d62e07e0e6b8a10bb8829b7b29d510951d66d9fc17e3502a58d44919e4c3231fN

Sharing

Copy URL

Twitter E-mail

General

Target

d62e07e0e6b8a10bb8829b7b29d510951d66d9fc17e3502a58d44919e4c3231fN
Size

288KB
MD5

e278a0582a721ac30591f3855a4d8eb0
SHA1

d13150b99b6b8191efb4bcb0fbd8faf22bc3eac9
SHA256

d62e07e0e6b8a10bb8829b7b29d510951d66d9fc17e3502a58d44919e4c3231f
SHA512

40612263fea22e09f0c1700fca5a4425dbd37cab1fcd798c0edf55bb5a26c2ec1bcffefba3c63380245b91589615ba58730588c99506f68d0c8d4a1fc8974d51
SSDEEP

6144:OKZBzsuDVx33lyUqqLSwAohoRaSwu5z469o09ZXbFslhe:dNsGVpz9A3RGh0r2lhe

Score

1^/10

Malware Config

Signatures

Files

d62e07e0e6b8a10bb8829b7b29d510951d66d9fc17e3502a58d44919e4c3231fN
.exe windows:4 windows x86 arch:x86

81fc10dbb4b074784c2387f6137cd50e

Code Sign

70:e7:24:0e:9c:31:68:6c:b8:90:13:5d:55:bb:50:47
Certificate

Issuer

CN=62esgfdgs

Not Before

23-02-2012 09:44

Not After

31-12-2039 23:59

Subject

CN=62esgfdgs

Extended Key Usages

ExtKeyUsageCodeSigning

80:d4:93:5f:5a:e3:ec:6e:eb:3c:f3:a0:ef:49:7a:40:91:6e:4c:e2
Signer

Actual PE Digest

80:d4:93:5f:5a:e3:ec:6e:eb:3c:f3:a0:ef:49:7a:40:91:6e:4c:e2

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetWindowsDirectoryW
lstrlenW
lstrcpyW
CreateFileW
VirtualAlloc
GetPrivateProfileSectionA
OpenJobObjectA
ContinueDebugEvent
InitializeCriticalSection
DosDateTimeToFileTime
lstrlen
GetProfileSectionW
GetHandleInformation
GetCommMask
InitializeCriticalSectionAndSpinCount
SetThreadPriority
GetVersionExA
ReadConsoleW
EscapeCommFunction
lstrcmpi
VirtualLock
RtlMoveMemory
BuildCommDCBA
IsSystemResumeAutomatic
WriteFileGather
FindNextFileW
GetComputerNameA
FreeResource
WaitForMultipleObjectsEx
GetVolumeNameForVolumeMountPointW
Heap32ListFirst
SetMessageWaitingIndicator
Beep
GetFileAttributesA
EnumResourceNamesA
UpdateResourceW
VirtualQuery
MapUserPhysicalPages
FlushInstructionCache
GetTempPathW
CreateTapePartition
CreateMailslotW
GetSystemWindowsDirectoryW
FileTimeToSystemTime
EnumSystemCodePagesW
lstrcpyA
GetCurrentProcess
FreeConsole
DeleteCriticalSection
TlsGetValue
IsValidLocale
AreFileApisANSI
GetNumberFormatA
UnmapViewOfFile
GetExitCodeThread
Thread32First
SetProcessPriorityBoost
GetComputerNameExW
WritePrivateProfileSectionW
GetComputerNameExA
GetConsoleAliasesLengthW
ReadConsoleA
DnsHostnameToComputerNameW
HeapLock
SetConsoleCursorInfo
TerminateThread
EnumResourceLanguagesA
DeleteFileA
GetEnvironmentStrings
GetSystemInfo
GetCPInfoExW
GetFileSize
GetMailslotInfo
SetLocalTime
EndUpdateResourceW
FillConsoleOutputAttribute
GetSystemDefaultLangID
GetCPInfoExA
_lcreat
CreateConsoleScreenBuffer
GetProfileIntA
DuplicateHandle
GetCurrentProcessId
CompareFileTime
WriteProfileStringA
Process32FirstW
GlobalUnWire
CopyFileExW
GetConsoleCursorInfo
GetTimeFormatA
Module32NextW
CreateFileMappingW
PurgeComm
WriteConsoleOutputAttribute
SetProcessAffinityMask
_lread
GlobalFlags
CreateRemoteThread
GetStringTypeExW
GetTapeStatus
SetCurrentDirectoryA
GenerateConsoleCtrlEvent
HeapValidate
FindNextChangeNotification
SetFileApisToANSI
DeleteAtom
GetSystemPowerStatus
IsProcessorFeaturePresent
GetFileAttributesExW
CreateNamedPipeW
GetConsoleAliasExesLengthW
DefineDosDeviceW
WritePrivateProfileStringA
GetCommConfig
EnumSystemLocalesW
GetCommandLineA
VerifyVersionInfoW
HeapSize
GetDiskFreeSpaceExA
SetEndOfFile
SetConsoleTextAttribute
FatalAppExitW
SetSystemTimeAdjustment
SetProcessShutdownParameters
WriteConsoleInputW
FindFirstVolumeMountPointW
GetNamedPipeInfo
ScrollConsoleScreenBufferA
GetCommandLineW
GetCommState
GetConsoleAliasesW
CompareStringA
GetComputerNameW
SetVolumeLabelW
MulDiv
FindResourceExA
SetSystemPowerState
ReadFileEx
GetFullPathNameA
SetFileTime
SetHandleCount
WaitNamedPipeA
SetConsoleMode

