not-a-virus:HEUR:Monitor.Win32.Ardamax.gen (Kaspersky), Gen:Variant.FAkeAlert.105 (B) (Emsisoft), Gen:Variant.FAkeAlert.105 (AdAware), SpyTool.Win32.Ardamax.FD, GenericEmailWorm.YR (Lavasoft MAS)Behaviour: Worm, EmailWorm, Monitor, SpyTool
The description has been automatically generated by Lavasoft Malware Analysis System and it may contain incomplete or inaccurate information.
Summary
MD5: 99b0e273b3fa354bc947313b886191fe
SHA1: dd6c9795a8a8f98c5d011714f5d356d10917b1a8
SHA256: 39332efd08d9fd0aa9a0aafa4ff506b51c571da800c5a009001eeacfb7a0b2ba
SSDeep: 49152:hkQCrPQJWzfkXPnCBemxuk9jVyXiQ8QKcyQmbFjEC1:h3YhMXPnCBemUk9KiQ8QKFbFoi
Size: 2257408 bytes
File type: EXE
Platform: WIN32
Entropy: Packed
PEID: UPolyXv05_v6
Company: no certificate found
Created at: 2016-01-20 15:53:30
Analyzed on: WindowsXP SP3 32-bit
Summary: Worm. A program that is primarily replicating on networks or removable drives.
Dynamic Analysis
Payload
| Behaviour | Description |
|---|---|
| EmailWorm | Worm can send e-mails. |
Process activity
The Worm creates the following process(es):
%original file name%.exe:484
The Worm injects its code into the following process(es):
AYL.exe:948
Mutexes
The following mutexes were created/opened:No objects were found.
File activity
The process %original file name%.exe:484 makes changes in the file system.
The Worm creates and/or writes to the following file(s):
%Documents and Settings%\All Users\Application Data\MGEQBV\AYL.01 (80 bytes)
%Documents and Settings%\All Users\Application Data\MGEQBV\AYL.02 (55 bytes)
%Documents and Settings%\All Users\Application Data\MGEQBV\AYL.00 (2 bytes)
%Documents and Settings%\All Users\Application Data\MGEQBV\AYL.exe (17629 bytes)
Registry activity
The process %original file name%.exe:484 makes changes in the system registry.
The Worm creates and/or sets the following values in system registry:
[HKLM\SOFTWARE\Microsoft\Cryptography\RNG]
"Seed" = "C9 ED 6D DA BF EC 11 05 38 B1 ED 69 8A 2C 6E 70"
[HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c155cd73-744b-11e2-8294-806d6172696f}]
"BaseClass" = "Drive"
[HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders]
"Cookies" = "%Documents and Settings%\%current user%\Cookies"
"Cache" = "%Documents and Settings%\%current user%\Local Settings\Temporary Internet Files"
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders]
"Common Documents" = "%Documents and Settings%\All Users\Documents"
[HKCU\Software\Microsoft\Windows\ShellNoRoam\MUICache\%Documents and Settings%\All Users\Application Data\MGEQBV]
"AYL.exe" = "AYL"
[HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders]
"Desktop" = "%Documents and Settings%\%current user%\Desktop"
[HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c155cd72-744b-11e2-8294-806d6172696f}]
"BaseClass" = "Drive"
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders]
"Common AppData" = "%Documents and Settings%\All Users\Application Data"
[HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c155cd75-744b-11e2-8294-806d6172696f}]
"BaseClass" = "Drive"
[HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders]
"AppData" = "%Documents and Settings%\%current user%\Application Data"
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders]
"Common Desktop" = "%Documents and Settings%\All Users\Desktop"
[HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b98117e8-75ca-11e2-81b2-000c293708fb}]
"BaseClass" = "Drive"
[HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders]
"Personal" = "%Documents and Settings%\%current user%\My Documents"
The Worm modifies IE settings for security zones to map all urls to the Intranet Zone:
[HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap]
"IntranetName" = "1"
The Worm modifies IE settings for security zones to map all local web-nodes with no dots which do not refer to any zone to the Intranet Zone:
"UNCAsIntranet" = "1"
The Worm modifies IE settings for security zones to map all web-nodes that bypassing the proxy to the Intranet Zone:
"ProxyBypass" = "1"
The process AYL.exe:948 makes changes in the system registry.
The Worm creates and/or sets the following values in system registry:
[HKLM\SOFTWARE\Microsoft\Cryptography\RNG]
"Seed" = "7E C1 F1 BD 8A 97 CB F6 9F C7 5A ED E9 40 7B 9C"
[HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c155cd73-744b-11e2-8294-806d6172696f}]
"BaseClass" = "Drive"
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders]
"Common Programs" = "%Documents and Settings%\All Users\Start Menu\Programs"
[HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c155cd72-744b-11e2-8294-806d6172696f}]
"BaseClass" = "Drive"
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders]
"Common AppData" = "%Documents and Settings%\All Users\Application Data"
[HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c155cd75-744b-11e2-8294-806d6172696f}]
"BaseClass" = "Drive"
[HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders]
"AppData" = "%Documents and Settings%\%current user%\Application Data"
[HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b98117e8-75ca-11e2-81b2-000c293708fb}]
"BaseClass" = "Drive"
[HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders]
"Personal" = "%Documents and Settings%\%current user%\My Documents"
To automatically run itself each time Windows is booted, the Worm adds the following link to its file to the system registry autorun key:
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AYL Start" = "%Documents and Settings%\All Users\Application Data\MGEQBV\AYL.exe"
Dropped PE files
| MD5 | File path |
|---|---|
| b1936b29dd260e0dc7d46a09df4134da | c:\Documents and Settings\All Users\Application Data\MGEQBV\AYL.01 |
| c1df4e6fe747f2bdc8561b089804efad | c:\Documents and Settings\All Users\Application Data\MGEQBV\AYL.02 |
| 6a8ce42b097c7a3fdce00acf554a1c48 | c:\Documents and Settings\All Users\Application Data\MGEQBV\AYL.exe |
HOSTS file anomalies
No changes have been detected.
