4dc74bdfa3ba0fd37117e6318a48ff4b09c3534668e09de85943cd7e14b44329

Sharing

Copy URL Twitter E-mail

General

Target

4dc74bdfa3ba0fd37117e6318a48ff4b09c3534668e09de85943cd7e14b44329
Size

105KB
MD5

537f2fd76d9715811b64280270cff4c0
SHA1

1f6e72ba09fc837926562b431b2091322d2bff82
SHA256

4dc74bdfa3ba0fd37117e6318a48ff4b09c3534668e09de85943cd7e14b44329
SHA512

af032516f034163df40e70a53b3a1cda2efd9b4c88d5965af3bc11cdb3e43560a4c863911af62667efabd6673441d51abb2a72cf3deff511c8e089c37f8a074f
SSDEEP

1536:J/POtFUNlWbZXmfxWbPBUygc/epcE+BX9Usf4yx/tRhd1kBdNTzAq:hOvEwbEp0BpL/eCPBXCsFtbd1ODgq

Score

N/A

Malware Config

Signatures

Files

4dc74bdfa3ba0fd37117e6318a48ff4b09c3534668e09de85943cd7e14b44329
.exe windows x86

f3af617e1900567001710ad340b9a357

Code Sign

10:70:9d:4f:f5:54:08:d7:30:60:01:d8:ea:91:75:bb
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

24/08/2011, 00:00

Not After

30/05/2020, 10:48

Subject

CN=COMODO Code Signing CA 2,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

42:1a:f2:94:09:84:19:1f:52:0a:4b:c6:24:26:a7:4b
Certificate

Issuer

CN=AddTrust External CA Root,OU=AddTrust External TTP Network,O=AddTrust AB,C=SE

Not Before

07/06/2005, 08:09

Not After

30/05/2020, 10:48

Subject

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

4d:9d:81:fb:12:47:14:2a:e8:1f:f7:3d:60:f9:7f:d3
Certificate

Issuer

CN=COMODO Code Signing CA 2,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

24/01/2014, 00:00

Not After

24/01/2015, 23:59

Subject

CN=INFORMATSIONNYE TEKHNOLOGII\, OOO,O=INFORMATSIONNYE TEKHNOLOGII\, OOO,POSTALCODE=109004,STREET=4-6 str. 3\, per. Nikoloyamski,L=Moscow,ST=Moscow region,C=RU

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateEventW
GetEnvironmentStrings
TlsSetValue
HeapFree
GetVersionExW
LocalFree
LCMapStringW
GetTickCount
lstrlenW
GetModuleHandleA
SetUnhandledExceptionFilter
UnmapViewOfFile
LoadLibraryExW
WaitForSingleObject
SetHandleCount
LoadLibraryW
FreeLibrary
GetLocaleInfoA
GetStartupInfoA
CancelIo
ExitProcess
InterlockedDecrement
lstrcmpiW
GetLastError
HeapSize
TlsGetValue
FindClose
TlsFree
FreeEnvironmentStringsW
GetModuleHandleW
GlobalFree
GetProcessHeap
Sleep
GetCPInfo
GetCommandLineA

user32

CreateWindowExA
CopyRect
PostMessageA
SetDlgItemTextW
RegisterWindowMessageW
BeginPaint
SendDlgItemMessageW
SetWindowLongW
OffsetRect
CharNextA
CallWindowProcW
PtInRect
MessageBoxA
MoveWindow
SetForegroundWindow
LoadImageW
EnableWindow

gdi32

UnrealizeObject
SelectPalette
StretchBlt
ExtSelectClipRgn
SetWindowExtEx
DeleteDC
CreateDIBSection
SelectObject
SetViewportExtEx
SaveDC
OffsetRgn
GetTextMetricsW

advapi32

FreeSid
ChangeServiceConfigW
UpdateTraceW
CryptAcquireContextA
CryptAcquireContextW
ProcessTrace
RegDeleteValueW
RegEnumValueW
CryptReleaseContext
RegOpenKeyExA
OpenServiceW
CheckTokenMembership
GetSidIdentifierAuthority
CryptImportKey
GetSidSubAuthorityCount
RegQueryInfoKeyW
OpenSCManagerW
OpenTraceW

msvcrt

_exit
_XcptFilter
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__fmode
__set_app_type
_except_handler3
_controlfp
__p__commode

Sections

.text
Size: 71KB - Virtual size: 71KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

bss
Size: 7KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

f3af617e1900567001710ad340b9a357

Code Sign

10:70:9d:4f:f5:54:08:d7:30:60:01:d8:ea:91:75:bbCertificate

Extended Key Usages

Key Usages

42:1a:f2:94:09:84:19:1f:52:0a:4b:c6:24:26:a7:4bCertificate

Key Usages

4d:9d:81:fb:12:47:14:2a:e8:1f:f7:3d:60:f9:7f:d3Certificate

Extended Key Usages

Key Usages

Signer

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

msvcrt

Sections

.text Size: 71KB - Virtual size: 71KB

.data Size: 11KB - Virtual size: 10KB

bss Size: 7KB - Virtual size: 4KB

.rsrc Size: 10KB - Virtual size: 10KB

10:70:9d:4f:f5:54:08:d7:30:60:01:d8:ea:91:75:bb
Certificate

42:1a:f2:94:09:84:19:1f:52:0a:4b:c6:24:26:a7:4b
Certificate

4d:9d:81:fb:12:47:14:2a:e8:1f:f7:3d:60:f9:7f:d3
Certificate

.text
Size: 71KB - Virtual size: 71KB

.data
Size: 11KB - Virtual size: 10KB

bss
Size: 7KB - Virtual size: 4KB

.rsrc
Size: 10KB - Virtual size: 10KB