General

Malware Config

Signatures

Files

• 96c2a28ff80cbd8d0d02cb497273026003ba9b9275619996479c439e6ee9da61

  .exe windows x86

  1d68e6798428bbebb941d7ad346a2f04

  
  

  Code Sign

  44:be:0c:8b:50:00:24:b4:11:d3:36:2d:e0:b3:5f:1b

  Certificate

  Issuer

  CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

  Not Before

  09-07-1999 18:31

  Not After

  09-07-2019 18:40

  Subject

  CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

  Extended Key Usages

  ExtKeyUsageCodeSigning

  ExtKeyUsageTimeStamping

  Key Usages

  KeyUsageDigitalSignature

  KeyUsageContentCommitment

  KeyUsageCertSign

  KeyUsageCRLSign

  10:70:9d:4f:f5:54:08:d7:30:60:01:d8:ea:91:75:bb

  Certificate

  Issuer

  CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

  Not Before

  24-08-2011 00:00

  Not After

  30-05-2020 10:48

  Subject

  CN=COMODO Code Signing CA 2,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

  Extended Key Usages

  ExtKeyUsageCodeSigning

  Key Usages

  KeyUsageCertSign

  KeyUsageCRLSign

  7a:4e:8d:b3:e9:af:3e:c2:ff:7e:d3:a1:9d:f0:da:e5

  Certificate

  Issuer

  CN=COMODO Code Signing CA 2,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

  Not Before

  29-08-2014 00:00

  Not After

  29-08-2015 23:59

  Subject

  CN=Investmarket,O=Investmarket,POSTALCODE=123022,STREET=Zvenigorodskoye shosse\, 1\, 1,L=Moscow,ST=Moscow,C=RU

  Extended Key Usages

  ExtKeyUsageCodeSigning

  Key Usages

  KeyUsageDigitalSignature

  4e:16:fd:a5:58:c5:17:1d:9b:d0:60:34:7d:29:87:b2:24:be:6d:93

  Signer

  Actual PE Digest

  4e:16:fd:a5:58:c5:17:1d:9b:d0:60:34:7d:29:87:b2:24:be:6d:93

  Digest Algorithm

  sha1

  PE Digest Matches

  true

  Signature Validations

  Trusted

  false

  Verification

  Signing Certificate

  CN=Investmarket,O=Investmarket,POSTALCODE=123022,STREET=Zvenigorodskoye shosse\, 1\, 1,L=Moscow,ST=Moscow,C=RU

  24-11-2022 14:54

  Valid: false

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_NX_COMPAT

  IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

  File Characteristics

  IMAGE_FILE_RELOCS_STRIPPED

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_32BIT_MACHINE

  Imports

  kernel32

  WriteConsoleW

  CloseHandle

  IsProcessorFeaturePresent

  SetFilePointer

  GetStringTypeW

  LCMapStringW

  FlushFileBuffers

  GetConsoleMode

  GetConsoleCP

  HeapReAlloc

  HeapSize

  RtlUnwind

  IsValidCodePage

  GetOEMCP

  GetACP

  GetCPInfo

  LoadLibraryW

  SetStdHandle

  GetSystemTimeAsFileTime

  GetCurrentProcessId

  QueryPerformanceCounter

  InterlockedDecrement

  GetCurrentThreadId

  SetLastError

  InterlockedIncrement

  TlsFree

  TlsSetValue

  TlsGetValue

  TlsAlloc

  DeleteCriticalSection

  GetFileType

  InitializeCriticalSectionAndSpinCount

  SetHandleCount

  GetEnvironmentStringsW

  WideCharToMultiByte

  FreeEnvironmentStringsW

  CreateFileW

  WaitForMultipleObjects

  GetModuleFileNameA

  WritePrivateProfileStringA

  GetPrivateProfileStringA

  GetLastError

  MultiByteToWideChar

  lstrcatA

  Sleep

  GlobalAlloc

  GetProcessHeap

  GetTickCount

  HeapFree

  GetCurrentProcess

  HeapAlloc

  TerminateProcess

  IsDebuggerPresent

  SetUnhandledExceptionFilter

  UnhandledExceptionFilter

  LeaveCriticalSection

  EnterCriticalSection

  EncodePointer

  HeapCreate

  GetModuleFileNameW

  GetStdHandle

  WriteFile

  DecodePointer

  ExitProcess

  GetModuleHandleW

  GetProcAddress

  GetLocalTime

  GetCommandLineA

  HeapSetInformation

  GetStartupInfoW

  user32

  GetWindow

  RegisterClassA

  ModifyMenuA

  EndPaint

  DestroyWindow

  SetCursor

  GetUserObjectInformationA

  GetWindowRect

  InsertMenuItemA

  SendDlgItemMessageA

  FillRect

  GetMenuItemID

  wsprintfA

  WindowFromPoint

  GetClientRect

  CreateMenu

  GetWindowTextLengthA

  SendMessageA

  WinHelpA

  InflateRect

  SetDlgItemInt

  OffsetRect

  GetWindowTextA

  InvalidateRect

  GetDlgItem

  EndDialog

  DefWindowProcA

  GetDesktopWindow

  CheckDlgButton

  EnumWindowStationsW

  ShowWindow

  SetMenu

  CreatePopupMenu

  GetSysColorBrush

  FrameRect

  DrawMenuBar

  AppendMenuA

  IsWindow

  CreateWindowExW

  SetMenuDefaultItem

  SetWindowTextA

  SendMessageW

  LoadCursorA

  GetDlgItemTextA

  SetDlgItemTextA

  gdi32

  CreateFontIndirectA

  DeleteObject

  SetMapMode

  SaveDC

  RestoreDC

  TextOutA

  GetBkMode

  comdlg32

  ChooseFontA

  advapi32

  CryptDestroyKey

  CryptEncrypt

  CryptImportKey

  CryptAcquireContextA

  LookupPrivilegeValueA

  CryptReleaseContext

  GetTokenInformation

  CryptSetKeyParam

  OpenProcessToken

  InitiateSystemShutdownA

  AdjustTokenPrivileges

  ole32

  CLSIDFromString

  oleaut32

  SafeArrayGetRecordInfo

  SysAllocStringLen

  SafeArrayUnlock

  SysFreeString

  SafeArrayPtrOfIndex

  SafeArrayLock

  SysAllocString

  mpr

  WNetGetConnectionA

  shlwapi

  StrRChrA

  uxtheme

  IsAppThemed

  Sections

  .text

  Size: 191KB - Virtual size: 191KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 14KB - Virtual size: 14KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 8KB - Virtual size: 16KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rsrc

  Size: 6KB - Virtual size: 5KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