Rootkit activity
No anomalies have been detected.
Propagation
Removals
Static Analysis
VersionInfo
No information is available.
No information is available.
PE Sections
| Name | Virtual Address | Virtual Size | Raw Size | Entropy | Section MD5 |
|---|---|---|---|---|---|
| .text | 4096 | 39268 | 39424 | 4.43535 | ada584674a6da1684fc404478a05536a |
| .rdata | 45056 | 9122 | 9216 | 3.82503 | 0d1cc51ceaf6ccc5dea412289c21c72d |
| .data | 57344 | 8032 | 3584 | 1.59295 | 38497e06b844d5c76dfcf692f44509d0 |
| .rsrc | 65536 | 2198852 | 2199040 | 5.3437 | 7223801dcdf9ba284e0420a3bd196c64 |
| .reloc | 2265088 | 4722 | 5120 | 2.49783 | f690b3721218345d115d4966ca177b50 |
Dropped from:
Downloaded by:
Similar by SSDeep:
Similar by Lavasoft Polymorphic Checker:
Network Activity
URLs
IDS verdicts (Suricata alerts: Emerging Threats ET ruleset)
Traffic
Map
The Worm connects to the servers at the folowing location(s):
Strings from Dumps
AYL.exe_948:
.text
.text
`.rdata
`.rdata
@.data
@.data
.rsrc
.rsrc
SSh8BS
SSh8BS
udPhPqY
udPhPqY
SSh@ S
SSh@ S
PSSSSSSh
PSSSSSSh
PSSSSSSh!
PSSSSSSh!
vSSSh
vSSSh
FTPjK
FTPjK
FtPj;
FtPj;
C.PjRV
C.PjRV
tGHt.Ht&
tGHt.Ht&
.EKSWU
.EKSWU
FTPG
FTPG
FTPj
FTPj
FtPS
FtPS
=KNILw.tT=RCNEw
=KNILw.tT=RCNEw
_0 _8 _4;_,
_0 _8 _4;_,
SHA1 block transform for x86, CRYPTOGAMS by
SHA1 block transform for x86, CRYPTOGAMS by
SHA256 block transform for x86, CRYPTOGAMS by
SHA256 block transform for x86, CRYPTOGAMS by
DlSHA512 block transform for x86, CRYPTOGAMS by
DlSHA512 block transform for x86, CRYPTOGAMS by
Montgomery Multiplication for x86, CRYPTOGAMS by
Montgomery Multiplication for x86, CRYPTOGAMS by
6-9'6-9'
6-9'6-9'
$6.:$6.:
$6.:$6.:
*?#1*?#1
*?#1*?#1
>8$4,8$4,
>8$4,8$4,
AES for x86, CRYPTOGAMS by
AES for x86, CRYPTOGAMS by
Camellia for x86 by
Camellia for x86 by
RC4 for x86, CRYPTOGAMS by
RC4 for x86, CRYPTOGAMS by
FRegDeleteKeyExW
FRegDeleteKeyExW
gmail.com
gmail.com
MARGIN-BOTTOM: 11px; BORDER-STYLE: solid; BORDER-COLOR: #DFDFE5; BORDER-WIDTH: 2px; BACKGROUND-COLOR: #DFDFE5; }H2 { COLOR: black; BACKGROUND-COLOR: #FFFFF; FONT-SIZE: 12pt; FONT-WEIGHT: normal; MARGIN-BOTTOM: 0px; MARGIN-TOP: 10px;}
MARGIN-BOTTOM: 11px; BORDER-STYLE: solid; BORDER-COLOR: #DFDFE5; BORDER-WIDTH: 2px; BACKGROUND-COLOR: #DFDFE5; }H2 { COLOR: black; BACKGROUND-COLOR: #FFFFF; FONT-SIZE: 12pt; FONT-WEIGHT: normal; MARGIN-BOTTOM: 0px; MARGIN-TOP: 10px;}
mail@domain.com
mail@domain.com
Date: %d %s %d %d:%d:%d
Date: %d %s %d %d:%d:%d
EHLO %s
EHLO %s
,qop=%s
,qop=%s
,response=%s
,response=%s
,digest-uri="%s"
,digest-uri="%s"
,cnonce="%s"
,cnonce="%s"
,nc=%s
,nc=%s
,nonce="%s"
,nonce="%s"
,realm="%s"
,realm="%s"
charset=utf-8,username="%s"
charset=utf-8,username="%s"
smtp/
smtp/
AUTH PLAIN %s
AUTH PLAIN %s
^%s^%s
^%s^%s
AUTH LOGIN
AUTH LOGIN
LOGIN
LOGIN
--%s--
--%s--
RCPT TO:
RCPT TO:
MAIL FROM:
MAIL FROM:
Please contact the application's support team for more information.
