db4b0b4f7010ed7d89d69a8bcfe7cef5700df7257d0bac733278a44294f68a84

Sharing

Copy URL

Twitter E-mail

General

Target

db4b0b4f7010ed7d89d69a8bcfe7cef5700df7257d0bac733278a44294f68a84
Size

625KB
MD5

0c2e4674fd38104a285ce546e6d2c040
SHA1

f3f30b0a05fbeec01e6189735d196f297a97a47e
SHA256

db4b0b4f7010ed7d89d69a8bcfe7cef5700df7257d0bac733278a44294f68a84
SHA512

ab8a98554cb71deed3546c3ace1185a566cb7c6c3c2011d15b5190b9b4c19da0f0b8750caaa7f975dfa2e16e4ab647eda6bf29d8d6091979d0900118ddcd905c
SSDEEP

12288:luyqZVq4RAyXQ/NhMF3jYEhwkOQ19L1xOcRN6rZjUl:oVq4RAyXQ/jMF3+ktX1VN2Zol

Score

N/A

Malware Config

Signatures

Files

db4b0b4f7010ed7d89d69a8bcfe7cef5700df7257d0bac733278a44294f68a84
.exe windows x86

79aadd609a9f9fd68b1cb0b6120411ed

Code Sign

2e:7c:87:cc:0e:93:4a:52:fe:94:fd:1c:b7:cd:34:af
Certificate

Issuer

CN=COMODO RSA Certification Authority,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

09-05-2013 00:00

Not After

08-05-2028 23:59

Subject

CN=COMODO RSA Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

27:66:ee:56:eb:49:f3:8e:ab:d7:70:a2:fc:84:de:22
Certificate

Issuer

CN=AddTrust External CA Root,OU=AddTrust External TTP Network,O=AddTrust AB,C=SE

Not Before

30-05-2000 10:48

Not After

30-05-2020 10:48

Subject

CN=COMODO RSA Certification Authority,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

01
Certificate

Issuer

CN=AddTrust External CA Root,OU=AddTrust External TTP Network,O=AddTrust AB,C=SE

Not Before

30-05-2000 10:48

Not After

30-05-2020 10:48

Subject

CN=AddTrust External CA Root,OU=AddTrust External TTP Network,O=AddTrust AB,C=SE

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

81:b9:12:c7:b2:e2:52:f9:f5:7d:ec:fa:ae:e1:52:c5
Certificate

Issuer

CN=COMODO RSA Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

05-06-2015 00:00

Not After

04-06-2016 23:59

Subject

CN=PROSTOR,O=PROSTOR,POSTALCODE=614000,STREET=ul. Ekaterininskaya 96,L=Perm,ST=Perm region,C=RU

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

28:a9:7d:4a:14:80:ba:8c:3e:5c:86:95:37:f7:d4:5a:83:c9:a0:c2
Signer

Actual PE Digest

28:a9:7d:4a:14:80:ba:8c:3e:5c:86:95:37:f7:d4:5a:83:c9:a0:c2

Digest Algorithm

sha1

PE Digest Matches

true

Signature Validations

Trusted

false

Verification

Signing Certificate

CN=PROSTOR,O=PROSTOR,POSTALCODE=614000,STREET=ul. Ekaterininskaya 96,L=Perm,ST=Perm region,C=RU

04-11-2022 15:44
Valid: false

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryW
RemoveDirectoryA
SetThreadPriority
GetModuleHandleA
GetFileSizeEx
CloseHandle
TerminateProcess
GetLastError
VirtualUnlock
GetFileSize
OpenEventA
OpenSemaphoreA
VirtualProtect
GetLocaleInfoA
GetStringTypeW
VirtualAlloc
GetProcAddress
GetStringTypeA
LCMapStringW
MultiByteToWideChar
LCMapStringA
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetStartupInfoA
GetCommandLineA
GetVersionExA
ExitProcess
GetCurrentProcess
WriteFile
GetStdHandle
GetModuleFileNameA
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
GetFileType
HeapDestroy
HeapCreate
VirtualFree
HeapFree
LoadLibraryA
GetACP
GetOEMCP
GetCPInfo
HeapAlloc
HeapReAlloc
RtlUnwind
InterlockedExchange
VirtualQuery
HeapSize
QueryPerformanceCounter
GetTickCount
GetSystemInfo

user32

IsWindowVisible
DestroyWindow

gdi32

CreatePen

shell32

ord195

ole32

CoUninitialize

ws2_32

recv
WSAGetLastError

Sections

.text
Size: 28KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 204KB - Virtual size: 203KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 360KB - Virtual size: 361KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

79aadd609a9f9fd68b1cb0b6120411ed

Code Sign

2e:7c:87:cc:0e:93:4a:52:fe:94:fd:1c:b7:cd:34:afCertificate

Extended Key Usages

Key Usages

27:66:ee:56:eb:49:f3:8e:ab:d7:70:a2:fc:84:de:22Certificate

Key Usages

01Certificate

Key Usages

81:b9:12:c7:b2:e2:52:f9:f5:7d:ec:fa:ae:e1:52:c5Certificate

Extended Key Usages

Key Usages

28:a9:7d:4a:14:80:ba:8c:3e:5c:86:95:37:f7:d4:5a:83:c9:a0:c2Signer

Signature Validations

Verification

04-11-2022 15:44 Valid: false

Headers

File Characteristics

Imports

kernel32

user32

gdi32

shell32

ole32

ws2_32

Sections

.text Size: 28KB - Virtual size: 25KB

.rdata Size: 204KB - Virtual size: 203KB

.data Size: 360KB - Virtual size: 361KB

.rsrc Size: 24KB - Virtual size: 21KB

2e:7c:87:cc:0e:93:4a:52:fe:94:fd:1c:b7:cd:34:af
Certificate

27:66:ee:56:eb:49:f3:8e:ab:d7:70:a2:fc:84:de:22
Certificate

01
Certificate

81:b9:12:c7:b2:e2:52:f9:f5:7d:ec:fa:ae:e1:52:c5
Certificate

28:a9:7d:4a:14:80:ba:8c:3e:5c:86:95:37:f7:d4:5a:83:c9:a0:c2
Signer

04-11-2022 15:44
Valid: false

.text
Size: 28KB - Virtual size: 25KB

.rdata
Size: 204KB - Virtual size: 203KB

.data
Size: 360KB - Virtual size: 361KB

.rsrc
Size: 24KB - Virtual size: 21KB