advapi32

RegOpenKeyExW

comctl32

ImageList_GetImageRect
ImageList_SetDragCursorImage
ImageList_Destroy
FlatSB_SetScrollPos
ImageList_Remove
FlatSB_EnableScrollBar
ImageList_DragShowNolock
CreatePropertySheetPage
ImageList_Duplicate
CreatePropertySheetPageA
FlatSB_SetScrollInfo
FlatSB_GetScrollRange
PropertySheetA
ImageList_SetImageCount
ord13
ImageList_GetBkColor
ImageList_Copy
ord14
FlatSB_SetScrollRange
ImageList_LoadImageW
ImageList_SetIconSize
DrawStatusText
ImageList_BeginDrag
UninitializeFlatSB
PropertySheetW
CreateToolbarEx
InitMUILanguage
ImageList_EndDrag
ImageList_Draw
ord6
FlatSB_GetScrollPos
ImageList_LoadImage
ImageList_Merge
ImageList_DragMove
ImageList_GetDragImage
ImageList_GetIconSize
_TrackMouseEvent
ord2
ImageList_GetImageInfo
CreatePropertySheetPageW
ImageList_SetBkColor
ImageList_DragEnter
ImageList_Replace
ImageList_DrawIndirect
ImageList_GetImageCount
ord17
ImageList_SetOverlayImage
ord4
ord15
InitializeFlatSB
CreateStatusWindowW
ImageList_Write
ImageList_DrawEx
ImageList_ReplaceIcon
ImageList_Create
ImageList_LoadImageA
ImageList_Add
ord8
PropertySheet
FlatSB_GetScrollInfo
FlatSB_GetScrollProp
ord16
ImageList_AddMasked
ImageList_Read
ImageList_SetFilter
ImageList_DragLeave
FlatSB_SetScrollProp
ord3
CreateStatusWindow
GetMUILanguage
InitCommonControlsEx
ImageList_GetIcon

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text11
Size: 263KB - Virtual size: 263KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text12
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.textH3
Size: 512B - Virtual size: 500B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.textH4
Size: 512B - Virtual size: 500B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.textH1
Size: 512B - Virtual size: 500B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.textH5
Size: 512B - Virtual size: 500B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.textH6
Size: 512B - Virtual size: 500B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.textH7
Size: 512B - Virtual size: 500B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.textH8
Size: 512B - Virtual size: 500B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.textH9
Size: 512B - Virtual size: 500B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.textH10
Size: 512B - Virtual size: 500B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.textH11
Size: 512B - Virtual size: 500B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

81fc10dbb4b074784c2387f6137cd50e

Code Sign

70:e7:24:0e:9c:31:68:6c:b8:90:13:5d:55:bb:50:47Certificate

Extended Key Usages

80:d4:93:5f:5a:e3:ec:6e:eb:3c:f3:a0:ef:49:7a:40:91:6e:4c:e2Signer

Headers

File Characteristics

Imports

kernel32

advapi32

comctl32

Sections

.text Size: 4KB - Virtual size: 3KB

.text11 Size: 263KB - Virtual size: 263KB

.text12 Size: 2KB - Virtual size: 1KB

.textH3 Size: 512B - Virtual size: 500B

.textH4 Size: 512B - Virtual size: 500B

.textH1 Size: 512B - Virtual size: 500B

.textH5 Size: 512B - Virtual size: 500B

.textH6 Size: 512B - Virtual size: 500B

.textH7 Size: 512B - Virtual size: 500B

.textH8 Size: 512B - Virtual size: 500B

.textH9 Size: 512B - Virtual size: 500B

.textH10 Size: 512B - Virtual size: 500B

.textH11 Size: 512B - Virtual size: 500B

.data Size: 6KB - Virtual size: 6KB

.rsrc Size: 4KB - Virtual size: 3KB

.reloc Size: 1KB - Virtual size: 1KB

70:e7:24:0e:9c:31:68:6c:b8:90:13:5d:55:bb:50:47
Certificate

80:d4:93:5f:5a:e3:ec:6e:eb:3c:f3:a0:ef:49:7a:40:91:6e:4c:e2
Signer

.text
Size: 4KB - Virtual size: 3KB

.text11
Size: 263KB - Virtual size: 263KB

.text12
Size: 2KB - Virtual size: 1KB

.textH3
Size: 512B - Virtual size: 500B

.textH4
Size: 512B - Virtual size: 500B

.textH1
Size: 512B - Virtual size: 500B

.textH5
Size: 512B - Virtual size: 500B

.textH6
Size: 512B - Virtual size: 500B

.textH7
Size: 512B - Virtual size: 500B

.textH8
Size: 512B - Virtual size: 500B

.textH9
Size: 512B - Virtual size: 500B

.textH10
Size: 512B - Virtual size: 500B

.textH11
Size: 512B - Virtual size: 500B

.data
Size: 6KB - Virtual size: 6KB

.rsrc
Size: 4KB - Virtual size: 3KB

.reloc
Size: 1KB - Virtual size: 1KB