Please contact the application's support team for more information.
- Attempt to initialize the CRT more than once.
- Attempt to initialize the CRT more than once.
- CRT not initialized
- CRT not initialized
- floating point support not loaded
- floating point support not loaded
operator
operator
GetProcessWindowStation
GetProcessWindowStation
USER32.DLL
USER32.DLL
portuguese-brazilian
portuguese-brazilian
ADVAPI32.DLL
ADVAPI32.DLL
kernel32.dll
kernel32.dll
UxTheme.dll
UxTheme.dll
OLEACC.dll
OLEACC.dll
passed a null parameter
passed a null parameter
DSO support routines
DSO support routines
x509 certificate routines
x509 certificate routines
error:lX:%s:%s:%s
error:lX:%s:%s:%s
ssl_sess_cert
ssl_sess_cert
ssl_cert
ssl_cert
evp_pkey
evp_pkey
x509_pkey
x509_pkey
%s(%d): OpenSSL internal error, assertion failed: %s
%s(%d): OpenSSL internal error, assertion failed: %s
lhash part of OpenSSL 1.0.0d 8 Feb 2011
lhash part of OpenSSL 1.0.0d 8 Feb 2011
Stack part of OpenSSL 1.0.0d 8 Feb 2011
Stack part of OpenSSL 1.0.0d 8 Feb 2011
supportedAlgorithms
supportedAlgorithms
crossCertificatePair
crossCertificatePair
certificateRevocationList
certificateRevocationList
cACertificate
cACertificate
userCertificate
userCertificate
userPassword
userPassword
supportedApplicationContext
supportedApplicationContext
Microsoft Local Key set
Microsoft Local Key set
LocalKeySet
LocalKeySet
id-Gost28147-89-None-KeyMeshing
id-Gost28147-89-None-KeyMeshing
id-Gost28147-89-CryptoPro-KeyMeshing
id-Gost28147-89-CryptoPro-KeyMeshing
password based MAC
password based MAC
id-PasswordBasedMAC
id-PasswordBasedMAC
X509v3 Certificate Issuer
X509v3 Certificate Issuer
certificateIssuer
certificateIssuer
certicom-arc
certicom-arc
Proxy Certificate Information
Proxy Certificate Information
proxyCertInfo
proxyCertInfo
Microsoft Smartcardlogin
Microsoft Smartcardlogin
msSmartcardLogin
msSmartcardLogin
joint-iso-itu-t
joint-iso-itu-t
JOINT-ISO-ITU-T
JOINT-ISO-ITU-T
set-rootKeyThumb
set-rootKeyThumb
setAttr-Cert
setAttr-Cert
setCext-cCertRequired
setCext-cCertRequired
setCext-certType
setCext-certType
setct-CertResTBE
setct-CertResTBE
setct-CertReqTBEX
setct-CertReqTBEX
setct-CertReqTBE
setct-CertReqTBE
setct-AcqCardCodeMsgTBE
setct-AcqCardCodeMsgTBE
setct-CertInqReqTBS
setct-CertInqReqTBS
setct-CertResData
setct-CertResData
setct-CertReqTBS
setct-CertReqTBS
setct-CertReqData
setct-CertReqData
setct-PCertResTBS
setct-PCertResTBS
setct-PCertReqData
setct-PCertReqData
setct-AcqCardCodeMsg
setct-AcqCardCodeMsg
certificate extensions
certificate extensions
set-certExt
set-certExt
set-msgExt
set-msgExt
id-ecPublicKey
id-ecPublicKey
id-cmc-confirmCertAcceptance
id-cmc-confirmCertAcceptance
id-cmc-getCert
id-cmc-getCert
id-regInfo-certReq
id-regInfo-certReq
id-regCtrl-protocolEncrKey
id-regCtrl-protocolEncrKey
id-regCtrl-oldCertID
id-regCtrl-oldCertID
id-it-revPassphrase
id-it-revPassphrase
id-it-keyPairParamRep
id-it-keyPairParamRep
id-it-keyPairParamReq
id-it-keyPairParamReq
id-it-unsupportedOIDs
id-it-unsupportedOIDs
id-it-caKeyUpdateInfo
id-it-caKeyUpdateInfo
id-it-encKeyPairTypes
id-it-encKeyPairTypes
id-it-signKeyPairTypes
id-it-signKeyPairTypes
id-it-caProtEncCert
id-it-caProtEncCert
id-mod-attribute-cert
id-mod-attribute-cert
id-mod-qualified-cert-93
id-mod-qualified-cert-93
id-mod-qualified-cert-88
id-mod-qualified-cert-88
id-smime-aa-ets-certCRLTimestamp
id-smime-aa-ets-certCRLTimestamp
