skzi-g5[.]zip | Triage

Resubmissions

27/11/2023, 08:42

231127-kl6gzafd3t 7

27/11/2023, 08:10

231127-j21e8afc78 5

Sharing

Copy URL

Twitter E-mail

General

Target

skzi-g5.zip
Size

11.3MB
MD5

87db808e6ba85652744c86e8676eb70e
SHA1

75a19f31e1210918f33e060e5511c33d9199087a
SHA256

138c9789c542aa0b3606b3515098055dfa14039e991592c047bfeeb8034ba58e
SHA512

d42f67392636cc6014761b2303c39f15727f9c6e6487d6299a7dc2d35cdd1913ba8266426906b258665d6e5ddee3f412f99e9362f3e76b6dbc0e956bd4618e79
SSDEEP

196608:DYHbrZlAgViz5ZJFYKHZiFbr8r5kWT/m9Udp/iRR:D83PAu4bZiBor5rDm9Sob

Score

5^/10

pdf link

Malware Config

Signatures

Malformed data in PDF
A PDF can contain malformed data to evade detection
pdf

HTTP links in PDF interactive object 1 IoCs

Detects HTTP links in interactive objects within PDF files.

pdf link

resource	yara_rule
static1/unpack001/SKZI/Документация/Крипто-КОМ 3.5/ccrandreg.3.PDF	pdf_with_link_action

One or more HTTP URLs in PDF identified
Detects presence of HTTP links in PDF files.
pdf link

Unsigned PE 5 IoCs

Checks for missing Authenticode signature.

resource
unpack001/SKZI/soft/CCRANDREG.EXE
unpack001/SKZI/soft/RUSH.EXE
unpack001/SKZI/soft/WIPE.EXE
unpack001/SKZI/win32/ccom.dll
unpack001/SKZI/win64/ccom.dll

Files

skzi-g5.zip
.zip
SKZI/soft/CCRANDREG.EXE
.exe windows:6 windows x86 arch:x86

0e35f04a72979fd38fc76c8d717a8ec1

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
ReleaseMutex
WaitForSingleObject
CreateMutexA
Sleep
LoadLibraryA
MultiByteToWideChar
WideCharToMultiByte
GetCurrentThreadId
GetStdHandle
FlushConsoleInputBuffer
HeapFree
EnterCriticalSection
LeaveCriticalSection
GetCommandLineA
GetSystemTimeAsFileTime
IsDebuggerPresent
IsProcessorFeaturePresent
GetTimeZoneInformation
HeapAlloc
HeapReAlloc
ReadFile
FileTimeToLocalFileTime
GetFileInformationByHandle
GetFileType
PeekNamedPipe
FileTimeToSystemTime
RtlUnwind
EncodePointer
DecodePointer
GetProcessHeap
FlushFileBuffers
WriteFile
GetConsoleCP
GetConsoleMode
DeleteCriticalSection
SetLastError
ExitProcess
GetModuleHandleExW
GetProcAddress
CreateDirectoryW
GetStartupInfoW
SetStdHandle
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetModuleFileNameA
GetModuleFileNameW
QueryPerformanceCounter
GetCurrentProcessId
GetEnvironmentStringsW
FreeEnvironmentStringsW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
InitializeCriticalSectionAndSpinCount
GetCurrentProcess
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetModuleHandleW
ReadConsoleW
SetFilePointerEx
WriteConsoleW
LoadLibraryExW
GetStringTypeW
CompareStringW
LCMapStringW
OutputDebugStringW
SetEnvironmentVariableA
CreateFileW
HeapSize
SetEndOfFile
RaiseException
GetLastError
LoadLibraryW
AreFileApisANSI
FreeLibrary
ReadConsoleInputA
SetConsoleMode
GetFileAttributesExW

advapi32

RegOpenKeyExA
RegCloseKey
RegQueryValueExA

Sections

.text
Size: 611KB - Virtual size: 611KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 407KB - Virtual size: 407KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 77KB - Virtual size: 384KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

_RDATA
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
SKZI/soft/RUSH.EXE
.exe windows:6 windows x86 arch:x86

be57174b573f32e8a883decc57d65d8d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
CloseHandle
ReleaseMutex
WaitForSingleObject
CreateMutexA
GetCurrentDirectoryA
MultiByteToWideChar
WideCharToMultiByte
GetCurrentThreadId
GetStdHandle
FlushConsoleInputBuffer
EnterCriticalSection
LeaveCriticalSection
GetSystemTimeAsFileTime
GetTimeZoneInformation
GetCommandLineA
ReadFile
FileTimeToLocalFileTime
GetFileInformationByHandle
GetFileType
PeekNamedPipe
FileTimeToSystemTime
FindClose
SystemTimeToTzSpecificLocalTime
IsDebuggerPresent
IsProcessorFeaturePresent
HeapFree
HeapAlloc
HeapReAlloc
RtlUnwind
DeleteCriticalSection
EncodePointer
DecodePointer
ExitProcess
GetModuleHandleExW
AreFileApisANSI
GetStartupInfoW
SetStdHandle
WriteFile
GetConsoleCP
GetConsoleMode
ReadConsoleW
IsValidCodePage
GetACP
GetProcAddress
GetCPInfo
SetLastError
RaiseException
GetProcessHeap
GetModuleFileNameA
GetModuleFileNameW
QueryPerformanceCounter
GetCurrentProcessId
GetEnvironmentStringsW
FreeEnvironmentStringsW
FlushFileBuffers
SetFilePointerEx
FindFirstFileExW
FindNextFileW
GetDriveTypeW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
InitializeCriticalSectionAndSpinCount
GetCurrentProcess
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetModuleHandleW
CreateDirectoryW
LoadLibraryExW
WriteConsoleW
GetStringTypeW
CompareStringW
LCMapStringW
OutputDebugStringW
GetFullPathNameW
GetCurrentDirectoryW
CreateFileW
SetEnvironmentVariableA
HeapSize
SetEndOfFile
FreeLibrary
Sleep
GetOEMCP
GetLastError
ReadConsoleInputA
SetConsoleMode
DeleteFileW
GetFileAttributesExW
SetFileAttributesW

advapi32

RegOpenKeyExA
RegCloseKey
RegQueryValueExA

Sections

.text
Size: 745KB - Virtual size: 745KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 409KB - Virtual size: 409KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 317KB - Virtual size: 625KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

_RDATA
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 39KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
SKZI/soft/WIPE.EXE
.exe windows:6 windows x86 arch:x86

