13fdc0936bdaf9ea16a835a8613c93d7

Sharing

Copy URL

Twitter E-mail

General

Target

13fdc0936bdaf9ea16a835a8613c93d7
Size

548KB
MD5

13fdc0936bdaf9ea16a835a8613c93d7
SHA1

4fd41b82775b3634c8596d54411e468d7518874c
SHA256

7f004fc9647c3b093cf2d6570eebafefc9065c25e807087c181dea67eb8929c0
SHA512

9bcea57659f7161bf69e2e96996802c7cb05b993c0f1fa1d216b5e315069b13390bc54af1c491c366a2f0dd101d078cb7b8ecba251e19abab5397c399c1c79f2
SSDEEP

12288:K9ZJDlqLndany+hsvKBnBV6E0MVmlCbWArAmu:K7JDmndanBh1nWaVm8bWr3

Score

1^/10

Malware Config

Signatures

Files

13fdc0936bdaf9ea16a835a8613c93d7
.exe windows:4 windows x86 arch:x86

e256e54c50f73d8feb8ade8c896bbe93

Code Sign

10:70:9d:4f:f5:54:08:d7:30:60:01:d8:ea:91:75:bb
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

24/08/2011, 00:00

Not After

30/05/2020, 10:48

Subject

CN=COMODO Code Signing CA 2,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

44:be:0c:8b:50:00:24:b4:11:d3:36:2d:e0:b3:5f:1b
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

09/07/1999, 18:31

Not After

09/07/2019, 18:40

Subject

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment
KeyUsageCertSign
KeyUsageCRLSign

e4:28:e5:15:10:5d:c0:bf:7b:1f:c4:38:42:3f:e8:cf
Certificate

Issuer

CN=COMODO Code Signing CA 2,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

20/11/2014, 00:00

Not After

20/11/2015, 23:59

Subject

CN=Computer-service OOO,O=Computer-service OOO,POSTALCODE=188320,STREET=Area Gatchina\, 36,L=Kommunar,ST=Leningradskaya oblast,C=RU

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

37:07:d1:6d:b6:43:01:96:eb:e3:8f:a6:4e:95:53:8a:61:58:f1:88
Signer

Actual PE Digest

37:07:d1:6d:b6:43:01:96:eb:e3:8f:a6:4e:95:53:8a:61:58:f1:88

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTickCount
Sleep
VirtualFree
GetProcessHeap
SetThreadPriority
GetProcAddress
OpenEventW
GetModuleHandleA
LCMapStringA
GetSystemInfo
VirtualProtect
GetLocaleInfoA
RaiseException
FlushFileBuffers
HeapSize
LocalLock
VirtualAllocEx
VirtualAlloc
SetStdHandle
SetFilePointer
ExitProcess
GetStartupInfoA
GetCommandLineA
GetVersionExA
TerminateProcess
GetCurrentProcess
QueryPerformanceCounter
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
GetModuleFileNameA
WriteFile
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetLastError
GetEnvironmentStringsW
SetHandleCount
GetFileType
HeapDestroy
HeapCreate
HeapFree
CloseHandle
CreateFileA
HeapAlloc
GetStringTypeA
MultiByteToWideChar
GetStringTypeW
LoadLibraryA
RtlUnwind
InterlockedExchange
VirtualQuery
GetACP
GetOEMCP
GetCPInfo
HeapReAlloc
SetEndOfFile
ReadFile
LCMapStringW

user32

DestroyWindow
ShowWindow
LoadImageA
LoadBitmapA
GetDC
PostMessageA

gdi32

RestoreDC
SelectObject
CreateCompatibleDC

secur32

SetContextAttributesW

Sections

.text
Size: 36KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 472KB - Virtual size: 475KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e256e54c50f73d8feb8ade8c896bbe93

Code Sign

10:70:9d:4f:f5:54:08:d7:30:60:01:d8:ea:91:75:bbCertificate

Extended Key Usages

Key Usages

44:be:0c:8b:50:00:24:b4:11:d3:36:2d:e0:b3:5f:1bCertificate

Extended Key Usages

Key Usages

e4:28:e5:15:10:5d:c0:bf:7b:1f:c4:38:42:3f:e8:cfCertificate

Extended Key Usages

Key Usages

37:07:d1:6d:b6:43:01:96:eb:e3:8f:a6:4e:95:53:8a:61:58:f1:88Signer

Headers

File Characteristics

Imports

kernel32

user32

gdi32

secur32

Sections

.text Size: 36KB - Virtual size: 32KB

.rdata Size: 24KB - Virtual size: 22KB

.data Size: 472KB - Virtual size: 475KB

.rsrc Size: 8KB - Virtual size: 7KB

10:70:9d:4f:f5:54:08:d7:30:60:01:d8:ea:91:75:bb
Certificate

44:be:0c:8b:50:00:24:b4:11:d3:36:2d:e0:b3:5f:1b
Certificate

e4:28:e5:15:10:5d:c0:bf:7b:1f:c4:38:42:3f:e8:cf
Certificate

37:07:d1:6d:b6:43:01:96:eb:e3:8f:a6:4e:95:53:8a:61:58:f1:88
Signer

.text
Size: 36KB - Virtual size: 32KB

.rdata
Size: 24KB - Virtual size: 22KB

.data
Size: 472KB - Virtual size: 475KB

.rsrc
Size: 8KB - Virtual size: 7KB