id-smime-aa-ets-certValues
id-smime-aa-ets-certValues
id-smime-aa-ets-CertificateRefs
id-smime-aa-ets-CertificateRefs
id-smime-aa-ets-otherSigCert
id-smime-aa-ets-otherSigCert
id-smime-aa-smimeEncryptCerts
id-smime-aa-smimeEncryptCerts
id-smime-aa-signingCertificate
id-smime-aa-signingCertificate
id-smime-aa-encrypKeyPref
id-smime-aa-encrypKeyPref
id-smime-aa-msgSigDigest
id-smime-aa-msgSigDigest
id-smime-ct-publishCert
id-smime-ct-publishCert
id-smime-mod-msg-v3
id-smime-mod-msg-v3
sdsiCertificate
sdsiCertificate
x509Certificate
x509Certificate
localKeyID
localKeyID
certBag
certBag
pkcs8ShroudedKeyBag
pkcs8ShroudedKeyBag
keyBag
keyBag
pbeWithSHA1And2-KeyTripleDES-CBC
pbeWithSHA1And2-KeyTripleDES-CBC
pbeWithSHA1And3-KeyTripleDES-CBC
pbeWithSHA1And3-KeyTripleDES-CBC
TLS Web Client Authentication
TLS Web Client Authentication
TLS Web Server Authentication
TLS Web Server Authentication
X509v3 Extended Key Usage
X509v3 Extended Key Usage
extendedKeyUsage
extendedKeyUsage
X509v3 Authority Key Identifier
X509v3 Authority Key Identifier
authorityKeyIdentifier
authorityKeyIdentifier
X509v3 Certificate Policies
X509v3 Certificate Policies
certificatePolicies
certificatePolicies
X509v3 Private Key Usage Period
X509v3 Private Key Usage Period
privateKeyUsagePeriod
privateKeyUsagePeriod
X509v3 Key Usage
X509v3 Key Usage
keyUsage
keyUsage
X509v3 Subject Key Identifier
X509v3 Subject Key Identifier
subjectKeyIdentifier
subjectKeyIdentifier
Netscape Certificate Sequence
Netscape Certificate Sequence
nsCertSequence
nsCertSequence
Netscape CA Policy Url
Netscape CA Policy Url
nsCaPolicyUrl
nsCaPolicyUrl
Netscape Renewal Url
Netscape Renewal Url
nsRenewalUrl
nsRenewalUrl
Netscape CA Revocation Url
Netscape CA Revocation Url
nsCaRevocationUrl
nsCaRevocationUrl
Netscape Revocation Url
Netscape Revocation Url
nsRevocationUrl
nsRevocationUrl
Netscape Base Url
Netscape Base Url
nsBaseUrl
nsBaseUrl
Netscape Cert Type
Netscape Cert Type
nsCertType
nsCertType
Netscape Certificate Extension
Netscape Certificate Extension
nsCertExt
nsCertExt
extendedCertificateAttributes
extendedCertificateAttributes
challengePassword
challengePassword
dhKeyAgreement
dhKeyAgreement
Big Number part of OpenSSL 1.0.0d 8 Feb 2011
Big Number part of OpenSSL 1.0.0d 8 Feb 2011
ASN.1 part of OpenSSL 1.0.0d 8 Feb 2011
ASN.1 part of OpenSSL 1.0.0d 8 Feb 2011
keylen
keylen
EVP_CIPHER_key_length(cipher)
EVP_CIPHER_key_length(cipher)
len>=0 && lenkey)
len>=0 && lenkey)
j key)
j key)
keylength
keylength
keyfunc
keyfunc
EVP part of OpenSSL 1.0.0d 8 Feb 2011
EVP part of OpenSSL 1.0.0d 8 Feb 2011
.\crypto\pkcs12\p12_key.c
.\crypto\pkcs12\p12_key.c
SHA1 part of OpenSSL 1.0.0d 8 Feb 2011
SHA1 part of OpenSSL 1.0.0d 8 Feb 2011
SHA-256 part of OpenSSL 1.0.0d 8 Feb 2011
SHA-256 part of OpenSSL 1.0.0d 8 Feb 2011
SHA-512 part of OpenSSL 1.0.0d 8 Feb 2011
SHA-512 part of OpenSSL 1.0.0d 8 Feb 2011
RSA part of OpenSSL 1.0.0d 8 Feb 2011
RSA part of OpenSSL 1.0.0d 8 Feb 2011
RAND part of OpenSSL 1.0.0d 8 Feb 2011
RAND part of OpenSSL 1.0.0d 8 Feb 2011
You need to read the OpenSSL FAQ, hXXp://VVV.openssl.org/support/faq.html
You need to read the OpenSSL FAQ, hXXp://VVV.openssl.org/support/faq.html
value.bag
value.bag
value.safes
value.safes
value.shkeybag
value.shkeybag
value.keybag
value.keybag
value.sdsicert
value.sdsicert
value.x509cert
value.x509cert
value.other
value.other
cert_info
cert_info