65b84cce7684d2ca539008618e7c7bd7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
CloseHandle
ReleaseMutex
WaitForSingleObject
CreateMutexA
GetCurrentDirectoryA
MultiByteToWideChar
WideCharToMultiByte
GetCurrentThreadId
GetStdHandle
FlushConsoleInputBuffer
EnterCriticalSection
LeaveCriticalSection
GetSystemTimeAsFileTime
GetTimeZoneInformation
GetCommandLineA
ReadFile
FileTimeToLocalFileTime
GetFileInformationByHandle
GetFileType
PeekNamedPipe
FileTimeToSystemTime
FindClose
SystemTimeToTzSpecificLocalTime
IsDebuggerPresent
IsProcessorFeaturePresent
HeapFree
HeapAlloc
HeapReAlloc
RtlUnwind
DeleteCriticalSection
EncodePointer
DecodePointer
ExitProcess
GetModuleHandleExW
AreFileApisANSI
GetStartupInfoW
GetConsoleMode
ReadConsoleW
WriteFile
GetConsoleCP
SetStdHandle
IsValidCodePage
GetACP
GetProcAddress
GetCPInfo
SetLastError
RaiseException
GetProcessHeap
GetModuleFileNameA
GetModuleFileNameW
QueryPerformanceCounter
GetCurrentProcessId
GetEnvironmentStringsW
FreeEnvironmentStringsW
FlushFileBuffers
SetFilePointerEx
FindFirstFileExW
FindNextFileW
GetDriveTypeW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
InitializeCriticalSectionAndSpinCount
GetCurrentProcess
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetModuleHandleW
CreateDirectoryW
LoadLibraryExW
WriteConsoleW
GetStringTypeW
CompareStringW
LCMapStringW
OutputDebugStringW
GetFullPathNameW
GetCurrentDirectoryW
CreateFileW
SetEnvironmentVariableA
HeapSize
SetEndOfFile
FreeLibrary
Sleep
GetOEMCP
GetLastError
ReadConsoleInputA
SetConsoleMode
DeleteFileW
GetFileAttributesExW
SetFileAttributesW
RemoveDirectoryW

advapi32

RegOpenKeyExA
RegCloseKey
RegQueryValueExA

Sections

.text
Size: 745KB - Virtual size: 745KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 409KB - Virtual size: 409KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 317KB - Virtual size: 624KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

_RDATA
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 39KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
SKZI/win32/ccom.dll
.dll windows:6 windows x86 arch:x86

c7886172e6a39662ffb1324a04379c58

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetFullPathNameA
GetLogicalDrives
GetLastError
SetErrorMode
GetVolumeInformationA
CloseHandle
ReleaseMutex
WaitForSingleObject
CreateMutexA
FreeLibrary
GetProcAddress
LoadLibraryA
MultiByteToWideChar
WideCharToMultiByte
GetCurrentThreadId
Sleep
GetStdHandle
FlushConsoleInputBuffer
GetCommandLineA
FindClose
SystemTimeToTzSpecificLocalTime
FileTimeToSystemTime
GetSystemTimeAsFileTime
EnterCriticalSection
LeaveCriticalSection
IsDebuggerPresent
IsProcessorFeaturePresent
HeapFree
HeapAlloc
HeapReAlloc
ReadFile
FileTimeToLocalFileTime
GetFileInformationByHandle
GetFileType
PeekNamedPipe
GetLocalTime
GetTimeZoneInformation
RtlUnwind
EncodePointer
DecodePointer
GetConsoleMode
ReadConsoleW
SetStdHandle
WriteFile
GetConsoleCP
SetLastError
ExitProcess
GetModuleHandleExW
AreFileApisANSI
GetProcessHeap
GetDriveTypeA
GetStartupInfoW
QueryPerformanceCounter
GetCurrentProcessId
GetEnvironmentStringsW
FreeEnvironmentStringsW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
InitializeCriticalSectionAndSpinCount
GetCurrentProcess
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetModuleHandleW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
FindFirstFileExW
FindNextFileW
GetDriveTypeW
GetModuleFileNameW
FlushFileBuffers
SetFilePointerEx
CreateDirectoryW
WriteConsoleW
LoadLibraryExW
GetStringTypeW
CompareStringW
LCMapStringW
GetFullPathNameW
GetCurrentDirectoryW
CreateFileW
OutputDebugStringW
SetEnvironmentVariableA
RaiseException
HeapSize
SetEndOfFile
GetCurrentDirectoryA
DeleteCriticalSection
GetModuleFileNameA
ReadConsoleInputA
SetConsoleMode
DeleteFileW
GetFileAttributesExW
SetFileAttributesW
RemoveDirectoryW

