44407caff12e1675d5d9178af59daac0ec5d5c7f30134004d2077b29aad6a2d2N

Sharing

Copy URL

Twitter E-mail

General

Target

44407caff12e1675d5d9178af59daac0ec5d5c7f30134004d2077b29aad6a2d2N
Size

355KB
MD5

7c4c3fcfd5de1848b871c373b8044180
SHA1

67f3f5eb1ea6d329932a2635ea9abe11039da82e
SHA256

44407caff12e1675d5d9178af59daac0ec5d5c7f30134004d2077b29aad6a2d2
SHA512

d75254048102c35247e0f791fe0b88311427a9922ae587997b07b2e5f69fb2c2ea03013e50e3d6b98b6c6475ac8d7a8f714d02431674a4bff5d536e5f1d8aaa1
SSDEEP

6144:SCDQFwuFFR4PpwY0W5VT6e5yJE0Ra2lRq2PA2BV+UdvrEFp7hK/:0NRmX55VTxyJEe/lRJJBjvrEH74

Score

1^/10

Malware Config

Signatures

Files

44407caff12e1675d5d9178af59daac0ec5d5c7f30134004d2077b29aad6a2d2N
.exe windows:5 windows x86 arch:x86

213e735115eb176ea0b7e04c816776cd

Code Sign

04:00:00:00:00:01:2f:4e:e1:52:d7
Certificate

Issuer

CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE

Not Before

13/04/2011, 10:00

Not After

28/01/2028, 12:00

Subject

CN=GlobalSign Timestamping CA - G2,O=GlobalSign nv-sa,C=BE

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

04:00:00:00:00:01:2f:4e:e1:35:5c
Certificate

Issuer

CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE

Not Before

13/04/2011, 10:00

Not After

13/04/2019, 10:00

Subject

CN=GlobalSign CodeSigning CA - G2,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

11:21:d6:68:3a:85:1e:98:1f:37:76:dc:28:60:5d:c8:30:ef
Certificate

Issuer

CN=GlobalSign CodeSigning CA - G2,O=GlobalSign nv-sa,C=BE

Not Before

05/02/2013, 13:53

Not After

06/02/2016, 13:53

Subject

CN=Noriyuki MIYAZAKI,C=JP

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

11:21:06:a0:81:d3:3f:d8:7a:e5:82:4c:c1:6b:52:09:4e:03
Certificate

Issuer

CN=GlobalSign Timestamping CA - G2,O=GlobalSign nv-sa,C=BE

Not Before

03/02/2015, 00:00

Not After

03/03/2026, 00:00

Subject

CN=GlobalSign TSA for MS Authenticode - G2,O=GMO GlobalSign Pte Ltd,C=SG

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

55:f4:29:04:a4:7c:e6:61:10:4a:5e:88:1f:c7:21:47:c8:35:bb:8e
Signer

Actual PE Digest

55:f4:29:04:a4:7c:e6:61:10:4a:5e:88:1f:c7:21:47:c8:35:bb:8e

Digest Algorithm

sha1

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\HotProject\DiskMark5\diskspd\diskspd_vs2015\Release\diskspd32.pdb

Imports

kernel32

DeviceIoControl
GetQueuedCompletionStatus
WriteFileEx
SetEndOfFile
WaitForSingleObject
Sleep
GetFileAttributesA
CreateFileA
GetCurrentThread
TerminateThread
WaitForSingleObjectEx
GetSystemInfo
ReadFileEx
WriteFile
SetThreadIdealProcessor
GetProcAddress
SetFilePointerEx
GetFileSize
GetComputerNameExA
CreateDirectoryA
SetFileValidData
CreateIoCompletionPort
LoadLibraryExW
GetTickCount
VirtualAlloc
QueryPerformanceFrequency
QueryPerformanceCounter
GetCurrentProcess
VirtualFree
GetFileSizeEx
ReadFile
SetThreadAffinityMask
CreateEventA
CloseHandle
SetEvent
GetLastError
CreateThread
OpenEventA
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
GetModuleHandleW
EncodePointer
RaiseException
GetModuleFileNameW
SetLastError
RtlUnwind
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
GetStdHandle
GetFileType
GetModuleFileNameA
GetModuleHandleExW
WriteConsoleW
ExitProcess
MultiByteToWideChar
WideCharToMultiByte
GetCommandLineA
GetCommandLineW
GetACP
HeapFree
HeapAlloc
CompareStringW
LCMapStringW
GetStringTypeW
OutputDebugStringW
FindClose
FindFirstFileExA
FindNextFileA
IsValidCodePage
GetOEMCP
GetCPInfo
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableA
SetStdHandle
GetProcessHeap
FlushFileBuffers
GetConsoleCP
GetConsoleMode
HeapSize
HeapReAlloc
CreateFileW
DecodePointer
SetConsoleCtrlHandler
LocalFree

advapi32

SystemFunction036
AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken

ole32

CoCreateInstance
CoInitialize
CoUninitialize

oleaut32

VariantClear
SysFreeString
SysAllocString

Sections

.text
Size: 192KB - Virtual size: 191KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

213e735115eb176ea0b7e04c816776cd

Code Sign

04:00:00:00:00:01:2f:4e:e1:52:d7Certificate

Key Usages

04:00:00:00:00:01:2f:4e:e1:35:5cCertificate

Extended Key Usages

Key Usages

11:21:d6:68:3a:85:1e:98:1f:37:76:dc:28:60:5d:c8:30:efCertificate

Extended Key Usages

Key Usages

11:21:06:a0:81:d3:3f:d8:7a:e5:82:4c:c1:6b:52:09:4e:03Certificate

Extended Key Usages

Key Usages

55:f4:29:04:a4:7c:e6:61:10:4a:5e:88:1f:c7:21:47:c8:35:bb:8eSigner

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

advapi32

ole32

oleaut32

Sections

.text Size: 192KB - Virtual size: 191KB

.rdata Size: 68KB - Virtual size: 67KB

.data Size: 2KB - Virtual size: 5KB

.rsrc Size: 512B - Virtual size: 480B

.reloc Size: 9KB - Virtual size: 9KB

04:00:00:00:00:01:2f:4e:e1:52:d7
Certificate

04:00:00:00:00:01:2f:4e:e1:35:5c
Certificate

11:21:d6:68:3a:85:1e:98:1f:37:76:dc:28:60:5d:c8:30:ef
Certificate

11:21:06:a0:81:d3:3f:d8:7a:e5:82:4c:c1:6b:52:09:4e:03
Certificate

55:f4:29:04:a4:7c:e6:61:10:4a:5e:88:1f:c7:21:47:c8:35:bb:8e
Signer

.text
Size: 192KB - Virtual size: 191KB

.rdata
Size: 68KB - Virtual size: 67KB

.data
Size: 2KB - Virtual size: 5KB

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 9KB - Virtual size: 9KB