2a2fcd45833911b84fcb25fdf2973885a294ecb3d9308687774c9f33c02bfb6e

Sharing

Copy URL

Twitter E-mail

General

Target

2a2fcd45833911b84fcb25fdf2973885a294ecb3d9308687774c9f33c02bfb6e
Size

1.0MB
MD5

a1613d1e8a9101cea1bf7cd0a8514771
SHA1

dc12f93a76f409ed3b83e39c7357a947a64de01b
SHA256

2a2fcd45833911b84fcb25fdf2973885a294ecb3d9308687774c9f33c02bfb6e
SHA512

4e5c2d44df6d55baceaebc1ab836d51a060f585242c77063a86572c9f320f6062224935fabb13b0a1d368cb74790805d932cd9c7f30e8f72188bfa8cfca4e3be
SSDEEP

24576:H7MpMecnaXSAELkteTSWEay73/CZUExrXgN9p4Bcfa6o7:rdaXSAQy7PgU0g/iefav7

Score

1^/10

Malware Config

Signatures

Files

2a2fcd45833911b84fcb25fdf2973885a294ecb3d9308687774c9f33c02bfb6e
.exe windows:5 windows x86

57075835c57626c1d942aa80b15a4823

Code Sign

23:19:99:14:ee:d4:7b:d2:c7:df:11:fe:6f:f9:7a:06
Certificate

Issuer

CN=COMODO RSA Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

04/06/2018, 00:00

Not After

16/06/2018, 23:59

Subject

CN=TIFFANI,O=TIFFANI,POSTALCODE=420083,STREET=ul Rashida Nezhmetdinova d2 kv45,L=Kazan,C=RU

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

4c:aa:f9:ca:db:63:6f:e0:1f:f7:4e:d8:5b:03:86:9d
Certificate

Issuer

CN=COMODO RSA Certification Authority,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

19/01/2010, 00:00

Not After

18/01/2038, 23:59

Subject

CN=COMODO RSA Certification Authority,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

2e:7c:87:cc:0e:93:4a:52:fe:94:fd:1c:b7:cd:34:af
Certificate

Issuer

CN=COMODO RSA Certification Authority,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

09/05/2013, 00:00

Not After

08/05/2028, 23:59

Subject

CN=COMODO RSA Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

imagehlp

MapFileAndCheckSumA
MapFileAndCheckSumW

comctl32

ImageList_Draw
InitCommonControlsEx
ImageList_Destroy
ImageList_GetImageCount
ImageList_Create
ImageList_Add
ImageList_LoadImageW
PropertySheetW
ord17

kernel32

FindResourceExW
GlobalFindAtomW
GetProcAddress
GetVersion
GetVersionExA
GetModuleHandleA
LoadLibraryA
SetLastError
IsBadReadPtr
GetStringTypeA
LCMapStringW
LCMapStringA
MultiByteToWideChar
SearchPathA
VirtualAlloc
HeapAlloc
GetOEMCP
GetCPInfo
WriteFile
RtlUnwind
HeapFree
VirtualFree
HeapCreate
HeapDestroy
GetEnvironmentVariableA
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
WideCharToMultiByte
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetModuleFileNameA
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
ExitProcess
GetCommandLineA
GetStartupInfoA
SetEndOfFile
FindNextFileA
MulDiv
SetCurrentDirectoryA
GetStringTypeW
lstrcmpiA
GetExitCodeProcess
FormatMessageW
GetExitCodeThread
GetTimeZoneInformation
CreateDirectoryA
RemoveDirectoryA
GlobalUnlock
GetDiskFreeSpaceA
CreateMutexW
GetVolumeInformationW
SetFileAttributesA
IsValidCodePage
LockFile
TerminateThread
DuplicateHandle
UnlockFile
GlobalLock
ResetEvent
PostQueuedCompletionStatus
LeaveCriticalSection
SizeofResource
FlushFileBuffers
SetCurrentDirectoryW
GetQueuedCompletionStatus
FindFirstFileA
FindClose
InterlockedExchange
GetShortPathNameA
GetDriveTypeW
EnterCriticalSection
CreateIoCompletionPort
GetFileAttributesA
CreateThread
CompareFileTime
GetTimeFormatA
RaiseException
FreeLibrary
CloseHandle
GetCurrentThreadId
CreateFileMappingA
GetSystemTimeAsFileTime
GetTickCount
GetACP
GetLastError
HeapReAlloc