advapi32

RegOpenKeyExA
RegCloseKey
RegQueryValueExA

Exports

Exports

BIO_free
BIO_open
BIO_read
BIO_write
BUFFER_clean
BUFFER_fill
BUFFER_free
BUFFER_new
CADB_access
CADB_by_dir
CADB_copy_file
CADB_erase_file
CADB_file_exists
CADB_file_size
CADB_is_dir
CADB_is_file
CADB_is_token
CADB_make_fname
CADB_mkdir
CADB_read_file
CADB_rmdir
CADB_token_get_id
CADB_token_get_label
CADB_token_inserted
CADB_write_file
CCLIB_check_environment
CCLIB_check_ram
CCLIB_display
CCLIB_display_byte
CCLIB_display_c
CCLIB_dump
CCLIB_dump_fp
CCLIB_invert
CCLIB_mem_clear_free
CCLIB_mem_free
CCOM_CRLFree
CCOM_CRLGetIssuer
CCOM_CRLGetIssuerEx
CCOM_CRLGetNextUpdate
CCOM_CRLGetNextUpdateEx
CCOM_CRLGetSignatureAlgorithm
CCOM_CRLGetSignatureAlgorithmEx
CCOM_CRLGetThisUpdate
CCOM_CRLGetThisUpdateEx
CCOM_CRLGetVersion
CCOM_CRLNew
CCOM_CRLRead
CCOM_CRLSetBuffer
CCOM_CRLSetPath
CCOM_CertificateFree
CCOM_CertificateGetEncoded
CCOM_CertificateGetEncodedEx
CCOM_CertificateGetIssuer
CCOM_CertificateGetIssuerEx
CCOM_CertificateGetKeyStrength
CCOM_CertificateGetNext
CCOM_CertificateGetNotAfter
CCOM_CertificateGetNotAfterEx
CCOM_CertificateGetNotBefore
CCOM_CertificateGetNotBeforeEx
CCOM_CertificateGetPrivateKeyPeriodNotAfter
CCOM_CertificateGetPrivateKeyPeriodNotAfterEx
CCOM_CertificateGetPrivateKeyPeriodNotBefore
CCOM_CertificateGetPrivateKeyPeriodNotBeforeEx
CCOM_CertificateGetPublicKey
CCOM_CertificateGetPublicKeyAlgorithm
CCOM_CertificateGetPublicKeyAlgorithmEx
CCOM_CertificateGetSerialNumber
CCOM_CertificateGetSerialNumberEx
CCOM_CertificateGetSignatureAlgorithm
CCOM_CertificateGetSignatureAlgorithmEx
CCOM_CertificateGetSubject
CCOM_CertificateGetSubjectEx
CCOM_CertificateGetVersion
CCOM_CertificateIsSelfSigned
CCOM_CertificateIsTrusted
CCOM_CertificateIsValid
CCOM_CertificateNew
CCOM_CertificateRead
CCOM_CertificateSetBuffer
CCOM_CertificateSetPath
CCOM_CertificateVerify
CCOM_CertificateVerifyGetError
CCOM_CipherClone
CCOM_CipherCloneMAC
CCOM_CipherCtrl
CCOM_CipherFinal
CCOM_CipherFinalMAC
CCOM_CipherFree
CCOM_CipherGetBlockLength
CCOM_CipherGetIVLength
CCOM_CipherGetKeyLength
CCOM_CipherGetMACLength
CCOM_CipherInit
CCOM_CipherInitDecrypt
CCOM_CipherInitEncrypt
CCOM_CipherInitMAC
CCOM_CipherNew
CCOM_CipherUpdate
CCOM_CipherUpdateMAC
CCOM_Close
CCOM_DigestClone
CCOM_DigestCtrl
CCOM_DigestFinal
CCOM_DigestFree
CCOM_DigestGetBlockLength
CCOM_DigestGetDigestLength
CCOM_DigestInit
CCOM_DigestNew
CCOM_DigestReset
CCOM_DigestUpdate
CCOM_Dump
CCOM_ErrorCheck
CCOM_ErrorClear
CCOM_ErrorGetString
CCOM_FileErase
CCOM_Free
CCOM_GetLastError
CCOM_GetLastTokenError
CCOM_GetVersion
CCOM_GetVersionMajor
CCOM_GetVersionMinor
CCOM_GetVersionRevision
CCOM_HMACClone
CCOM_HMACFinal
CCOM_HMACFree
CCOM_HMACGetBlockLength
CCOM_HMACGetHMACLength
CCOM_HMACInit
CCOM_HMACNew
CCOM_HMACReset
CCOM_HMACUpdate
CCOM_Init
CCOM_Inited
CCOM_IsKeyPair
CCOM_KeyAgreeComputeSharedSecret
CCOM_KeyAgreeCtrl
CCOM_KeyAgreeFree
CCOM_KeyAgreeGenerateKeyPair
CCOM_KeyAgreeGetPublicKey
CCOM_KeyAgreeNew
CCOM_KeyAgreeSetPeerPublicKey
CCOM_KeyAgreeSetPrivateKey
CCOM_KeyDerive
CCOM_KeyDeriveCtrl
CCOM_KeyDeriveFree
CCOM_KeyDeriveGenerateSecretKey
CCOM_KeyDeriveGetAvailable
CCOM_KeyDeriveGetIV
CCOM_KeyDeriveGetSecretKey
CCOM_KeyDeriveNew
CCOM_KeyPairFree
CCOM_KeyPairGenerate
CCOM_KeyPairGetPrivateKey
CCOM_KeyPairGetPublicKey
CCOM_KeyPairNew
CCOM_KeyPairSetPSE
CCOM_KeyUnwrap
CCOM_KeyWrap
CCOM_KeyWrapCtrl
CCOM_KeyWrapFree
CCOM_KeyWrapGetWrappedLength
CCOM_KeyWrapInit
CCOM_KeyWrapNew
CCOM_PSEErase
CCOM_PSEFree
CCOM_PSEGenerate
CCOM_PSEGetKEK
CCOM_PSEGetMasks
CCOM_PSEGetMkey
CCOM_PSEGetRand
CCOM_PSENew
CCOM_PSERead
CCOM_PSESetDeviceCallback
CCOM_PSESetKEK
CCOM_PSESetKEKPath
CCOM_PSESetLockCallback
CCOM_PSESetMasks
CCOM_PSESetMasksPath
CCOM_PSESetMkey
CCOM_PSESetMkeyPath
CCOM_PSESetPassword
CCOM_PSESetPasswordCallback
CCOM_PSESetPath
CCOM_PSESetRand
CCOM_PSESetRandCallback
CCOM_PSESetRandPath
CCOM_PSESetSbox
CCOM_PSEWrite
CCOM_PrivateKeyFree
CCOM_PrivateKeyGetAlgorithm
CCOM_PrivateKeyGetEncoded
CCOM_PrivateKeyGetParameters
CCOM_PrivateKeyGetPublicKey
CCOM_PrivateKeyNew
CCOM_PrivateKeyRead
CCOM_PrivateKeyReadRaw
CCOM_PrivateKeySetEncoded
CCOM_PrivateKeySetPSE
CCOM_PrivateKeySetPassword
CCOM_PrivateKeySetPasswordCallback
CCOM_PrivateKeySetPath
CCOM_PrivateKeyWrite
CCOM_PrivateKeyWriteRaw
CCOM_PublicKeyFree
CCOM_PublicKeyGetAlgorithm
CCOM_PublicKeyGetEncoded
CCOM_PublicKeyGetParameters
CCOM_PublicKeyNew
CCOM_PublicKeyRead
CCOM_PublicKeyReadCertificate
CCOM_PublicKeyReadRaw
CCOM_PublicKeySetEncoded
CCOM_PublicKeySetPath
CCOM_PublicKeyWrite
CCOM_PublicKeyWriteRaw
CCOM_RandomBytes
CCOM_RandomClose
CCOM_RandomGetType
CCOM_RandomInit
CCOM_RandomInited
CCOM_SECRET_KEY_available
CCOM_SECRET_KEY_comp
CCOM_SECRET_KEY_dup
CCOM_SECRET_KEY_free
CCOM_SECRET_KEY_get
CCOM_SECRET_KEY_init
CCOM_SECRET_KEY_pull_out
CCOM_SECRET_KEY_read
CCOM_SecretKeyFree
CCOM_SecretKeyGenerate
CCOM_SecretKeyGetLength
CCOM_SecretKeyRandomBytes
CCOM_SelfTest
CCOM_SetInputEncoding
CCOM_SetLastError
CCOM_SetLastTokenError
CCOM_SetOutputEncoding
CCOM_SignCtrl
CCOM_SignDigest
CCOM_SignFinal
CCOM_SignFree
CCOM_SignGetDigestAlgorithm
CCOM_SignGetSignatureLength
CCOM_SignInit
CCOM_SignNew
CCOM_SignSetDigestAlgorithm
CCOM_SignUpdate
CCOM_TokenSetPasswordCallback
CCOM_VerifyCtrl
CCOM_VerifyCtxAddCA
CCOM_VerifyCtxAddCRL
CCOM_VerifyCtxAddTrustedCA
CCOM_VerifyCtxFree
CCOM_VerifyCtxGetFlags
CCOM_VerifyCtxNew
CCOM_VerifyCtxSetFlags
CCOM_VerifyDigest
CCOM_VerifyFinal
CCOM_VerifyFree
CCOM_VerifyGetDigestAlgorithm
CCOM_VerifyGetSignatureLength
CCOM_VerifyInit
CCOM_VerifyNew
CCOM_VerifySetDigestAlgorithm
CCOM_VerifyUpdate
CCOM_get_locked_mem_functions
CCOM_get_mem_functions
CCOM_set_leaks_file
CCOM_set_leaks_fp
CCOM_set_locked_mem_functions
CCOM_set_mem_functions
CCOM_set_memove_functions
CRYPTO_add_lock
CRYPTO_get_add_lock_callback
CRYPTO_get_id_callback
CRYPTO_get_lock_name
CRYPTO_get_locked_mem_functions
CRYPTO_get_locking_callback
CRYPTO_get_mem_functions
CRYPTO_get_new_lockid
CRYPTO_lock
CRYPTO_num_locks
CRYPTO_set_add_lock_callback
CRYPTO_set_id_callback
CRYPTO_set_locked_mem_functions
CRYPTO_set_locking_callback
CRYPTO_set_mem_functions
CRYPTO_set_memove_functions
CRYPTO_thread_id
ERR_get_errors
ERR_get_last_error
ERR_print_errors_file
ERR_print_errors_fp
ERR_remove_state
ERR_set_last_error
RAND_cleanup
RAND_crand
RAND_set_rand_method
RAND_set_stat_tests
is_etsdk
is_ibutton
is_iksdk
is_rutoken

