2edaf7786e49c910ed76775392526ef58cf7a0213f7ee8e84ee9f72d70ffbed6

Sharing

Copy URL

Twitter E-mail

General

Target

2edaf7786e49c910ed76775392526ef58cf7a0213f7ee8e84ee9f72d70ffbed6
Size

1.0MB
MD5

ac8dc1f9425eb51a034c64ad9449ee5d
SHA1

750705b4755276334f1f918ea9d0e62c1cb87a93
SHA256

2edaf7786e49c910ed76775392526ef58cf7a0213f7ee8e84ee9f72d70ffbed6
SHA512

797170658872173b43cd83ef680f3ad21f5cd5ee5fe4ea271f47534b8f0ad0c619c678ff6fb350335678e08053d6a45bd87ab6f8e6285d3e2d37023a2948c3e5
SSDEEP

24576:kjUKZcKh3thJvLnePMDi5xlPCeY33z29ySB:VK644PMDcx1CTu

Score

1^/10

Malware Config

Signatures

Files

2edaf7786e49c910ed76775392526ef58cf7a0213f7ee8e84ee9f72d70ffbed6
.exe windows:5 windows x86

1b35e87b733a21de85668ff00ec918bf

Code Sign

23:19:99:14:ee:d4:7b:d2:c7:df:11:fe:6f:f9:7a:06
Certificate

Issuer

CN=COMODO RSA Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

04-06-2018 00:00

Not After

16-06-2018 23:59

Subject

CN=TIFFANI,O=TIFFANI,POSTALCODE=420083,STREET=ul Rashida Nezhmetdinova d2 kv45,L=Kazan,C=RU

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

4c:aa:f9:ca:db:63:6f:e0:1f:f7:4e:d8:5b:03:86:9d
Certificate

Issuer

CN=COMODO RSA Certification Authority,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

19-01-2010 00:00

Not After

18-01-2038 23:59

Subject

CN=COMODO RSA Certification Authority,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

2e:7c:87:cc:0e:93:4a:52:fe:94:fd:1c:b7:cd:34:af
Certificate

Issuer

CN=COMODO RSA Certification Authority,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

09-05-2013 00:00

Not After

08-05-2028 23:59

Subject

CN=COMODO RSA Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

imagehlp

MapFileAndCheckSumA
MapFileAndCheckSumW

comctl32

ImageList_Draw
InitCommonControlsEx
ImageList_Destroy
ImageList_LoadImageW
PropertySheetW
ImageList_Create
ImageList_Add
ord17

kernel32

FindFirstFileA
GetProcAddress
GetVersion
GetVersionExA
GetModuleHandleA
LoadLibraryA
SetLastError
IsBadReadPtr
GetStringTypeA
LCMapStringW
LCMapStringA
MultiByteToWideChar
HeapReAlloc
GetFileAttributesA
HeapAlloc
GetOEMCP
GetCPInfo
WriteFile
RtlUnwind
HeapFree
VirtualFree
HeapCreate
HeapDestroy
GetEnvironmentVariableA
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
WideCharToMultiByte
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetModuleFileNameA
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
ExitProcess
GetCommandLineA
GetStartupInfoA
CreateThread
GlobalFindAtomW
FindResourceExW
SearchPathA
SetEndOfFile
GetStringTypeW
FindNextFileA
MulDiv
GetExitCodeProcess
FormatMessageW
GetExitCodeThread
GetTimeZoneInformation
CreateDirectoryA
RemoveDirectoryA
GetDiskFreeSpaceA
LockFile
TerminateThread
DuplicateHandle
UnlockFile
GlobalLock
ResetEvent
PostQueuedCompletionStatus
LeaveCriticalSection
SizeofResource
FlushFileBuffers
SetCurrentDirectoryW
GetQueuedCompletionStatus
CreateMutexW
GetVolumeInformationW
SetFileAttributesA
FindClose
InterlockedExchange
GetShortPathNameA
GetDriveTypeW
EnterCriticalSection
CreateIoCompletionPort
CompareFileTime
GetTimeFormatA
RaiseException
SetCurrentDirectoryA
lstrcmpiA
GlobalUnlock
GetCurrentThreadId
FreeLibrary
CloseHandle
GetACP
CreateFileMappingA
GetSystemTimeAsFileTime
GetTickCount
GetLastError
VirtualAlloc

