LDPlayer-Dump[.]rar

Sharing

Copy URL

Twitter E-mail

General

Target

LDPlayer-Dump.rar
Size

54.3MB
MD5

7b54a2c67bacbc1af869ea15345d89c1
SHA1

329c7e480931f5a607777f0faa2c7eaff4afbc61
SHA256

e5080c93937732e4454cf13b87988cc8ae952b0e4065e600e7fcea2144d2e251
SHA512

f369fa8e6242f650e8996b77f3a07672bfb8e24e7c85d524c728d6a51b7bfeaa89f375e3b0da2649d7220fca7d7c6b5bfd1c2528e36450f91980df343c8da483
SSDEEP

98304:H8yEnQWlhNXqF87Esw9zSvMHDYzj4T3TX/Ydqb:EQWlhNX33EzSMkQz

Score

1^/10

Malware Config

Signatures

Files

LDPlayer-Dump.rar
.7z
LDPLayer.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Code Sign

1b:e7:15
Certificate

Issuer

OU=Go Daddy Class 2 Certification Authority,O=The Go Daddy Group\, Inc.,C=US

Not Before

01-01-2014 07:00

Not After

30-05-2031 07:00

Subject

CN=Go Daddy Root Certificate Authority - G2,O=GoDaddy.com\, Inc.,L=Scottsdale,ST=Arizona,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

47:8a:8e:fb:59:e1:d8:3f:0c:e1:42:d2:a2:87:07:be
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

10-05-2010 00:00

Not After

10-05-2015 23:59

Subject

CN=COMODO Time Stamping Signer,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

07
Certificate

Issuer

CN=Go Daddy Root Certificate Authority - G2,O=GoDaddy.com\, Inc.,L=Scottsdale,ST=Arizona,C=US

Not Before

03-05-2011 07:00

Not After

03-05-2031 07:00

Subject

CN=Go Daddy Secure Certificate Authority - G2,OU=http://certs.godaddy.com/repository/,O=GoDaddy.com\, Inc.,L=Scottsdale,ST=Arizona,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

c1:a3:91:d6:4c:66
Certificate

Issuer

CN=Go Daddy Secure Certificate Authority - G2,OU=http://certs.godaddy.com/repository/,O=GoDaddy.com\, Inc.,L=Scottsdale,ST=Arizona,C=US

Not Before

13-10-2014 03:25

Not After

13-10-2015 03:25

Subject

CN=Murray Hurps Software Pty Ltd,O=Murray Hurps Software Pty Ltd,L=Box Hill,ST=New South Wales,C=AU

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

a6:3a:b4:66:5a:d1:89:a0:bf:a5:91:a6:c0:1c:14:f7:da:05:3b:3b
Signer

Actual PE Digest

a6:3a:b4:66:5a:d1:89:a0:bf:a5:91:a6:c0:1c:14:f7:da:05:3b:3b

Digest Algorithm

sha1

PE Digest Matches

false

Signature Validations

Trusted

true

Verification

Signing Certificate

CN=Murray Hurps Software Pty Ltd,O=Murray Hurps Software Pty Ltd,L=Box Hill,ST=New South Wales,C=AU

19-10-2014 02:25
Valid: true

Chain 1

CN=Murray Hurps Software Pty Ltd,O=Murray Hurps Software Pty Ltd,L=Box Hill,ST=New South Wales,C=AU

CN=Go Daddy Secure Certificate Authority - G2,OU=http://certs.godaddy.com/repository/,O=GoDaddy.com\, Inc.,L=Scottsdale,ST=Arizona,C=US

CN=Go Daddy Root Certificate Authority - G2,O=GoDaddy.com\, Inc.,L=Scottsdale,ST=Arizona,C=US

Chain 2

CN=Murray Hurps Software Pty Ltd,O=Murray Hurps Software Pty Ltd,L=Box Hill,ST=New South Wales,C=AU

CN=Go Daddy Secure Certificate Authority - G2,OU=http://certs.godaddy.com/repository/,O=GoDaddy.com\, Inc.,L=Scottsdale,ST=Arizona,C=US

CN=Go Daddy Root Certificate Authority - G2,O=GoDaddy.com\, Inc.,L=Scottsdale,ST=Arizona,C=US

OU=Go Daddy Class 2 Certification Authority,O=The Go Daddy Group\, Inc.,C=US

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 361KB - Virtual size: 360KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
RealO/DscCore.dll
.dll windows x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

.rsrc
Size: 49KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
RealO/ODBC.INI
RealO/ODBCINST.INI
RealO/PFRO.log
RealO/PSDSCFileDownloadManagerEvents.dll
.dll windows x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
RealO/en-US/DscCoreR.dll.mui
.dll windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.rsrc
Size: 23KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
RealO/en-US/PSDSCFileDownloadManagerEvents.dll.mui
.dll windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.rsrc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
RealO/eulaLic.docx
.html

Sharing

General

Malware Config

Signatures

Files

f34d5f2d4577ed6d9ceec516c1f5a744

Code Sign

1b:e7:15Certificate

Key Usages

47:8a:8e:fb:59:e1:d8:3f:0c:e1:42:d2:a2:87:07:beCertificate

Extended Key Usages

Key Usages

07Certificate

Key Usages

c1:a3:91:d6:4c:66Certificate

Extended Key Usages

Key Usages

a6:3a:b4:66:5a:d1:89:a0:bf:a5:91:a6:c0:1c:14:f7:da:05:3b:3bSigner

Signature Validations

Verification

19-10-2014 02:25 Valid: true

Chain 1

Chain 2

Headers

DLL Characteristics

File Characteristics

Imports

mscoree

Sections

.text Size: 361KB - Virtual size: 360KB

.rsrc Size: 16KB - Virtual size: 15KB

.reloc Size: 512B - Virtual size: 12B

Headers

DLL Characteristics

File Characteristics

Sections

.rsrc Size: 49KB - Virtual size: 49KB

Headers

DLL Characteristics

File Characteristics

Sections

.rsrc Size: 5KB - Virtual size: 5KB

Headers

DLL Characteristics

File Characteristics

Sections

.rsrc Size: 23KB - Virtual size: 24KB

Headers

DLL Characteristics

File Characteristics

Sections

.rsrc Size: 3KB - Virtual size: 4KB

1b:e7:15
Certificate

47:8a:8e:fb:59:e1:d8:3f:0c:e1:42:d2:a2:87:07:be
Certificate

07
Certificate

c1:a3:91:d6:4c:66
Certificate

a6:3a:b4:66:5a:d1:89:a0:bf:a5:91:a6:c0:1c:14:f7:da:05:3b:3b
Signer

19-10-2014 02:25
Valid: true

.text
Size: 361KB - Virtual size: 360KB

.rsrc
Size: 16KB - Virtual size: 15KB

.reloc
Size: 512B - Virtual size: 12B

.rsrc
Size: 49KB - Virtual size: 49KB

.rsrc
Size: 5KB - Virtual size: 5KB

.rsrc
Size: 23KB - Virtual size: 24KB

.rsrc
Size: 3KB - Virtual size: 4KB