Sections

.text
Size: 893KB - Virtual size: 892KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 422KB - Virtual size: 421KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 320KB - Virtual size: 627KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

_RDATA
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
SKZI/win32/ccom.dll.sig
SKZI/win32/scbrng.dll
.dll windows:6 windows x86 arch:x86

f56357f72543e445b615e1353e70efde

Code Sign

48:1b:6a:07:a9:42:4c:1e:aa:fe:f3:cd:f1:0f
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

15/06/2016, 00:00

Not After

15/06/2024, 00:00

Subject

CN=GlobalSign Extended Validation CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageOCSPSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

07:02:50:2a:72:fd:f8:9f:c2:79:13:35
Certificate

Issuer

CN=GlobalSign Extended Validation CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Not Before

23/03/2020, 06:46

Not After

24/03/2023, 06:46

Subject

SERIALNUMBER=1027700239863,CN=SIGNAL-COM Joint-Stock Company,OU=IT,O=SIGNAL-COM Joint-Stock Company,STREET=Krutitskaya emb.\, 23,L=Moscow,ST=Moscow,C=RU,1.2.840.113549.1.9.1=#0c147369676e616c407369676e616c2d636f6d2e7275,1.3.6.1.4.1.311.60.2.1.2=#13064d6f73636f77,1.3.6.1.4.1.311.60.2.1.3=#13025255,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02/05/2019, 00:00

Not After

18/01/2038, 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

90:39:7f:9a:d2:4a:3a:13:f2:bd:91:5f:08:38:a9:43
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

11/05/2022, 00:00

Not After

10/08/2033, 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #3,O=Sectigo Limited,ST=Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

e7:f3:20:00:2a:9d:13:5d:70:fd:53:48:e5:2c:13:36:23:39:b7:7c
Signer

Actual PE Digest

e7:f3:20:00:2a:9d:13:5d:70:fd:53:48:e5:2c:13:36:23:39:b7:7c

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

user32

GetRawInputDeviceInfoA
SystemParametersInfoW
SystemParametersInfoA
DrawTextW
SetFocus
GetDlgItem
EndDialog
DialogBoxIndirectParamW
PostMessageW
KillTimer
SetTimer
PostThreadMessageW
UnregisterDeviceNotification
RegisterDeviceNotificationW
GetMessageW
RegisterRawInputDevices
CreateIconIndirect
LoadCursorW
SetCursorPos
SetWindowRgn
CreateIconFromResource
GetParent
SetWindowLongW
PtInRect
GetWindowTextLengthW
GetWindowTextW
SetWindowTextW
RemovePropW
SetPropW
SetForegroundWindow
GetFocus
SetWindowPos
SetLayeredWindowAttributes
ShowWindow
DestroyWindow
CreateWindowExW
RegisterClassW
SendMessageW
TrackMouseEvent
EnumDisplayMonitors
GetMonitorInfoW
EnumDisplayDevicesW
EnumDisplaySettingsW
GetRawInputDeviceList
ReleaseDC
GetDC
MapVirtualKeyW
ToUnicode
GetKeyboardState
GetKeyboardLayout
TranslateMessage
IsClipboardFormatAvailable
EmptyClipboard
GetClipboardData
SetClipboardData
GetClipboardSequenceNumber
CloseClipboard
OpenClipboard
GetDoubleClickTime
GetRawInputData
DestroyIcon
LoadIconW
GetWindowLongW
IsRectEmpty
ClipCursor
WindowFromPoint
ScreenToClient
ClientToScreen
GetClipCursor
GetCursorPos
SetCursor
AdjustWindowRectEx
GetWindowRect
GetClientRect
GetPropW
ValidateRect
InvalidateRect
GetUpdateRect
GetMenu
GetSystemMetrics
GetAsyncKeyState
GetKeyState
IsIconic
IsWindowVisible
GetClassInfoExW
RegisterClassExW
UnregisterClassW
CallWindowProcW
DefWindowProcW
GetMessageExtraInfo
PeekMessageW
DispatchMessageW
MessageBoxA
MsgWaitForMultipleObjects
PeekMessageA
DispatchMessageA
ChangeDisplaySettingsExW

gdi32

DeleteDC
DeleteObject
SelectObject
GetTextMetricsW
GetTextExtentPoint32A
CreateFontIndirectW
BitBlt
SwapBuffers
SetPixelFormat
GetPixelFormat
DescribePixelFormat
ChoosePixelFormat
CreateBitmap
CreateRectRgn
CombineRgn
SetDeviceGammaRamp
GetDeviceGammaRamp
GetDIBits
GetDeviceCaps
CreateDCW
CreateCompatibleBitmap
CreateDIBSection
CreateCompatibleDC

winmm

timeBeginPeriod
timeEndPeriod
timeGetTime

imm32

ImmReleaseContext
ImmAssociateContext
ImmGetIMEFileNameA
ImmSetCompositionStringW
ImmNotifyIME
ImmSetCompositionWindow
ImmGetCompositionStringW
ImmGetContext
ImmGetCandidateListW

ole32

CoCreateInstance
CoUninitialize
CoInitializeEx

oleaut32

SysFreeString

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

shell32

ShellExecuteW
DragQueryFileW
ExtractIconExW
SHGetFolderPathW
DragFinish
DragAcceptFiles

kernel32

GetLocaleInfoA
GetSystemPowerStatus
MulDiv
CompareStringA
GlobalLock
GlobalUnlock
GlobalAlloc
VerifyVersionInfoW
FormatMessageW
VerSetConditionMask
TlsSetValue
TlsGetValue
TlsAlloc
SetThreadPriority
GetCurrentThreadId
GetCurrentThread
CreateThread
RaiseException
IsDebuggerPresent
SetEnvironmentVariableA
GetEnvironmentVariableA
VirtualQuery
VirtualFree
VirtualAlloc
Sleep
CreateSemaphoreW
WaitForSingleObjectEx
ReleaseSemaphore
DeleteCriticalSection
TryEnterCriticalSection
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
EnterCriticalSection
MultiByteToWideChar
Process32First
CreateToolhelp32Snapshot
lstrcatW
LoadLibraryW
CreateDirectoryW
GetSystemInfo
GlobalMemoryStatusEx
TerminateProcess
ExitProcess
GetCurrentProcess
SetThreadExecutionState
GetModuleHandleW
GetModuleFileNameW
GetTickCount
SetErrorMode
SetFilePointerEx
SetFilePointer
HeapSize
EncodePointer
DecodePointer
SetLastError
CreateEventW
TlsFree
GetSystemTimeAsFileTime
CompareStringW
LCMapStringW
GetStringTypeW
GetCPInfo
SetEvent
ResetEvent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsProcessorFeaturePresent
GetStartupInfoW
GetCurrentProcessId
InitializeSListHead
RtlUnwind
InterlockedFlushSList
LoadLibraryExW
ExitThread
FreeLibraryAndExitThread
GetModuleHandleExW
HeapAlloc
HeapFree
SetStdHandle
GetProcessHeap
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetFileType
FlushFileBuffers
GetConsoleCP
SetEndOfFile
ReadConsoleW
HeapReAlloc
WideCharToMultiByte
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
ReadFile
GetFileSizeEx
CreateFileW
GetOEMCP
GetACP
IsValidCodePage
FindNextFileW
FindClose
Process32Next
WriteConsoleW
GetConsoleMode
AttachConsole
lstrlenW
lstrlenA
GetLastError
OutputDebugStringW
CloseHandle
QueryPerformanceCounter
QueryPerformanceFrequency
FreeLibrary
GetProcAddress
LoadLibraryA
GetStdHandle
WriteFile
FindFirstFileExW