hexkey
hexkey
rsa_keygen_pubexp
rsa_keygen_pubexp
rsa_keygen_bits
rsa_keygen_bits
NETAPI32.DLL
NETAPI32.DLL
KERNEL32.DLL
KERNEL32.DLL
value.single
value.single
value.set
value.set
PKCS8_PRIV_KEY_INFO
PKCS8_PRIV_KEY_INFO
pkey
pkey
pkeyalg
pkeyalg
enc_key
enc_key
key_enc_algor
key_enc_algor
cert
cert
d.encrypted
d.encrypted
d.digest
d.digest
d.signed_and_enveloped
d.signed_and_enveloped
d.enveloped
d.enveloped
d.sign
d.sign
d.data
d.data
d.other
d.other
X509_PUBKEY
X509_PUBKEY
public_key
public_key
.\crypto\asn1\x_pubkey.c
.\crypto\asn1\x_pubkey.c
%d.%d.%d.%d/%d.%d.%d.%d
%d.%d.%d.%d/%d.%d.%d.%d
%*s%s:
%*s%s:
d.registeredID
d.registeredID
d.iPAddress
d.iPAddress
d.uniformResourceIdentifier
d.uniformResourceIdentifier
d.ediPartyName
d.ediPartyName
d.directoryName
d.directoryName
d.dNSName
d.dNSName
d.rfc822Name
d.rfc822Name
d.otherName
d.otherName
name.relativename
name.relativename
name.fullname
name.fullname
certificateHold
certificateHold
Certificate Hold
Certificate Hold
cessationOfOperation
cessationOfOperation
Cessation Of Operation
Cessation Of Operation
keyCompromise
keyCompromise
Key Compromise
Key Compromise
%*sOnly Attribute Certificates
%*sOnly Attribute Certificates
%*sOnly CA Certificates
%*sOnly CA Certificates
%*sOnly User Certificates
%*sOnly User Certificates
AUTHORITY_KEYID
AUTHORITY_KEYID
keyid
keyid
X509_CERT_PAIR
X509_CERT_PAIR
X509_CERT_AUX
X509_CERT_AUX
%d.%d.%d.%d
%d.%d.%d.%d
EC part of OpenSSL 1.0.0d 8 Feb 2011
EC part of OpenSSL 1.0.0d 8 Feb 2011
ECDSA part of OpenSSL 1.0.0d 8 Feb 2011
ECDSA part of OpenSSL 1.0.0d 8 Feb 2011
.\crypto\ec\ec_key.c
.\crypto\ec\ec_key.c
DSA part of OpenSSL 1.0.0d 8 Feb 2011
DSA part of OpenSSL 1.0.0d 8 Feb 2011
Diffie-Hellman part of OpenSSL 1.0.0d 8 Feb 2011
Diffie-Hellman part of OpenSSL 1.0.0d 8 Feb 2011
.\crypto\dh\dh_key.c
.\crypto\dh\dh_key.c
\X
\X
IP Address:%d.%d.%d.%d
IP Address:%d.%d.%d.%d
URI:%s
URI:%s
DNS:%s
DNS:%s
email:%s
email:%s
EdiPartyName:
EdiPartyName:
X400Name:
X400Name:
othername:
othername:
d.usernotice
d.usernotice
d.cpsuri
d.cpsuri
CERTIFICATEPOLICIES
CERTIFICATEPOLICIES
%*sExplicit Text: %s
%*sExplicit Text: %s
%*sNumber%s:
%*sNumber%s:
%*sOrganization: %s
%*sOrganization: %s
%*sCPS: %s
%*sCPS: %s
ddddddZ
ddddddZ
ddddddZ
ddddddZ
pubkey
pubkey
priv_key
priv_key
pub_key
pub_key
EC_PRIVATEKEY
EC_PRIVATEKEY
publicKey
publicKey
privateKey
privateKey
value.implicitlyCA
value.implicitlyCA
value.parameters
value.parameters
value.named_curve
value.named_curve
p.char_two
p.char_two
p.prime
p.prime
p.ppBasis
p.ppBasis
p.tpBasis
p.tpBasis
p.onBasis
p.onBasis
p.other
p.other
.\crypto\evp\evp_pkey.c
.\crypto\evp\evp_pkey.c
ECDH part of OpenSSL 1.0.0d 8 Feb 2011
ECDH part of OpenSSL 1.0.0d 8 Feb 2011
%'%1$=%C%K%O%s%
%'%1$=%C%K%O%s%
.%.-.3.7.9.?.W.[.o.y.
.%.-.3.7.9.?.W.[.o.y.
C%C'C3C7C9COCWCiC
C%C'C3C7C9COCWCiC
%s: (%d bit)
%s: (%d bit)
Public-Key
Public-Key
Private-Key
Private-Key
recommended-private-length: %d bits
recommended-private-length: %d bits
public-key:
public-key:
private-key:
private-key:
PKCS#3 DH Public-Key
PKCS#3 DH Public-Key
PKCS#3 DH Private-Key
PKCS#3 DH Private-Key
Public-Key: (%d bit)
Public-Key: (%d bit)
Private-Key: (%d bit)
Private-Key: (%d bit)
X.509 part of OpenSSL 1.0.0d 8 Feb 2011
X.509 part of OpenSSL 1.0.0d 8 Feb 2011
OPENSSL_ALLOW_PROXY_CERTS
OPENSSL_ALLOW_PROXY_CERTS
x%s
x%s
%s - d:d:d%.*s %d%s
%s - d:d:d%.*s %d%s
'() ,-./:=?
'() ,-./:=?
