2024092549de47474f8acec3a2a78e00d7e25a64floxifmagniber

Sharing

Copy URL Twitter E-mail

General

Target

2024092549de47474f8acec3a2a78e00d7e25a64floxifmagniber
Size

18.7MB
MD5

49de47474f8acec3a2a78e00d7e25a64
SHA1

d4de5e3cc6a34388921c2376fd8bfcc499eabe01
SHA256

cb0385f64b301613d0a6f91f31842042710c9d66f935aef00f8169ba7e22c176
SHA512

3330361fc61510e8b8c28b928e7a3eb0384dbddf055aa7d7179d57f0ba5cfb009059aca19b9830dbf1ccb35382be3680cc752cbb7e51bf87ab6aa8b974d9bb01
SSDEEP

393216:AwKqu+CSotfbU35EtaxtMmanJof+yB7rRY+L3um32s:/9JpEtaxtMmaGfP73Lv32s

Score

1^/10

Malware Config

Signatures

Files

2024092549de47474f8acec3a2a78e00d7e25a64floxifmagniber
.exe windows:5 windows x86 arch:x86

447b6878fe42aa2c8ca0f3cc81598f87

Code Sign

47:8a:8e:fb:59:e1:d8:3f:0c:e1:42:d2:a2:87:07:be
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

10/05/2010, 00:00

Not After

10/05/2015, 23:59

Subject

CN=COMODO Time Stamping Signer,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

a5:9f:51:84:24:a1:91:fc:34:e8:b6:37:f7:fb:20:c3
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

08/04/2009, 00:00

Not After

07/04/2012, 23:59

Subject

CN=Comodo Security Solutions\, Inc.,O=Comodo Security Solutions\, Inc.,POSTALCODE=07310,STREET=525 Washington Blvd,L=Jersey City,ST=New Jersey,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

f8:0d:8d:e1:d5:0f:12:ec:b8:67:3f:2e:b6:26:61:ff:b7:c8:e5:d1
Signer

Actual PE Digest

f8:0d:8d:e1:d5:0f:12:ec:b8:67:3f:2e:b6:26:61:ff:b7:c8:e5:d1

Digest Algorithm

sha1

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\ComodoTimeMachine\src\Symbols\Extrat86.pdb

Imports

version

VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW

kernel32

GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
InitializeCriticalSectionAndSpinCount
GetTimeZoneInformation
GetConsoleCP
GetConsoleMode
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA
SetEnvironmentVariableA
EnumResourceTypesW
EnumResourceNamesW
LocalSize
GetExitCodeThread
TerminateThread
ResetEvent
OpenProcess
LoadLibraryExW
LoadLibraryExA
VirtualQuery
VirtualProtect
GetSystemInfo
VirtualAlloc
IsDebuggerPresent
UnhandledExceptionFilter
CloseHandle
CreateFileW
DeviceIoControl
MultiByteToWideChar
SetLastError
GetSystemDefaultLCID
GetModuleFileNameW
SizeofResource
LockResource
LoadResource
FindResourceW
GetFileAttributesW
Sleep
GetModuleHandleW
FreeResource
GetTempPathW
GetTempFileNameW
CreateMutexW
GetLastError
GetSystemDefaultLangID
CreateThread
WaitForSingleObject
DeleteFileW
MoveFileExW
GetWindowsDirectoryW
CreateDirectoryW
SetFilePointer
WriteFile
ReadFile
FindFirstFileW
FindClose
FlushFileBuffers
GetProcAddress
GetCurrentProcess
HeapAlloc
GetProcessHeap
HeapReAlloc
TerminateProcess
GetSystemTimeAsFileTime
GetTickCount
QueryPerformanceCounter
VirtualFree
HeapCreate
GetStartupInfoA
GetFileType
SetHandleCount
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetModuleFileNameA
GetStdHandle
SetUnhandledExceptionFilter
HeapSize
ExitProcess
RaiseException
RtlUnwind
GetStartupInfoW
GetFileTime
GetFileSizeEx
SetErrorMode
WritePrivateProfileStringW
GlobalFlags
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
LocalAlloc
InterlockedIncrement
lstrlenA
HeapFree
FileTimeToLocalFileTime
FileTimeToSystemTime
GetModuleHandleA
GetCurrentProcessId
CreateEventW
WideCharToMultiByte
MulDiv
lstrlenW
LocalFree
SetEvent
ResumeThread
SetThreadPriority
GetFullPathNameW
GetVolumeInformationW
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
InterlockedDecrement
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesW
lstrcmpA
GetLocaleInfoW
CompareStringA
InterlockedExchange
GetCurrentThreadId
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
GetVersionExW
LoadLibraryW
CompareStringW
LoadLibraryA
FreeLibrary
lstrcmpW
GetVersionExA
GlobalFree
GlobalAlloc
GlobalLock
GlobalUnlock
FormatMessageW