Exports

Exports

_Java_ru_signalcom_crypto_rand_CirclesAbstractHandler_startNativeCatcher@12
circles_entropy_gathering_cb

Sections

.text
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 345KB - Virtual size: 345KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 17KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 50KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
SKZI/win64/ccom.dll
.dll windows:6 windows x64 arch:x64

c5f0af3bd841494af3dd55f03a006f12

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

kernel32

GetFullPathNameA
GetLogicalDrives
GetLastError
SetErrorMode
GetVolumeInformationA
CloseHandle
ReleaseMutex
WaitForSingleObject
CreateMutexA
FreeLibrary
GetProcAddress
LoadLibraryA
MultiByteToWideChar
WideCharToMultiByte
GetCurrentThreadId
Sleep
GetStdHandle
FlushConsoleInputBuffer
GetCommandLineA
FindClose
SystemTimeToTzSpecificLocalTime
FileTimeToSystemTime
GetSystemTimeAsFileTime
EnterCriticalSection
LeaveCriticalSection
IsDebuggerPresent
IsProcessorFeaturePresent
HeapFree
HeapAlloc
HeapReAlloc
ReadFile
FileTimeToLocalFileTime
GetFileInformationByHandle
GetFileType
PeekNamedPipe
GetLocalTime
GetTimeZoneInformation
RtlUnwindEx
EncodePointer
DecodePointer
GetConsoleMode
ReadConsoleW
SetStdHandle
WriteFile
GetConsoleCP
SetLastError
ExitProcess
GetModuleHandleExW
AreFileApisANSI
GetProcessHeap
DeleteCriticalSection
GetDriveTypeA
QueryPerformanceCounter
GetCurrentProcessId
GetEnvironmentStringsW
FreeEnvironmentStringsW
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
InitializeCriticalSectionAndSpinCount
GetCurrentProcess
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetModuleHandleW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
FindFirstFileExW
FindNextFileW
GetDriveTypeW
GetModuleFileNameW
FlushFileBuffers
SetFilePointerEx
CreateDirectoryW
WriteConsoleW
LoadLibraryExW
GetStringTypeW
CompareStringW
LCMapStringW
GetFullPathNameW
GetCurrentDirectoryW
CreateFileW
OutputDebugStringW
SetEnvironmentVariableA
RaiseException
HeapSize
SetEndOfFile
GetCurrentDirectoryA
GetStartupInfoW
GetModuleFileNameA
ReadConsoleInputA
SetConsoleMode
DeleteFileW
GetFileAttributesExW
SetFileAttributesW
RemoveDirectoryW

