdeDisconnectList
DdeGetLastError
DdeImpersonateClient
DdeReconnect
DefDlgProcA
DefWindowProcW
DeferWindowPos
DestroyAcceleratorTable
DialogBoxParamA
DlgDirListComboBoxA
DlgDirListW
DrawIconEx
EndTask
EnumClipboardFormats
EnumDesktopsA
EnumDisplaySettingsA
EnumDisplaySettingsExW
EnumDisplaySettingsW
EqualRect
ExcludeUpdateRgn
ExitWindowsEx
FillRect
FindWindowExA
FindWindowW
FlashWindowEx
FrameRect
GetActiveWindow
GetClassInfoExW
GetClassNameA
GetClipCursor
GetDC
GetDCEx
GetDlgItemInt
GetDlgItemTextA
GetDlgItemTextW
GetFocus
GetGUIThreadInfo
GetIconInfo
GetKeyboardLayout
GetKeyboardLayoutNameW
GetKeyboardType
GetMenuContextHelpId
GetMenuInfo
GetMenuItemID
GetMenuItemInfoA
GetMenuItemInfoW
GetMessageExtraInfo
GetMessageTime
GetMessageW
GetNextDlgGroupItem
GetParent
GetQueueStatus
GetScrollBarInfo
GetSystemMenu
DdeAddData
GetUserObjectInformationA
GetWindowLongA
GetWindowModuleFileNameA
GetWindowTextA
GetWindowTextW
IMPSetIMEW
InSendMessageEx
InflateRect
InvalidateRgn
IsCharAlphaNumericW
IsClipboardFormatAvailable
IsDlgButtonChecked
IsRectEmpty
IsWindowEnabled
IsWindowVisible
LoadAcceleratorsA
LoadBitmapW
LoadCursorFromFileA
LoadImageA
LoadKeyboardLayoutW
MapVirtualKeyA
MapVirtualKeyExA
MessageBeep
ModifyMenuA
MonitorFromRect
MsgWaitForMultipleObjects
OpenDesktopA
RealGetWindowClass
RegisterClassA
RegisterClipboardFormatW
RegisterDeviceNotificationW
SendIMEMessageExA
SendMessageTimeoutW
SendMessageW
SetActiveWindow
SetCaretBlinkTime
SetCaretPos
SetCursor
SetDlgItemTextW
SetLastErrorEx
SetMenu
SetMenuItemBitmaps
SetProcessDefaultLayout
SetProcessWindowStation
SetShellWindow
SetWindowTextA
SetWindowTextW
SetWindowWord
SetWindowsHookExA
ShowOwnedPopups
TabbedTextOutA
ToUnicodeEx
TrackMouseEvent
UnionRect
UnregisterClassW
UnregisterDeviceNotification
WINNLSEnableIME
WINNLSGetEnableStatus
wsprintfW
wvsprintfW
DdeAbandonTransaction
CreateMenu
CreateMDIWindowW
CreateIcon
CreateDialogIndirectParamW
CreateAcceleratorTableW
CountClipboardFormats
CharUpperBuffW
CharToOemW
CharLowerBuffA
CharLowerA
ChangeMenuW
ChangeDisplaySettingsA
CascadeChildWindows
CallNextHookEx
CallMsgFilterA
CallMsgFilter
BroadcastSystemMessageW
BroadcastSystemMessageA
BeginPaint
AdjustWindowRect
GetSystemMetrics

comdlg32

ChooseColorW
ChooseFontA
ChooseFontW
CommDlgExtendedError
FindTextA
ReplaceTextW
ReplaceTextA
PrintDlgW
PrintDlgExW
PrintDlgExA
PrintDlgA
PageSetupDlgW
PageSetupDlgA
GetSaveFileNameW
GetSaveFileNameA
GetOpenFileNameW
GetOpenFileNameA
GetFileTitleW
GetFileTitleA
FindTextW
ChooseColorA