user32

InvalidateRect
SetRectEmpty
DestroyIcon
UnregisterClassW
WaitMessage
ReleaseCapture
SetCapture
SystemParametersInfoW
DestroyMenu
GetMenuItemInfoW
InflateRect
LoadCursorW
GetSysColorBrush
EndPaint
BeginPaint
GetWindowDC
ReleaseDC
GetDC
ClientToScreen
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
FillRect
GetWindowThreadProcessId
SetCursor
GetMessageW
GetCursorPos
CharUpperW
PostQuitMessage
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
ModifyMenuW
EnableMenuItem
CheckMenuItem
ShowWindow
MoveWindow
SetWindowTextW
IsDialogMessageW
SendDlgItemMessageW
SendDlgItemMessageA
WinHelpW
GetCapture
SetWindowsHookExW
CallNextHookEx
GetClassLongW
GetClassNameW
SetPropW
GetPropW
RemovePropW
GetFocus
SetFocus
GetWindowTextLengthW
GetWindowTextW
GetForegroundWindow
GetLastActivePopup
SetRect
SetTimer
KillTimer
IsRectEmpty
GetSystemMenu
ValidateRect
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
MapWindowPoints
TrackPopupMenuEx
TrackPopupMenu
GetKeyState
SetMenu
SetScrollPos
GetScrollPos
SetForegroundWindow
IsWindowVisible
UpdateWindow
PostMessageW
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
GetSysColor
AdjustWindowRectEx
ScreenToClient
EqualRect
GetScrollInfo
SetScrollInfo
GetDlgCtrlID
DefWindowProcW
CallWindowProcW
CopyRect
PtInRect
GetMenu
SetWindowLongW
SetWindowPos
OffsetRect
IntersectRect
SystemParametersInfoA
GetWindowPlacement
GetWindow
GetWindowRect
LoadMenuW
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamW
DestroyWindow
IsWindow
GetWindowLongW
GetDlgItem
IsWindowEnabled
GetParent
GetNextDlgTabItem
EndDialog
GetMenuState
GetMenuStringW
GetMenuItemID
GetMenuItemCount
GetSubMenu
LookupIconIdFromDirectoryEx
RegisterClipboardFormatW
RegisterWindowMessageW
GetClientRect
GetSystemMetrics
IsIconic
LoadIconW
MessageBoxW
DispatchMessageW
TranslateMessage
PeekMessageW
GetDesktopWindow
SendMessageW
EnableWindow
SetWindowLongA
GetWindowLongA
IsWindowUnicode
EnumWindows
EnableScrollBar
CallWindowProcA
DefWindowProcA
DefFrameProcA
DefFrameProcW
DefDlgProcA
DefDlgProcW
DefMDIChildProcA
DefMDIChildProcW
RegisterClassA
DrawEdge
DrawFrameControl
DrawMenuBar
SendMessageTimeoutW
DrawIconEx
DrawStateW
SetWindowRgn
SetClassLongW
SetMenuDefaultItem
GetMenuDefaultItem
MessageBeep
DrawFocusRect
GetDoubleClickTime
GetIconInfo
CopyIcon
CreateIconIndirect
CreateIconFromResourceEx
LoadImageW