advapi32

RegOpenKeyExA
RegCloseKey
RegQueryValueExA

Exports

Exports

BIO_free
BIO_open
BIO_read
BIO_write
BUFFER_clean
BUFFER_fill
BUFFER_free
BUFFER_new
CADB_access
CADB_by_dir
CADB_copy_file
CADB_erase_file
CADB_file_exists
CADB_file_size
CADB_is_dir
CADB_is_file
CADB_is_token
CADB_make_fname
CADB_mkdir
CADB_read_file
CADB_rmdir
CADB_token_get_id
CADB_token_get_label
CADB_token_inserted
CADB_write_file
CCLIB_check_environment
CCLIB_check_ram
CCLIB_display
CCLIB_display_byte
CCLIB_display_c
CCLIB_dump
CCLIB_dump_fp
CCLIB_invert
CCLIB_mem_clear_free
CCLIB_mem_free
CCOM_CRLFree
CCOM_CRLGetIssuer
CCOM_CRLGetIssuerEx
CCOM_CRLGetNextUpdate
CCOM_CRLGetNextUpdateEx
CCOM_CRLGetSignatureAlgorithm
CCOM_CRLGetSignatureAlgorithmEx
CCOM_CRLGetThisUpdate
CCOM_CRLGetThisUpdateEx
CCOM_CRLGetVersion
CCOM_CRLNew
CCOM_CRLRead
CCOM_CRLSetBuffer
CCOM_CRLSetPath
CCOM_CertificateFree
CCOM_CertificateGetEncoded
CCOM_CertificateGetEncodedEx
CCOM_CertificateGetIssuer
CCOM_CertificateGetIssuerEx
CCOM_CertificateGetKeyStrength
CCOM_CertificateGetNext
CCOM_CertificateGetNotAfter
CCOM_CertificateGetNotAfterEx
CCOM_CertificateGetNotBefore
CCOM_CertificateGetNotBeforeEx
CCOM_CertificateGetPrivateKeyPeriodNotAfter
CCOM_CertificateGetPrivateKeyPeriodNotAfterEx
CCOM_CertificateGetPrivateKeyPeriodNotBefore
CCOM_CertificateGetPrivateKeyPeriodNotBeforeEx
CCOM_CertificateGetPublicKey
CCOM_CertificateGetPublicKeyAlgorithm
CCOM_CertificateGetPublicKeyAlgorithmEx
CCOM_CertificateGetSerialNumber
CCOM_CertificateGetSerialNumberEx
CCOM_CertificateGetSignatureAlgorithm
CCOM_CertificateGetSignatureAlgorithmEx
CCOM_CertificateGetSubject
CCOM_CertificateGetSubjectEx
CCOM_CertificateGetVersion
CCOM_CertificateIsSelfSigned
CCOM_CertificateIsTrusted
CCOM_CertificateIsValid
CCOM_CertificateNew
CCOM_CertificateRead
CCOM_CertificateSetBuffer
CCOM_CertificateSetPath
CCOM_CertificateVerify
CCOM_CertificateVerifyGetError
CCOM_CipherClone
CCOM_CipherCloneMAC
CCOM_CipherCtrl
CCOM_CipherFinal
CCOM_CipherFinalMAC
CCOM_CipherFree
CCOM_CipherGetBlockLength
CCOM_CipherGetIVLength
CCOM_CipherGetKeyLength
CCOM_CipherGetMACLength
CCOM_CipherInit
CCOM_CipherInitDecrypt
CCOM_CipherInitEncrypt
CCOM_CipherInitMAC
CCOM_CipherNew
CCOM_CipherUpdate
CCOM_CipherUpdateMAC
CCOM_Close
CCOM_DigestClone
CCOM_DigestCtrl
CCOM_DigestFinal
CCOM_DigestFree
CCOM_DigestGetBlockLength
CCOM_DigestGetDigestLength
CCOM_DigestInit
CCOM_DigestNew
CCOM_DigestReset
CCOM_DigestUpdate
CCOM_Dump
CCOM_ErrorCheck
CCOM_ErrorClear
CCOM_ErrorGetString
CCOM_FileErase
CCOM_Free
CCOM_GetLastError
CCOM_GetLastTokenError
CCOM_GetVersion
CCOM_GetVersionMajor
CCOM_GetVersionMinor
CCOM_GetVersionRevision
CCOM_HMACClone
CCOM_HMACFinal
CCOM_HMACFree
CCOM_HMACGetBlockLength
CCOM_HMACGetHMACLength
CCOM_HMACInit
CCOM_HMACNew
CCOM_HMACReset
CCOM_HMACUpdate
CCOM_Init
CCOM_Inited
CCOM_IsKeyPair
CCOM_KeyAgreeComputeSharedSecret
CCOM_KeyAgreeCtrl
CCOM_KeyAgreeFree
CCOM_KeyAgreeGenerateKeyPair
CCOM_KeyAgreeGetPublicKey
CCOM_KeyAgreeNew
CCOM_KeyAgreeSetPeerPublicKey
CCOM_KeyAgreeSetPrivateKey
CCOM_KeyDerive
CCOM_KeyDeriveCtrl
CCOM_KeyDeriveFree
CCOM_KeyDeriveGenerateSecretKey
CCOM_KeyDeriveGetAvailable
CCOM_KeyDeriveGetIV
CCOM_KeyDeriveGetSecretKey
CCOM_KeyDeriveNew
CCOM_KeyPairFree
CCOM_KeyPairGenerate
CCOM_KeyPairGetPrivateKey
CCOM_KeyPairGetPublicKey
CCOM_KeyPairNew
CCOM_KeyPairSetPSE
CCOM_KeyUnwrap
CCOM_KeyWrap
CCOM_KeyWrapCtrl
CCOM_KeyWrapFree
CCOM_KeyWrapGetWrappedLength
CCOM_KeyWrapInit
CCOM_KeyWrapNew
CCOM_PSEErase
CCOM_PSEFree
CCOM_PSEGenerate
CCOM_PSEGetKEK
CCOM_PSEGetMasks
CCOM_PSEGetMkey
CCOM_PSEGetRand
CCOM_PSENew
CCOM_PSERead
CCOM_PSESetDeviceCallback
CCOM_PSESetKEK
CCOM_PSESetKEKPath
CCOM_PSESetLockCallback
CCOM_PSESetMasks
CCOM_PSESetMasksPath
CCOM_PSESetMkey
CCOM_PSESetMkeyPath
CCOM_PSESetPassword
CCOM_PSESetPasswordCallback
CCOM_PSESetPath
CCOM_PSESetRand
CCOM_PSESetRandCallback
CCOM_PSESetRandPath
CCOM_PSESetSbox
CCOM_PSEWrite
CCOM_PrivateKeyFree
CCOM_PrivateKeyGetAlgorithm
CCOM_PrivateKeyGetEncoded
CCOM_PrivateKeyGetParameters
CCOM_PrivateKeyGetPublicKey
CCOM_PrivateKeyNew
CCOM_PrivateKeyRead
CCOM_PrivateKeyReadRaw
CCOM_PrivateKeySetEncoded
CCOM_PrivateKeySetPSE
CCOM_PrivateKeySetPassword
CCOM_PrivateKeySetPasswordCallback
CCOM_PrivateKeySetPath
CCOM_PrivateKeyWrite
CCOM_PrivateKeyWriteRaw
CCOM_PublicKeyFree
CCOM_PublicKeyGetAlgorithm
CCOM_PublicKeyGetEncoded
CCOM_PublicKeyGetParameters
CCOM_PublicKeyNew
CCOM_PublicKeyRead
CCOM_PublicKeyReadCertificate
CCOM_PublicKeyReadRaw
CCOM_PublicKeySetEncoded
CCOM_PublicKeySetPath
CCOM_PublicKeyWrite
CCOM_PublicKeyWriteRaw
CCOM_RandomBytes
CCOM_RandomClose
CCOM_RandomGetType
CCOM_RandomInit
CCOM_RandomInited
CCOM_SECRET_KEY_available
CCOM_SECRET_KEY_comp
CCOM_SECRET_KEY_dup
CCOM_SECRET_KEY_free
CCOM_SECRET_KEY_get
CCOM_SECRET_KEY_init
CCOM_SECRET_KEY_pull_out
CCOM_SECRET_KEY_read
CCOM_SecretKeyFree
CCOM_SecretKeyGenerate
CCOM_SecretKeyGetLength
CCOM_SecretKeyRandomBytes
CCOM_SelfTest
CCOM_SetInputEncoding
CCOM_SetLastError
CCOM_SetLastTokenError
CCOM_SetOutputEncoding
CCOM_SignCtrl
CCOM_SignDigest
CCOM_SignFinal
CCOM_SignFree
CCOM_SignGetDigestAlgorithm
CCOM_SignGetSignatureLength
CCOM_SignInit
CCOM_SignNew
CCOM_SignSetDigestAlgorithm
CCOM_SignUpdate
CCOM_TokenSetPasswordCallback
CCOM_VerifyCtrl
CCOM_VerifyCtxAddCA
CCOM_VerifyCtxAddCRL
CCOM_VerifyCtxAddTrustedCA
CCOM_VerifyCtxFree
CCOM_VerifyCtxGetFlags
CCOM_VerifyCtxNew
CCOM_VerifyCtxSetFlags
CCOM_VerifyDigest
CCOM_VerifyFinal
CCOM_VerifyFree
CCOM_VerifyGetDigestAlgorithm
CCOM_VerifyGetSignatureLength
CCOM_VerifyInit
CCOM_VerifyNew
CCOM_VerifySetDigestAlgorithm
CCOM_VerifyUpdate
CCOM_get_locked_mem_functions
CCOM_get_mem_functions
CCOM_set_leaks_file
CCOM_set_leaks_fp
CCOM_set_locked_mem_functions
CCOM_set_mem_functions
CCOM_set_memove_functions
CRYPTO_add_lock
CRYPTO_get_add_lock_callback
CRYPTO_get_id_callback
CRYPTO_get_lock_name
CRYPTO_get_locked_mem_functions
CRYPTO_get_locking_callback
CRYPTO_get_mem_functions
CRYPTO_get_new_lockid
CRYPTO_lock
CRYPTO_num_locks
CRYPTO_set_add_lock_callback
CRYPTO_set_id_callback
CRYPTO_set_locked_mem_functions
CRYPTO_set_locking_callback
CRYPTO_set_mem_functions
CRYPTO_set_memove_functions
CRYPTO_thread_id
ERR_get_errors
ERR_get_last_error
ERR_print_errors_file
ERR_print_errors_fp
ERR_remove_state
ERR_set_last_error
RAND_cleanup
RAND_crand
RAND_set_rand_method
RAND_set_stat_tests
is_etsdk
is_ibutton
is_iksdk
is_rutoken

Sections

.text
Size: 998KB - Virtual size: 997KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 464KB - Virtual size: 463KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 362KB - Virtual size: 672KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 55KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
SKZI/win64/ccom.dll.sig
SKZI/win64/scbrng.dll
.dll windows:6 windows x64 arch:x64

085dbcc32c91348c95c9b7e729e71a36

Code Sign

48:1b:6a:07:a9:42:4c:1e:aa:fe:f3:cd:f1:0f
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