user32

EnumChildWindows
CloseClipboard
GetSysColor
DestroyMenu
GetSubMenu
SetFocus
GetKeyState
LoadMenuW
SetWindowPos
GetParent
GetWindowLongA
ClientToScreen
GetWindowLongW
EndPaint
ReleaseDC
CreateWindowExW
GetClientRect
SetClassLongW
SetClipboardData
LoadAcceleratorsW
GetWindowThreadProcessId
DefWindowProcW
LoadStringW
EndDialog
DrawTextA
GetMessagePos
RegisterClassExW
AppendMenuW
IsWindowEnabled
SendMessageTimeoutA
TrackPopupMenu
SetWindowLongW
DestroyWindow
EmptyClipboard
EnableMenuItem
TranslateAcceleratorW
CharNextW
CharLowerBuffW
AdjustWindowRectEx
GetSystemMetrics
InvalidateRect

gdi32

CreateFontIndirectW
SelectObject
CreateRectRgnIndirect
SetMapMode
ExtSelectClipRgn
SetViewportOrgEx
GetObjectW
Escape
SetWindowExtEx
CreateBitmap
RectVisible
GetRgnBox
GetBkColor
RestoreDC
SaveDC
OffsetViewportOrgEx
GetClipBox
GetTextColor
DeleteObject
ExtTextOutW
ScaleWindowExtEx
DeleteDC
GetStockObject
PtVisible
GetDeviceCaps
SetTextColor
GetWindowExtEx
SetBkColor
CreateFontIndirectA
GetDIBits
GetViewportExtEx
SetViewportExtEx
ScaleViewportExtEx

advapi32

RegOpenKeyW
RegDeleteKeyW
RegEnumValueW
AllocateAndInitializeSid
RegQueryValueW
RegOpenKeyExW
RegCloseKey
RegDeleteValueW
RegSetValueExW
RegQueryValueExW
RegCreateKeyExW
FreeSid
RegQueryInfoKeyW
RegEnumKeyW
GetSidSubAuthority

shell32

ShellExecuteW
Shell_NotifyIconW

oleaut32

VarDecRound
SysFreeString
SysAllocStringByteLen
VarAdd
SysStringLen
SafeArrayPutElement
SysStringByteLen
SysAllocString
VariantClear

shlwapi

PathAddBackslashA
PathAddBackslashW

Sections

.text
Size: 792KB - Virtual size: 788KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 228KB - Virtual size: 226KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 36KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1b35e87b733a21de85668ff00ec918bf

Code Sign

23:19:99:14:ee:d4:7b:d2:c7:df:11:fe:6f:f9:7a:06Certificate

Extended Key Usages

Key Usages

4c:aa:f9:ca:db:63:6f:e0:1f:f7:4e:d8:5b:03:86:9dCertificate

Key Usages

2e:7c:87:cc:0e:93:4a:52:fe:94:fd:1c:b7:cd:34:afCertificate

Extended Key Usages

Key Usages

Signer

Headers

File Characteristics

Imports

imagehlp

comctl32

kernel32

user32

gdi32

advapi32

shell32

oleaut32

shlwapi

Sections

.text Size: 792KB - Virtual size: 788KB

.data Size: 228KB - Virtual size: 226KB

.rsrc Size: 36KB - Virtual size: 34KB

23:19:99:14:ee:d4:7b:d2:c7:df:11:fe:6f:f9:7a:06
Certificate

4c:aa:f9:ca:db:63:6f:e0:1f:f7:4e:d8:5b:03:86:9d
Certificate

2e:7c:87:cc:0e:93:4a:52:fe:94:fd:1c:b7:cd:34:af
Certificate

.text
Size: 792KB - Virtual size: 788KB

.data
Size: 228KB - Virtual size: 226KB

.rsrc
Size: 36KB - Virtual size: 34KB