CONF part of OpenSSL 1.0.0d 8 Feb 2011
CONF part of OpenSSL 1.0.0d 8 Feb 2011
%*sPolicy Text: %s
%*sPolicy Text: %s
%*scrlUrl:
%*scrlUrl:
EXTENDED_KEY_USAGE
EXTENDED_KEY_USAGE
%*sZone: %s, User:
%*sZone: %s, User:
.\crypto\x509v3\v3_akey.c
.\crypto\x509v3\v3_akey.c
PKEY_USAGE_PERIOD
PKEY_USAGE_PERIOD
keyCertSign
keyCertSign
Certificate Sign
Certificate Sign
keyAgreement
keyAgreement
Key Agreement
Key Agreement
keyEncipherment
keyEncipherment
Key Encipherment
Key Encipherment
.\crypto\x509v3\v3_skey.c
.\crypto\x509v3\v3_skey.c
MD5 part of OpenSSL 1.0.0d 8 Feb 2011
MD5 part of OpenSSL 1.0.0d 8 Feb 2011
PROXY_CERT_INFO_EXTENSION
PROXY_CERT_INFO_EXTENSION
D:/Projects/openssl-10.0d/ssl/certs
D:/Projects/openssl-10.0d/ssl/certs
D:/Projects/openssl-10.0d/ssl/cert.pem
D:/Projects/openssl-10.0d/ssl/cert.pem
SSL_CERT_DIR
SSL_CERT_DIR
SSL_CERT_FILE
SSL_CERT_FILE
Basis Type: %s
Basis Type: %s
Field Type: %s
Field Type: %s
ASN1 OID: %s
ASN1 OID: %s
%s %s%lu (%s0x%lx)
%s %s%lu (%s0x%lx)
%lu:%s:%s:%d:%s
%lu:%s:%s:%d:%s
CONF_def part of OpenSSL 1.0.0d 8 Feb 2011
CONF_def part of OpenSSL 1.0.0d 8 Feb 2011
[[%s]]
[[%s]]
[%s] %s=%s
[%s] %s=%s
crlUrl
crlUrl
certStatus
certStatus
certId
certId
OCSP_CERTSTATUS
OCSP_CERTSTATUS
value.unknown
value.unknown
value.revoked
value.revoked
value.good
value.good
value.byKey
value.byKey
value.byName
value.byName
reqCert
reqCert
OCSP_CERTID
OCSP_CERTID
issuerKeyHash
issuerKeyHash
certs
certs
d.receiptList
d.receiptList
d.allOrFirstTier
d.allOrFirstTier
d.compressedData
d.compressedData
d.authenticatedData
d.authenticatedData
d.encryptedData
d.encryptedData
d.digestedData
d.digestedData
d.envelopedData
d.envelopedData
d.signedData
d.signedData
d.ori
d.ori
d.pwri
d.pwri
d.kekri
d.kekri
d.kari
d.kari
d.ktri
d.ktri
CMS_PasswordRecipientInfo
CMS_PasswordRecipientInfo
keyDerivationAlgorithm
keyDerivationAlgorithm
keyIdentifier
keyIdentifier
CMS_KeyAgreeRecipientInfo
CMS_KeyAgreeRecipientInfo
recipientEncryptedKeys
recipientEncryptedKeys
CMS_OriginatorIdentifierOrKey
CMS_OriginatorIdentifierOrKey
d.originatorKey
d.originatorKey
CMS_OriginatorPublicKey
CMS_OriginatorPublicKey
CMS_RecipientEncryptedKey
CMS_RecipientEncryptedKey
CMS_KeyAgreeRecipientIdentifier
CMS_KeyAgreeRecipientIdentifier
d.rKeyId
d.rKeyId
CMS_RecipientKeyIdentifier
CMS_RecipientKeyIdentifier
CMS_OtherKeyAttribute
CMS_OtherKeyAttribute
keyAttr
keyAttr
keyAttrId
keyAttrId
CMS_KeyTransRecipientInfo
CMS_KeyTransRecipientInfo
encryptedKey
encryptedKey
keyEncryptionAlgorithm
keyEncryptionAlgorithm
certificates
certificates
d.crl
d.crl
d.subjectKeyIdentifier
d.subjectKeyIdentifier
d.issuerAndSerialNumber
d.issuerAndSerialNumber
CMS_CertificateChoices
CMS_CertificateChoices
d.v2AttrCert
d.v2AttrCert
d.v1AttrCert
d.v1AttrCert
d.extendedCertificate
d.extendedCertificate
d.certificate
d.certificate
CMS_OtherCertificateFormat
CMS_OtherCertificateFormat
otherCert
otherCert
otherCertFormat
otherCertFormat
%s.dll
%s.dll
PEM part of OpenSSL 1.0.0d 8 Feb 2011
PEM part of OpenSSL 1.0.0d 8 Feb 2011
phrase is too short, needs to be at least %d chars
phrase is too short, needs to be at least %d chars
Enter PEM pass phrase:
Enter PEM pass phrase:
TRUSTED CERTIFICATE
TRUSTED CERTIFICATE
CERTIFICATE REQUEST
CERTIFICATE REQUEST
NEW CERTIFICATE REQUEST
NEW CERTIFICATE REQUEST
CERTIFICATE
CERTIFICATE
X509 CERTIFICATE
X509 CERTIFICATE
PRIVATE KEY
PRIVATE KEY
ENCRYPTED PRIVATE KEY
ENCRYPTED PRIVATE KEY
ANY PRIVATE KEY
ANY PRIVATE KEY
.\crypto\evp\evp_key.c
.\crypto\evp\evp_key.c
nkey
nkey
?456789:;
?456789:;
!"#$%&'()* ,-./0123
!"#$%&'()* ,-./0123
Verifying - %s
Verifying - %s
OpenSSL 1.0.0d 8 Feb 2011
OpenSSL 1.0.0d 8 Feb 2011
%-23s %s Kx=%-8s Au=%-4s Enc=%-9s Mac=%-4s%s
%-23s %s Kx=%-8s Au=%-4s Enc=%-9s Mac=%-4s%s
EXPORT56
EXPORT56
EXPORT40
EXPORT40
EXPORT
EXPORT
.\ssl\ssl_cert.c
.\ssl\ssl_cert.c
SSLv3 part of OpenSSL 1.0.0d 8 Feb 2011
SSLv3 part of OpenSSL 1.0.0d 8 Feb 2011