15/06/2016, 00:00

Not After

15/06/2024, 00:00

Subject

CN=GlobalSign Extended Validation CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageOCSPSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

07:02:50:2a:72:fd:f8:9f:c2:79:13:35
Certificate

Issuer

CN=GlobalSign Extended Validation CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Not Before

23/03/2020, 06:46

Not After

24/03/2023, 06:46

Subject

SERIALNUMBER=1027700239863,CN=SIGNAL-COM Joint-Stock Company,OU=IT,O=SIGNAL-COM Joint-Stock Company,STREET=Krutitskaya emb.\, 23,L=Moscow,ST=Moscow,C=RU,1.2.840.113549.1.9.1=#0c147369676e616c407369676e616c2d636f6d2e7275,1.3.6.1.4.1.311.60.2.1.2=#13064d6f73636f77,1.3.6.1.4.1.311.60.2.1.3=#13025255,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02/05/2019, 00:00

Not After

18/01/2038, 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

90:39:7f:9a:d2:4a:3a:13:f2:bd:91:5f:08:38:a9:43
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

11/05/2022, 00:00

Not After

10/08/2033, 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #3,O=Sectigo Limited,ST=Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

88:47:bf:9d:bc:36:45:9e:56:89:24:50:86:5d:ad:25:ef:c3:92:86
Signer

Actual PE Digest

88:47:bf:9d:bc:36:45:9e:56:89:24:50:86:5d:ad:25:ef:c3:92:86

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

user32

MsgWaitForMultipleObjects
MessageBoxA
PeekMessageA
DispatchMessageA
DispatchMessageW
PeekMessageW
GetMessageExtraInfo
DefWindowProcW
CallWindowProcW
UnregisterClassW
RegisterClassExW
GetClassInfoExW
IsWindowVisible
GetRawInputDeviceList
GetRawInputDeviceInfoA
SystemParametersInfoW
SystemParametersInfoA
DrawTextW
SetFocus
GetDlgItem
EndDialog
DialogBoxIndirectParamW
PostMessageW
KillTimer
SetTimer
PostThreadMessageW
UnregisterDeviceNotification
RegisterDeviceNotificationW
GetMessageW
RegisterRawInputDevices
CreateIconIndirect
LoadCursorW
SetCursorPos
SetWindowRgn
CreateIconFromResource
GetParent
SetWindowLongPtrW
GetWindowLongPtrW
SetWindowLongW
PtInRect
GetWindowTextLengthW
GetWindowTextW
SetWindowTextW
RemovePropW
SetPropW
SetForegroundWindow
GetFocus
SetWindowPos
SetLayeredWindowAttributes
ShowWindow
DestroyWindow
CreateWindowExW
RegisterClassW
SendMessageW
TrackMouseEvent
EnumDisplayMonitors
GetMonitorInfoW
EnumDisplayDevicesW
EnumDisplaySettingsW
ChangeDisplaySettingsExW
ReleaseDC
GetDC
MapVirtualKeyW
ToUnicode
GetKeyboardState
GetKeyboardLayout
IsClipboardFormatAvailable
EmptyClipboard
GetClipboardData
SetClipboardData
GetClipboardSequenceNumber
CloseClipboard
OpenClipboard
GetDoubleClickTime
GetRawInputData
DestroyIcon
LoadIconW
GetWindowLongW
IsRectEmpty
ClipCursor
WindowFromPoint
ScreenToClient
ClientToScreen
GetClipCursor
GetCursorPos
SetCursor
AdjustWindowRectEx
GetWindowRect
GetClientRect
GetPropW
ValidateRect
InvalidateRect
GetUpdateRect
GetMenu
GetSystemMetrics
GetAsyncKeyState
GetKeyState
IsIconic
TranslateMessage

gdi32

CreateRectRgn
DeleteDC
DeleteObject
SelectObject
GetTextMetricsW
GetTextExtentPoint32A
CreateFontIndirectW
BitBlt
SwapBuffers
SetPixelFormat
GetPixelFormat
DescribePixelFormat
ChoosePixelFormat
CreateBitmap
CreateCompatibleDC
CombineRgn
SetDeviceGammaRamp
GetDeviceGammaRamp
GetDIBits
GetDeviceCaps
CreateDCW
CreateCompatibleBitmap
CreateDIBSection

winmm

timeEndPeriod
timeGetTime
timeBeginPeriod

imm32

ImmGetIMEFileNameA
ImmGetContext
ImmReleaseContext
ImmAssociateContext
ImmGetCompositionStringW
ImmSetCompositionStringW
ImmGetCandidateListW
ImmNotifyIME
ImmSetCompositionWindow

ole32

CoUninitialize
CoInitializeEx
CoCreateInstance

oleaut32

SysFreeString

version

GetFileVersionInfoSizeA
VerQueryValueA
GetFileVersionInfoA

shell32

ShellExecuteW
DragAcceptFiles
SHGetFolderPathW
ExtractIconExW
DragFinish
DragQueryFileW

kernel32

RtlLookupFunctionEntry
RtlCaptureContext
ResetEvent
SetEvent
GetCPInfo
GetStringTypeW
LCMapStringW
CompareStringW
GetSystemTimeAsFileTime
TlsFree
CreateEventW
SetLastError
DecodePointer
EncodePointer
MultiByteToWideChar
WideCharToMultiByte
AttachConsole
GetLocaleInfoA
GetSystemPowerStatus
MulDiv
CompareStringA
GlobalLock
GlobalUnlock
GlobalAlloc
VerifyVersionInfoW
FormatMessageW
RtlVirtualUnwind
TlsSetValue
TlsGetValue
TlsAlloc
SetThreadPriority
SetStdHandle
GetCurrentThread
CreateThread
RaiseException
IsDebuggerPresent
SetEnvironmentVariableA
GetEnvironmentVariableA
VirtualQuery
VirtualFree
VirtualAlloc
Sleep
CreateSemaphoreW
WaitForSingleObjectEx
ReleaseSemaphore
DeleteCriticalSection
TryEnterCriticalSection
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
EnterCriticalSection
Process32Next
Process32First
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsProcessorFeaturePresent
GetStartupInfoW
GetCurrentProcessId
InitializeSListHead
RtlPcToFileHeader
RtlUnwindEx
InterlockedFlushSList
LoadLibraryExW
ExitThread
FreeLibraryAndExitThread
GetModuleHandleExW
HeapAlloc
HeapFree
GetFileType
FlushFileBuffers
GetConsoleCP
ReadConsoleW
HeapReAlloc
FindClose
FindFirstFileExW
FindNextFileW
CreateToolhelp32Snapshot
lstrcatW
LoadLibraryW
CreateDirectoryW
IsValidCodePage
GetACP
GetOEMCP
GetCommandLineA
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableW
VerSetConditionMask
GetProcessHeap
GetSystemInfo
GlobalMemoryStatusEx
TerminateProcess
ExitProcess
lstrlenW
GetCurrentProcess
SetThreadExecutionState
GetModuleHandleW
GetModuleFileNameW
GetTickCount
HeapSize
SetEndOfFile
GetCurrentThreadId
SetErrorMode
SetFilePointerEx
SetFilePointer
ReadFile
GetFileSizeEx
CreateFileW
WriteConsoleW
CloseHandle
QueryPerformanceCounter
QueryPerformanceFrequency
FreeLibrary
GetProcAddress
LoadLibraryA
GetStdHandle
WriteFile
OutputDebugStringW
GetLastError
lstrlenA
GetConsoleMode