ole32

CLSIDFromProgID
CLSIDFromProgIDEx
CoAllowSetForegroundWindow
CoBuildVersion
CoCreateInstance
CoDisconnectObject
CoFileTimeNow
CoFreeAllLibraries
CoGetCallContext
CoGetCancelObject
CoGetClassObject
CoGetCurrentLogicalThreadId
CoGetCurrentProcess
CoGetMarshalSizeMax
CoGetObject
CoGetObjectContext
CoGetStandardMarshal
CoGetTreatAsClass
CoInitialize
CoInitializeSecurity
CoInitializeWOW
CoMarshalHresult
CoQueryAuthenticationServices
CoRegisterChannelHook
CoRegisterMessageFilter
CoRegisterSurrogate
CoRegisterSurrogateEx
CoReleaseServerProcess
CoRevokeMallocSpy
CoSetProxyBlanket
CoSwitchCallContext
CoTaskMemAlloc
CoTaskMemFree
CoTreatAsClass
CoUnloadingWOW
CoUnmarshalInterface
CreateAntiMoniker
CreateDataCache
CreateGenericComposite
CreateILockBytesOnHGlobal
CreateObjrefMoniker
CreateOleAdviseHolder
CreatePointerMoniker
CreateStdProgressIndicator
FmtIdToPropStgName
FreePropVariantArray
GetConvertStg
GetDocumentBitStg
GetHGlobalFromILockBytes
GetRunningObjectTable
HACCEL_UserMarshal
HACCEL_UserUnmarshal
HBITMAP_UserFree
HBITMAP_UserMarshal
HBRUSH_UserFree
HDC_UserFree
HENHMETAFILE_UserMarshal
HENHMETAFILE_UserSize
HGLOBAL_UserMarshal
HGLOBAL_UserUnmarshal
HICON_UserMarshal
HMENU_UserFree
HMENU_UserMarshal
HMENU_UserSize
HMETAFILE_UserFree
HMETAFILE_UserSize
HMETAFILE_UserUnmarshal
HPALETTE_UserFree
HWND_UserMarshal
OleCreateDefaultHandler
OleCreateEmbeddingHelper
OleCreateFromDataEx
OleCreateLinkEx
OleCreateLinkFromDataEx
OleCreateLinkToFile
OleCreateMenuDescriptor
OleCreateStaticFromData
OleDraw
OleGetIconOfClass
OleInitializeWOW
OleIsRunning
OleMetafilePictFromIconAndLabel
OleNoteObjectVisible
OleQueryCreateFromData
OleQueryLinkFromData
OleRegGetUserType
OleSave
OleSaveToStream
OleSetClipboard
OleUninitialize
OpenOrCreateStream
PropVariantCopy
ReadFmtUserTypeStg
ReadStringStream
RegisterDragDrop
RevokeDragDrop
SNB_UserFree
SNB_UserMarshal
SNB_UserSize
STGMEDIUM_UserFree
STGMEDIUM_UserSize
STGMEDIUM_UserUnmarshal
StgConvertPropertyToVariant
StgCreateDocfile
StgCreateDocfileOnILockBytes
StgCreatePropStg
StgCreateStorageEx
StgGetIFillLockBytesOnFile
StgGetIFillLockBytesOnILockBytes
StgOpenPropStg
StgOpenStorage
StgOpenStorageOnILockBytes
StgPropertyLengthAsVariant
StgSetTimes
StringFromIID
UtConvertDvtd32toDvtd16
UtGetDvtd32Info
WdtpInterfacePointer_UserSize
WriteClassStg
WriteClassStm
WriteOleStg

Sections

.text
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 620B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text6
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text7
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text5
Size: 163KB - Virtual size: 162KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

27c356765b9ab8092cbb8eb7c6552602

Code Sign

46:ee:15:bb:9a:4e:fa:74:b9:39:db:2c:e7:08:fd:83Certificate

Extended Key Usages

cf:04:db:a4:c9:07:00:4b:ee:9a:34:96:ac:30:0e:dc:a3:fd:34:77Signer

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

comdlg32

ole32

Sections

.text Size: 11KB - Virtual size: 11KB

.data Size: 512B - Virtual size: 620B

.text6 Size: 2KB - Virtual size: 1KB

.text7 Size: 1024B - Virtual size: 1000B

.text5 Size: 163KB - Virtual size: 162KB

.reloc Size: 2KB - Virtual size: 2KB

46:ee:15:bb:9a:4e:fa:74:b9:39:db:2c:e7:08:fd:83
Certificate

cf:04:db:a4:c9:07:00:4b:ee:9a:34:96:ac:30:0e:dc:a3:fd:34:77
Signer

.text
Size: 11KB - Virtual size: 11KB

.data
Size: 512B - Virtual size: 620B

.text6
Size: 2KB - Virtual size: 1KB

.text7
Size: 1024B - Virtual size: 1000B

.text5
Size: 163KB - Virtual size: 162KB

.reloc
Size: 2KB - Virtual size: 2KB