TLSv1 part of OpenSSL 1.0.0d 8 Feb 2011
TLSv1 part of OpenSSL 1.0.0d 8 Feb 2011
SSLv2 part of OpenSSL 1.0.0d 8 Feb 2011
SSLv2 part of OpenSSL 1.0.0d 8 Feb 2011
s->session->master_key_length >= 0 && s->session->master_key_length session->master_key)
s->session->master_key_length >= 0 && s->session->master_key_length session->master_key)
wrong number of key bits
wrong number of key bits
unsupported status type
unsupported status type
unsupported ssl version
unsupported ssl version
unsupported protocol
unsupported protocol
unsupported elliptic curve
unsupported elliptic curve
unsupported digest type
unsupported digest type
unsupported compression algorithm
unsupported compression algorithm
unsupported cipher
unsupported cipher
unknown pkey type
unknown pkey type
unknown key exchange type
unknown key exchange type
unknown certificate type
unknown certificate type
unable to find public key parameters
unable to find public key parameters
unable to extract public key
unable to extract public key
unable to decode ecdh certs
unable to decode ecdh certs
unable to decode dh certs
unable to decode dh certs
tried to use unsupported cipher
tried to use unsupported cipher
tls peer did not respond with certificate list
tls peer did not respond with certificate list
tls client cert req with anon cipher
tls client cert req with anon cipher
tlsv1 unsupported extension
tlsv1 unsupported extension
tlsv1 certificate unobtainable
tlsv1 certificate unobtainable
tlsv1 bad certificate status response
tlsv1 bad certificate status response
tlsv1 bad certificate hash value
tlsv1 bad certificate hash value
tlsv1 alert export restriction
tlsv1 alert export restriction
sslv3 alert unsupported certificate
sslv3 alert unsupported certificate
sslv3 alert no certificate
sslv3 alert no certificate
sslv3 alert certificate unknown
sslv3 alert certificate unknown
sslv3 alert certificate revoked
sslv3 alert certificate revoked
sslv3 alert certificate expired
sslv3 alert certificate expired
sslv3 alert bad certificate
sslv3 alert bad certificate
signature for non signing certificate
signature for non signing certificate
reuse cert type not zero
reuse cert type not zero
reuse cert length not zero
reuse cert length not zero
public key not rsa
public key not rsa
public key is not rsa
public key is not rsa
public key encrypt error
public key encrypt error
peer error unsupported certificate type
peer error unsupported certificate type
peer error no certificate
peer error no certificate
peer error certificate
peer error certificate
peer did not return a certificate
peer did not return a certificate
null ssl method passed
null ssl method passed
no publickey
no publickey
no private key assigned
no private key assigned
no privatekey
no privatekey
Peer haven't sent GOST certificate, required for selected ciphersuite
Peer haven't sent GOST certificate, required for selected ciphersuite
no client cert received
no client cert received
no client cert method
no client cert method
no ciphers passed
no ciphers passed
no certificate specified
no certificate specified
no certificate set
no certificate set
no certificate returned
no certificate returned
no certificate assigned
no certificate assigned
no certificates returned
no certificates returned
missing tmp rsa pkey
missing tmp rsa pkey
missing tmp rsa key
missing tmp rsa key
missing tmp ecdh key
missing tmp ecdh key
missing tmp dh key
missing tmp dh key
missing rsa signing cert
missing rsa signing cert
missing rsa encrypting cert
missing rsa encrypting cert
missing rsa certificate
missing rsa certificate
missing export tmp rsa key
missing export tmp rsa key
missing export tmp dh key
missing export tmp dh key
missing dsa signing cert
missing dsa signing cert
missing dh rsa cert
missing dh rsa cert
missing dh key
missing dh key
missing dh dsa cert
missing dh dsa cert
krb5 server rd_req (keytab perms?)
krb5 server rd_req (keytab perms?)