user32

GetSysColor
DestroyMenu
GetSubMenu
CharLowerBuffW
TranslateAcceleratorW
InvalidateRect
SetFocus
LoadAcceleratorsW
SetClipboardData
GetKeyState
LoadMenuW
SetWindowPos
CloseClipboard
EnumChildWindows
GetWindowLongW
EndPaint
ReleaseDC
AdjustWindowRectEx
CreateWindowExW
GetClientRect
SetClassLongW
ClientToScreen
GetWindowThreadProcessId
DefWindowProcW
LoadStringW
EndDialog
GetWindowLongA
GetParent
DrawTextA
GetMessagePos
RegisterClassExW
AppendMenuW
IsWindowEnabled
SendMessageTimeoutA
TrackPopupMenu
SetWindowLongW
DestroyWindow
EmptyClipboard
EnableMenuItem
GetSystemMetrics
CharNextW

gdi32

ScaleViewportExtEx
GetObjectW
Escape
SetWindowExtEx
CreateBitmap
PtVisible
GetRgnBox
RectVisible
GetViewportExtEx
GetBkColor
ExtSelectClipRgn
SetViewportOrgEx
SetViewportExtEx
GetDIBits
SaveDC
OffsetViewportOrgEx
GetClipBox
GetTextColor
DeleteObject
ExtTextOutW
ScaleWindowExtEx
DeleteDC
SetMapMode
SetBkColor
CreateFontIndirectA
CreateRectRgnIndirect
SelectObject
CreateFontIndirectW
SetTextColor
GetStockObject
RestoreDC
GetWindowExtEx
GetDeviceCaps

advapi32

RegOpenKeyW
RegDeleteKeyW
RegEnumValueW
AllocateAndInitializeSid
RegQueryValueW
RegOpenKeyExW
RegCloseKey
RegDeleteValueW
RegSetValueExW
RegQueryValueExW
RegCreateKeyExW
FreeSid
GetSidSubAuthority
RegQueryInfoKeyW
RegEnumKeyW

shell32

ShellExecuteW
Shell_NotifyIconW

oleaut32

VarDecRound
SysFreeString
SysAllocStringByteLen
VarAdd
SysStringLen
SafeArrayPutElement
SysStringByteLen
SysAllocString
VariantClear

shlwapi

PathAddBackslashA
PathAddBackslashW

Sections

.text
Size: 792KB - Virtual size: 789KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 228KB - Virtual size: 227KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 36KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

57075835c57626c1d942aa80b15a4823

Code Sign

23:19:99:14:ee:d4:7b:d2:c7:df:11:fe:6f:f9:7a:06Certificate

Extended Key Usages

Key Usages

4c:aa:f9:ca:db:63:6f:e0:1f:f7:4e:d8:5b:03:86:9dCertificate

Key Usages

2e:7c:87:cc:0e:93:4a:52:fe:94:fd:1c:b7:cd:34:afCertificate

Extended Key Usages

Key Usages

Signer

Headers

File Characteristics

Imports

imagehlp

comctl32

kernel32

user32

gdi32

advapi32

shell32

oleaut32

shlwapi

Sections

.text Size: 792KB - Virtual size: 789KB

.data Size: 228KB - Virtual size: 227KB

.rsrc Size: 36KB - Virtual size: 34KB

23:19:99:14:ee:d4:7b:d2:c7:df:11:fe:6f:f9:7a:06
Certificate

4c:aa:f9:ca:db:63:6f:e0:1f:f7:4e:d8:5b:03:86:9d
Certificate

2e:7c:87:cc:0e:93:4a:52:fe:94:fd:1c:b7:cd:34:af
Certificate

.text
Size: 792KB - Virtual size: 789KB

.data
Size: 228KB - Virtual size: 227KB

.rsrc
Size: 36KB - Virtual size: 34KB