gdi32

SetWindowExtEx
ScaleWindowExtEx
ExtSelectClipRgn
DeleteDC
CreatePatternBrush
CreateCompatibleDC
GetStockObject
SelectPalette
GetObjectType
CreatePen
CreateSolidBrush
CreateRectRgnIndirect
PatBlt
GetTextExtentPoint32W
GetTextMetricsW
CreateFontIndirectW
CombineRgn
DPtoLP
StretchDIBits
CreateCompatibleBitmap
SetViewportExtEx
ScaleViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
Escape
ExtTextOutW
TextOutW
RectVisible
PtVisible
GetDeviceCaps
GetClipBox
SetTextColor
SetBkColor
GetObjectW
CreateBitmap
SaveDC
RestoreDC
SetBkMode
SetStretchBltMode
SetMapMode
ExcludeClipRect
IntersectClipRect
DeleteObject
SelectClipRgn
GetClipRgn
CreateRectRgn
BitBlt
GetPixel
OffsetRgn
GetDIBits
CreateDIBitmap
CreatePalette
Polygon
SetBrushOrgEx
CreateDIBSection
StretchBlt
GetTextCharsetInfo
GetTextColor

comdlg32

GetFileTitleW

winspool.drv

ClosePrinter
OpenPrinterW
DocumentPropertiesW

advapi32

CheckTokenMembership
FreeSid
RegOpenKeyExW
RegQueryValueExW
RegCloseKey
RegCreateKeyExW
RegSetValueExW
RegQueryValueW
RegEnumKeyW
RegDeleteKeyW
RegOpenKeyW
AllocateAndInitializeSid

shell32

ShellExecuteW

comctl32

InitCommonControlsEx
ImageList_Destroy
ImageList_GetIconSize
ImageList_DrawIndirect
ImageList_GetImageInfo
ImageList_GetBkColor
FlatSB_GetScrollProp
_TrackMouseEvent

shlwapi

PathIsUNCW
PathFindFileNameW
PathFindExtensionW
PathStripToRootW

ole32

CoCreateInstance

oleaut32

OleLoadPicturePath
VariantTimeToSystemTime
SystemTimeToVariantTime
SysAllocStringByteLen
SysStringByteLen
VariantClear
VariantChangeType
VariantInit
VariantCopy

msi

ord169
ord141
ord88

imagehlp

ImageDirectoryEntryToData

winmm

waveOutGetNumDevs
PlaySoundW

Sections

.text
Size: 468KB - Virtual size: 467KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 134KB - Virtual size: 133KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 14KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 18.0MB - Virtual size: 18.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 54KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

447b6878fe42aa2c8ca0f3cc81598f87

Code Sign

47:8a:8e:fb:59:e1:d8:3f:0c:e1:42:d2:a2:87:07:beCertificate

Extended Key Usages

Key Usages

a5:9f:51:84:24:a1:91:fc:34:e8:b6:37:f7:fb:20:c3Certificate

Extended Key Usages

Key Usages

f8:0d:8d:e1:d5:0f:12:ec:b8:67:3f:2e:b6:26:61:ff:b7:c8:e5:d1Signer

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

version

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

ole32

oleaut32

msi

imagehlp

winmm

Sections

.text Size: 468KB - Virtual size: 467KB

.rdata Size: 134KB - Virtual size: 133KB

.data Size: 14KB - Virtual size: 31KB

.rsrc Size: 18.0MB - Virtual size: 18.0MB

.reloc Size: 54KB - Virtual size: 54KB

47:8a:8e:fb:59:e1:d8:3f:0c:e1:42:d2:a2:87:07:be
Certificate

a5:9f:51:84:24:a1:91:fc:34:e8:b6:37:f7:fb:20:c3
Certificate

f8:0d:8d:e1:d5:0f:12:ec:b8:67:3f:2e:b6:26:61:ff:b7:c8:e5:d1
Signer

.text
Size: 468KB - Virtual size: 467KB

.rdata
Size: 134KB - Virtual size: 133KB

.data
Size: 14KB - Virtual size: 31KB

.rsrc
Size: 18.0MB - Virtual size: 18.0MB

.reloc
Size: 54KB - Virtual size: 54KB