Exports

Exports

Java_ru_signalcom_crypto_rand_CirclesAbstractHandler_startNativeCatcher
circles_entropy_gathering_cb

Sections

.text
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 459KB - Virtual size: 458KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 27KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 80KB - Virtual size: 79KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
SKZI/Документация/MAC-токен БИФИТ/MAC-token_BIFIT_Guide.pdf
.pdf
- https://support.microsoft.com/en-us/help/2510190/complete-data-from-a-smartcard-that-supports-extended-apdu-cannot-be-retrieved-in-windows-7-or-in-windows-server-2008-r2
SKZI/Документация/MAC-токен БИФИТ/Паспорт MAC-Токен BIFIT_NEW.pdf
.pdf
- http://bifit.com
SKZI/Документация/USB-токен Ангара/2017-01-30_ПП_Исп8_v1.pdf
.pdf
SKZI/Документация/USB-токен Ангара/2017-01-30_ФО_Исп8_v1.pdf
.pdf
SKZI/Документация/USB-токен Ангара/MS_Key_K_ANGARA_Guide.pdf
.pdf
SKZI/Документация/Крипто-КОМ 3.5/SERT_KK_3_5.PDF
.pdf
SKZI/Документация/Крипто-КОМ 3.5/ccrandreg.3.PDF
.pdf
- https://csrc.nist.gov/projects/random-bit-generation/documentation-and-software
- https://csrc.nist.gov/projects/random-bit-generation/documentation-and-softwareen-US
SKZI/Документация/Крипто-КОМ 3.5/rush.2.PDF
.pdf
SKZI/Документация/Крипто-КОМ 3.5/wipe.4.PDF
.pdf
SKZI/Документация/Крипто-КОМ 3.5/СКЗИ Крипто-КОМ 3.5. Подсистема управления ключевой информацией. Общее описание.0.PDF
.pdf
SKZI/Документация/Крипто-КОМ 3.5/СКЗИ Крипто-КОМ 3.5. Правила пользования. 1.PDF
.pdf
SKZI/Документация/Крипто-КОМ 3.5/СКЗИ Крипто-КОМ 3.5. Формуляр. 5.PDF
.pdf

Resubmissions

Sharing

General

Malware Config

Signatures

Files

0e35f04a72979fd38fc76c8d717a8ec1

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

advapi32

Sections

.text Size: 611KB - Virtual size: 611KB

.rdata Size: 407KB - Virtual size: 407KB

.data Size: 77KB - Virtual size: 384KB

_RDATA Size: 512B - Virtual size: 32B

.rsrc Size: 512B - Virtual size: 480B

.reloc Size: 36KB - Virtual size: 35KB

be57174b573f32e8a883decc57d65d8d

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

advapi32

Sections

.text Size: 745KB - Virtual size: 745KB

.rdata Size: 409KB - Virtual size: 409KB

.data Size: 317KB - Virtual size: 625KB

_RDATA Size: 512B - Virtual size: 32B

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 39KB - Virtual size: 38KB

65b84cce7684d2ca539008618e7c7bd7

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

advapi32

Sections

.text Size: 745KB - Virtual size: 745KB

.rdata Size: 409KB - Virtual size: 409KB

.data Size: 317KB - Virtual size: 624KB

_RDATA Size: 512B - Virtual size: 32B

.rsrc Size: 512B - Virtual size: 480B

.reloc Size: 39KB - Virtual size: 38KB

c7886172e6a39662ffb1324a04379c58

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

advapi32

Exports

Exports

Sections

.text Size: 893KB - Virtual size: 892KB

.rdata Size: 422KB - Virtual size: 421KB

.data Size: 320KB - Virtual size: 627KB

_RDATA Size: 512B - Virtual size: 32B

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 44KB - Virtual size: 43KB

f56357f72543e445b615e1353e70efde

Code Sign

48:1b:6a:07:a9:42:4c:1e:aa:fe:f3:cd:f1:0fCertificate

Extended Key Usages

Key Usages

07:02:50:2a:72:fd:f8:9f:c2:79:13:35Certificate

Extended Key Usages

Key Usages

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9Certificate

Extended Key Usages

Key Usages

90:39:7f:9a:d2:4a:3a:13:f2:bd:91:5f:08:38:a9:43Certificate

Extended Key Usages

Key Usages

e7:f3:20:00:2a:9d:13:5d:70:fd:53:48:e5:2c:13:36:23:39:b7:7cSigner

Headers

.text
Size: 611KB - Virtual size: 611KB

.rdata
Size: 407KB - Virtual size: 407KB

.data
Size: 77KB - Virtual size: 384KB

_RDATA
Size: 512B - Virtual size: 32B

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 36KB - Virtual size: 35KB

.text
Size: 745KB - Virtual size: 745KB

.rdata
Size: 409KB - Virtual size: 409KB

.data
Size: 317KB - Virtual size: 625KB

_RDATA
Size: 512B - Virtual size: 32B

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 39KB - Virtual size: 38KB

.text
Size: 745KB - Virtual size: 745KB

.rdata
Size: 409KB - Virtual size: 409KB

.data
Size: 317KB - Virtual size: 624KB

_RDATA
Size: 512B - Virtual size: 32B

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 39KB - Virtual size: 38KB

.text
Size: 893KB - Virtual size: 892KB

.rdata
Size: 422KB - Virtual size: 421KB

.data
Size: 320KB - Virtual size: 627KB

_RDATA
Size: 512B - Virtual size: 32B

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 44KB - Virtual size: 43KB

48:1b:6a:07:a9:42:4c:1e:aa:fe:f3:cd:f1:0f
Certificate

07:02:50:2a:72:fd:f8:9f:c2:79:13:35
Certificate

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

90:39:7f:9a:d2:4a:3a:13:f2:bd:91:5f:08:38:a9:43
Certificate

e7:f3:20:00:2a:9d:13:5d:70:fd:53:48:e5:2c:13:36:23:39:b7:7c
Signer

.text
Size: 1.3MB - Virtual size: 1.3MB

.rdata
Size: 345KB - Virtual size: 345KB

.data
Size: 17KB - Virtual size: 33KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 50KB - Virtual size: 50KB

.text
Size: 998KB - Virtual size: 997KB

.rdata
Size: 464KB - Virtual size: 463KB

.data
Size: 362KB - Virtual size: 672KB

.pdata
Size: 55KB - Virtual size: 55KB

_RDATA
Size: 512B - Virtual size: 32B

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 14KB - Virtual size: 14KB

48:1b:6a:07:a9:42:4c:1e:aa:fe:f3:cd:f1:0f
Certificate

07:02:50:2a:72:fd:f8:9f:c2:79:13:35
Certificate

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

90:39:7f:9a:d2:4a:3a:13:f2:bd:91:5f:08:38:a9:43
Certificate

88:47:bf:9d:bc:36:45:9e:56:89:24:50:86:5d:ad:25:ef:c3:92:86
Signer

.text
Size: 1.4MB - Virtual size: 1.4MB

.rdata
Size: 459KB - Virtual size: 458KB