ClassicSvc[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

ClassicSvc.exe
Size

10.6MB
MD5

385ca557571ff7c65d25b15426f9a8b6
SHA1

04e87e27d503b7e1ceda5388db0202ed6a414faf
SHA256

7fdbe1e9f540292f53d41452663b1b117077f9db5d5dd68947005c8dc3db9896
SHA512

4cafd9e25203b165773bcc23dc7bb41a3c90a2651bdd15934c9b0ad4bea0f9637141ed794d62002042033b4a994a7c983911deaa8998f84f3ddede6e2fb7719e
SSDEEP

196608:QAf0mFtpmjEBHvqj+nWR35GIqypmBuwQhsN+2k:QAf00fmoFy+W3kFcmkM+d

Score

1^/10

Malware Config

Signatures

Files

ClassicSvc.exe
.exe windows x86

Code Sign

02:ac:5c:26:6a:0b:40:9b:8f:0b:79:f2:ae:46:25:77
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

10-11-2006 00:00

Not After

10-11-2031 00:00

Subject

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01-01-2021 00:00

Not After

06-01-2031 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07-01-2016 12:00

Not After

07-01-2031 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

08:30:20:eb:3c:f0:a0:af:7d:bd:41:e2:b2:73:e8:a9
Certificate

Issuer

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

24-02-2021 00:00

Not After

28-02-2022 23:59

Subject

SERIALNUMBER=5167746364693,CN=Remote Utilities LLC,O=Remote Utilities LLC,L=Moscow,C=RU,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.3=#13025255

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18-04-2012 12:00

Not After

18-04-2027 12:00

Subject

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

9b:81:2c:61:82:53:fb:34:61:4c:df:71:0d:53:78:7c:0d:25:a6:06
Signer

Actual PE Digest

9b:81:2c:61:82:53:fb:34:61:4c:df:71:0d:53:78:7c:0d:25:a6:06

Digest Algorithm

sha1

PE Digest Matches

false

Signature Validations

Trusted

true

Verification

Signing Certificate

SERIALNUMBER=5167746364693,CN=Remote Utilities LLC,O=Remote Utilities LLC,L=Moscow,C=RU,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.3=#13025255

28-02-2021 12:28
Valid: true

Chain 1

SERIALNUMBER=5167746364693,CN=Remote Utilities LLC,O=Remote Utilities LLC,L=Moscow,C=RU,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.3=#13025255

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

TMethodImplementationIntercept
__dbk_fcall_wrapper
dbkFCallWrapperAddr
madTraceProcess

Sections

.text
Size: 8.4MB - Virtual size: 8.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.itext
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 155KB - Virtual size: 154KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 559KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.didata
Size: 29KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 182B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: - Virtual size: 1KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 93B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 781KB - Virtual size: 781KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Code Sign

02:ac:5c:26:6a:0b:40:9b:8f:0b:79:f2:ae:46:25:77Certificate

Key Usages

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:ddCertificate

Extended Key Usages

Key Usages

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15Certificate

Extended Key Usages

Key Usages

08:30:20:eb:3c:f0:a0:af:7d:bd:41:e2:b2:73:e8:a9Certificate

Extended Key Usages

Key Usages

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5cCertificate

Extended Key Usages

Key Usages

9b:81:2c:61:82:53:fb:34:61:4c:df:71:0d:53:78:7c:0d:25:a6:06Signer

Signature Validations

Verification

28-02-2021 12:28 Valid: true

Chain 1

Headers

File Characteristics

Exports

Exports

Sections

.text Size: 8.4MB - Virtual size: 8.4MB

.itext Size: 17KB - Virtual size: 16KB

.data Size: 155KB - Virtual size: 154KB

.bss Size: - Virtual size: 559KB

.idata Size: 22KB - Virtual size: 21KB

.didata Size: 29KB - Virtual size: 29KB

.edata Size: 512B - Virtual size: 182B

.tls Size: - Virtual size: 1KB

.rdata Size: 512B - Virtual size: 93B

.reloc Size: 781KB - Virtual size: 781KB

.rsrc Size: 1.2MB - Virtual size: 1.2MB

02:ac:5c:26:6a:0b:40:9b:8f:0b:79:f2:ae:46:25:77
Certificate

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

08:30:20:eb:3c:f0:a0:af:7d:bd:41:e2:b2:73:e8:a9
Certificate

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

9b:81:2c:61:82:53:fb:34:61:4c:df:71:0d:53:78:7c:0d:25:a6:06
Signer

28-02-2021 12:28
Valid: true

.text
Size: 8.4MB - Virtual size: 8.4MB

.itext
Size: 17KB - Virtual size: 16KB

.data
Size: 155KB - Virtual size: 154KB

.bss
Size: - Virtual size: 559KB

.idata
Size: 22KB - Virtual size: 21KB

.didata
Size: 29KB - Virtual size: 29KB

.edata
Size: 512B - Virtual size: 182B

.tls
Size: - Virtual size: 1KB

.rdata
Size: 512B - Virtual size: 93B

.reloc
Size: 781KB - Virtual size: 781KB

.rsrc
Size: 1.2MB - Virtual size: 1.2MB