6d896917cbc1658122dad7909860932717ff872c4caeeabb6e58d5ba9a09f67d

Sharing

Copy URL Twitter E-mail

General

Target

6d896917cbc1658122dad7909860932717ff872c4caeeabb6e58d5ba9a09f67d
Size

113KB
MD5

0a786580ccf19de130d8e7e74d6c50a0
SHA1

f138d940bde702ed6f9dff309ff4446e79db0bc4
SHA256

6d896917cbc1658122dad7909860932717ff872c4caeeabb6e58d5ba9a09f67d
SHA512

63c1ead363724be527b7d78812de0ecbdec2fafc5dc04c94072828398e6a53b0718ac2dd034137c6a7f9134583a395a09be3a6a1fc2ea18184bfee299c3e4a1f
SSDEEP

1536:pxPOtFUNlWbZXmfxWbvyU1cs7n0IHz0zhNxOUPQ05IysT2E4uEU7X:POvEwbEpgL1lD0Hh7OWeJTEg

Score

N/A

Malware Config

Signatures

Files

6d896917cbc1658122dad7909860932717ff872c4caeeabb6e58d5ba9a09f67d
.exe windows x86

f3af617e1900567001710ad340b9a357

Code Sign

10:70:9d:4f:f5:54:08:d7:30:60:01:d8:ea:91:75:bb
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

24/08/2011, 00:00

Not After

30/05/2020, 10:48

Subject

CN=COMODO Code Signing CA 2,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

42:1a:f2:94:09:84:19:1f:52:0a:4b:c6:24:26:a7:4b
Certificate

Issuer

CN=AddTrust External CA Root,OU=AddTrust External TTP Network,O=AddTrust AB,C=SE

Not Before

07/06/2005, 08:09

Not After

30/05/2020, 10:48

Subject

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

4d:9d:81:fb:12:47:14:2a:e8:1f:f7:3d:60:f9:7f:d3
Certificate

Issuer

CN=COMODO Code Signing CA 2,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

24/01/2014, 00:00

Not After

24/01/2015, 23:59

Subject

CN=INFORMATSIONNYE TEKHNOLOGII\, OOO,O=INFORMATSIONNYE TEKHNOLOGII\, OOO,POSTALCODE=109004,STREET=4-6 str. 3\, per. Nikoloyamski,L=Moscow,ST=Moscow region,C=RU

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateEventW
GetEnvironmentStrings
TlsSetValue
HeapFree
GetVersionExW
LocalFree
LCMapStringW
GetTickCount
lstrlenW
GetModuleHandleA
SetUnhandledExceptionFilter
UnmapViewOfFile
LoadLibraryExW
WaitForSingleObject
SetHandleCount
LoadLibraryW
FreeLibrary
GetLocaleInfoA
GetStartupInfoA
CancelIo
ExitProcess
InterlockedDecrement
lstrcmpiW
GetLastError
HeapSize
TlsGetValue
FindClose
TlsFree
FreeEnvironmentStringsW
GetModuleHandleW
GlobalFree
GetProcessHeap
Sleep
GetCPInfo
GetCommandLineA

user32

CreateWindowExA
CopyRect
PostMessageA
SetDlgItemTextW
RegisterWindowMessageW
BeginPaint
SendDlgItemMessageW
SetWindowLongW
OffsetRect
CharNextA
CallWindowProcW
PtInRect
MessageBoxA
MoveWindow
SetForegroundWindow
LoadImageW
EnableWindow

gdi32

UnrealizeObject
SelectPalette
StretchBlt
ExtSelectClipRgn
SetWindowExtEx
DeleteDC
CreateDIBSection
SelectObject
SetViewportExtEx
SaveDC
OffsetRgn
GetTextMetricsW

advapi32

FreeSid
ChangeServiceConfigW
UpdateTraceW
CryptAcquireContextA
CryptAcquireContextW
ProcessTrace
RegDeleteValueW
RegEnumValueW
CryptReleaseContext
RegOpenKeyExA
OpenServiceW
CheckTokenMembership
GetSidIdentifierAuthority
CryptImportKey
GetSidSubAuthorityCount
RegQueryInfoKeyW
OpenSCManagerW
OpenTraceW

msvcrt

_exit
_XcptFilter
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__fmode
__set_app_type
_except_handler3
_controlfp
__p__commode

Sections

.text
Size: 71KB - Virtual size: 71KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

bss
Size: 7KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f3af617e1900567001710ad340b9a357

Code Sign

10:70:9d:4f:f5:54:08:d7:30:60:01:d8:ea:91:75:bbCertificate

Extended Key Usages

Key Usages

42:1a:f2:94:09:84:19:1f:52:0a:4b:c6:24:26:a7:4bCertificate

Key Usages

4d:9d:81:fb:12:47:14:2a:e8:1f:f7:3d:60:f9:7f:d3Certificate

Extended Key Usages

Key Usages

Signer

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

msvcrt

Sections

.text Size: 71KB - Virtual size: 71KB

.data Size: 11KB - Virtual size: 10KB

bss Size: 7KB - Virtual size: 4KB

.rsrc Size: 18KB - Virtual size: 18KB

10:70:9d:4f:f5:54:08:d7:30:60:01:d8:ea:91:75:bb
Certificate

42:1a:f2:94:09:84:19:1f:52:0a:4b:c6:24:26:a7:4b
Certificate

4d:9d:81:fb:12:47:14:2a:e8:1f:f7:3d:60:f9:7f:d3
Certificate

.text
Size: 71KB - Virtual size: 71KB

.data
Size: 11KB - Virtual size: 10KB

bss
Size: 7KB - Virtual size: 4KB

.rsrc
Size: 18KB - Virtual size: 18KB