key arg too long
key arg too long
invalid ticket keys length
invalid ticket keys length
http request
http request
https proxy request
https proxy request
error generating tmp rsa key
error generating tmp rsa key
ecc cert should have sha1 signature
ecc cert should have sha1 signature
ecc cert should have rsa signature
ecc cert should have rsa signature
ecc cert not for signing
ecc cert not for signing
ecc cert not for key agreement
ecc cert not for key agreement
cert length mismatch
cert length mismatch
certificate verify failed
certificate verify failed
bad ecc cert
bad ecc cert
bad dh pub key length
bad dh pub key length
TLS1_SETUP_KEY_BLOCK
TLS1_SETUP_KEY_BLOCK
tls1_cert_verify_mac
tls1_cert_verify_mac
SSL_VERIFY_CERT_CHAIN
SSL_VERIFY_CERT_CHAIN
SSL_use_RSAPrivateKey_file
SSL_use_RSAPrivateKey_file
SSL_use_RSAPrivateKey_ASN1
SSL_use_RSAPrivateKey_ASN1
SSL_use_RSAPrivateKey
SSL_use_RSAPrivateKey
SSL_use_PrivateKey_file
SSL_use_PrivateKey_file
SSL_use_PrivateKey_ASN1
SSL_use_PrivateKey_ASN1
SSL_use_PrivateKey
SSL_use_PrivateKey
SSL_use_certificate_file
SSL_use_certificate_file
SSL_use_certificate_ASN1
SSL_use_certificate_ASN1
SSL_use_certificate
SSL_use_certificate
SSL_SET_PKEY
SSL_SET_PKEY
SSL_SET_CERT
SSL_SET_CERT
SSL_SESS_CERT_NEW
SSL_SESS_CERT_NEW
SSL_GET_SIGN_PKEY
SSL_GET_SIGN_PKEY
SSL_GET_SERVER_SEND_CERT
SSL_GET_SERVER_SEND_CERT
SSL_CTX_use_RSAPrivateKey_file
SSL_CTX_use_RSAPrivateKey_file
SSL_CTX_use_RSAPrivateKey_ASN1
SSL_CTX_use_RSAPrivateKey_ASN1
SSL_CTX_use_RSAPrivateKey
SSL_CTX_use_RSAPrivateKey
SSL_CTX_use_PrivateKey_file
SSL_CTX_use_PrivateKey_file
SSL_CTX_use_PrivateKey_ASN1
SSL_CTX_use_PrivateKey_ASN1
SSL_CTX_use_PrivateKey
SSL_CTX_use_PrivateKey
SSL_CTX_use_certificate_file
SSL_CTX_use_certificate_file
SSL_CTX_use_certificate_chain_file
SSL_CTX_use_certificate_chain_file
SSL_CTX_use_certificate_ASN1
SSL_CTX_use_certificate_ASN1
SSL_CTX_use_certificate
SSL_CTX_use_certificate
SSL_CTX_set_client_cert_engine
SSL_CTX_set_client_cert_engine
SSL_CTX_check_private_key
SSL_CTX_check_private_key
SSL_CHECK_SRVR_ECC_CERT_AND_ALG
SSL_CHECK_SRVR_ECC_CERT_AND_ALG
SSL_check_private_key
SSL_check_private_key
SSL_CERT_NEW
SSL_CERT_NEW
SSL_CERT_INSTANTIATE
SSL_CERT_INSTANTIATE
SSL_CERT_INST
SSL_CERT_INST
SSL_CERT_DUP
SSL_CERT_DUP
SSL_add_file_cert_subjects_to_stack
SSL_add_file_cert_subjects_to_stack
SSL_add_dir_cert_subjects_to_stack
SSL_add_dir_cert_subjects_to_stack
SSL3_SETUP_KEY_BLOCK
SSL3_SETUP_KEY_BLOCK
SSL3_SEND_SERVER_KEY_EXCHANGE
SSL3_SEND_SERVER_KEY_EXCHANGE
SSL3_SEND_SERVER_CERTIFICATE
SSL3_SEND_SERVER_CERTIFICATE
SSL3_SEND_CLIENT_KEY_EXCHANGE
SSL3_SEND_CLIENT_KEY_EXCHANGE
SSL3_SEND_CLIENT_CERTIFICATE
SSL3_SEND_CLIENT_CERTIFICATE
SSL3_SEND_CERTIFICATE_REQUEST
SSL3_SEND_CERTIFICATE_REQUEST
SSL3_OUTPUT_CERT_CHAIN
SSL3_OUTPUT_CERT_CHAIN
SSL3_GET_SERVER_CERTIFICATE
SSL3_GET_SERVER_CERTIFICATE
SSL3_GET_KEY_EXCHANGE
SSL3_GET_KEY_EXCHANGE
SSL3_GET_CLIENT_KEY_EXCHANGE
SSL3_GET_CLIENT_KEY_EXCHANGE
SSL3_GET_CLIENT_CERTIFICATE
SSL3_GET_CLIENT_CERTIFICATE
SSL3_GET_CERT_VERIFY
SSL3_GET_CERT_VERIFY
SSL3_GET_CERT_STATUS
SSL3_GET_CERT_STATUS
SSL3_GET_CERTIFICATE_REQUEST
SSL3_GET_CERTIFICATE_REQUEST
SSL3_GENERATE_KEY_BLOCK
SSL3_GENERATE_KEY_BLOCK
SSL3_CHECK_CERT_AND_ALGORITHM
SSL3_CHECK_CERT_AND_ALGORITHM
SSL3_ADD_CERT_TO_BUF
SSL3_ADD_CERT_TO_BUF
SSL2_SET_CERTIFICATE
SSL2_SET_CERTIFICATE
SSL2_GENERATE_KEY_MATERIAL
SSL2_GENERATE_KEY_MATERIAL
REQUEST_CERTIFICATE
REQUEST_CERTIFICATE
GET_CLIENT_MASTER_KEY
GET_CLIENT_MASTER_KEY
DTLS1_SEND_SERVER_KEY_EXCHANGE
DTLS1_SEND_SERVER_KEY_EXCHANGE
DTLS1_SEND_SERVER_CERTIFICATE
DTLS1_SEND_SERVER_CERTIFICATE
DTLS1_SEND_CLIENT_KEY_EXCHANGE
DTLS1_SEND_CLIENT_KEY_EXCHANGE
DTLS1_SEND_CLIENT_CERTIFICATE
DTLS1_SEND_CLIENT_CERTIFICATE
D