3cb3ee487c893bbc835892e2a10e0d89

Sharing

Copy URL

Twitter E-mail

General

Target

3cb3ee487c893bbc835892e2a10e0d89
Size

618KB
MD5

3cb3ee487c893bbc835892e2a10e0d89
SHA1

cbb8b419589f94cbbdfda120d0fe84ab438cf314
SHA256

14e693e6ccc07ac0d3c326bc3898b1de9043925ea2a078fcbcddbf8125cc2320
SHA512

b9c67aa4dc40b0108d91700516be4450c4280b49fea67c8d91b610e597f3cbda8ced4e57ec07321f913a04b46486dda7522c284e7b189a0093eb14f88f694f59
SSDEEP

12288:VwnwzwWdzkfGrCit5CI1jhywbuowPa3u4uc65Jv0q4n7ENhMs:Kwzw0CkIc9wS3u4g5JoEX

Score

1^/10

Malware Config

Signatures

Files

3cb3ee487c893bbc835892e2a10e0d89
.exe windows:4 windows x86 arch:x86

8d3eaa3fe3a08913f986000adfb11c3d

Code Sign

25:95:e9:af:2c:4d:1e:db:85:26:a0:0c:99:35:7f:23
Certificate

Issuer

CN=COMODO RSA Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

25-05-2015 00:00

Not After

24-05-2016 23:59

Subject

CN=Minimus,O=Minimus,POSTALCODE=236022,STREET=ul. Repina\, 46\, 12,L=Kaliningrad,ST=Kaliningrad Region,C=RU

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

88:04:10:83:51:a7:41:f8:76:3b:78:6a:46:0a:a0:01:36:10:55:26
Signer

Actual PE Digest

88:04:10:83:51:a7:41:f8:76:3b:78:6a:46:0a:a0:01:36:10:55:26

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

user32

DragObject
BringWindowToTop
EmptyClipboard
OemToCharW
RegisterDeviceNotificationW
SetClipboardData
WaitMessage
ToUnicode
MoveWindow
GetKeyState
SendMessageCallbackA
GetGuiResources
GetWindowTextLengthA
SetWindowPos
GetClientRect
IsCharUpperA
CreateMDIWindowA
LoadKeyboardLayoutA
GetMenuBarInfo
SetClassLongA
ShowWindowAsync
GetCapture
DrawTextExW
wsprintfA
IsMenu
GetKeyboardLayoutNameA
UnloadKeyboardLayout
LoadCursorFromFileA
AdjustWindowRectEx
SetMenuItemInfoA
DefFrameProcW
GetWindowThreadProcessId
MessageBoxTimeoutW
GetMessageA
EnumDisplaySettingsW
CopyAcceleratorTableA
GetClipboardFormatNameA
SubtractRect
SendMessageTimeoutW
OemToCharBuffW
RegisterClipboardFormatA
DrawIcon
SetMenuInfo
CreateCursor
ShowCaret
LoadStringA
LoadCursorW
SetClassLongW
GetTabbedTextExtentA
GetAncestor
UnhookWindowsHook
GetClassInfoExW
LoadCursorFromFileW
GetListBoxInfo
ShowOwnedPopups
EnumDesktopsW
DefDlgProcW
SystemParametersInfoA
DlgDirListW
SystemParametersInfoW
FindWindowW
MessageBoxTimeoutA
PeekMessageW
HideCaret
MessageBoxIndirectW
GetKeyboardLayoutNameW
CloseDesktop
GetUserObjectInformationW
ActivateKeyboardLayout
OpenInputDesktop
ModifyMenuW
PostThreadMessageW
GetKeyboardState
SetDlgItemTextW
GetMenuItemInfoA
RealGetWindowClassA
GetUpdateRgn
IsDialogMessageA
UnregisterHotKey
GetMonitorInfoW
GetWindowWord
GetCursorPos
FindWindowA
IsWindow
EqualRect
EnumThreadWindows
IsDlgButtonChecked
GetMessagePos
EnumDesktopsA
CreateDialogIndirectParamW
UpdateWindow
GetClipboardFormatNameW
BroadcastSystemMessageExW
InsertMenuA
BroadcastSystemMessageExA
GetSystemMetrics
TranslateMessageEx
GetScrollInfo
GetMessageTime
MessageBoxW
IsCharAlphaNumericW
OpenWindowStationW
SetCaretPos
GetWindowTextW
SetWindowWord

kernel32

SetFileApisToANSI
CreateProcessA
lstrcmpiW
SetErrorMode
ReplaceFile
IsBadStringPtrA
AddAtomW
EnumResourceNamesA
HeapReAlloc
GetCalendarInfoW
FindFirstFileExW
SetFileShortNameA
VerLanguageNameA
SetFileApisToOEM
ClearCommError
CloseProfileUserMapping
CancelIo
GetLargestConsoleWindowSize
SetComputerNameW
CreateDirectoryW
GetPrivateProfileIntW
WinExec
GetThreadContext
GetFileInformationByHandle
ReadConsoleOutputCharacterW
GetModuleHandleExA
GetConsoleCursorInfo
GetPrivateProfileStringW
ClearCommBreak
GetEnvironmentStrings
RemoveDirectoryW
WaitNamedPipeA
GetStringTypeExW
SetEnvironmentVariableW
LZInit
CompareStringW
Heap32First
BuildCommDCBAndTimeoutsA
CreateProcessInternalA
FileTimeToLocalFileTime
WriteConsoleOutputW
ScrollConsoleScreenBufferW
OpenEventA
FindClose
GetDiskFreeSpaceExW
ConnectNamedPipe
EnumSystemLanguageGroupsW
WaitForSingleObject
CreateTimerQueue
MapUserPhysicalPages
GetOEMCP
GetProfileIntW
FlushConsoleInputBuffer
GetNamedPipeHandleStateW
GetThreadSelectorEntry
LocalSize
GetStringTypeW
GetTimeFormatW
CreateFileW
GetProcessTimes
ConvertDefaultLocale
GetConsoleKeyboardLayoutNameW
PulseEvent
FindFirstVolumeMountPointA
lstrcpyn
lstrcpyA
QueryDosDeviceA
ExpandEnvironmentStringsA
WaitForMultipleObjectsEx
GetConsoleFontInfo
GetDriveTypeW
GetTimeZoneInformation
FindFirstChangeNotificationW
GetACP
GetLastError
ConvertDefaultLocale
VirtualQuery
LoadLibraryA
GetCurrentProcessId
GetModuleFileNameW
GetModuleHandleA
LoadLibraryA
LocalAlloc
LocalFree
GetModuleFileNameA
ExitProcess

comdlg32

FindTextA
PageSetupDlgA
ChooseFontA

shell32

ShellExec_RunDLL
InternalExtractIconListW

Exports

Exports

'ht-�q�r�~��뇢��v�(�{�0ayA a��a�*j��@2'�.?"��}��ݒ��,Ч�o�W��!��M�C�M��枖�0ǍL�!!�w�ź�š��DjDl�=rmF�F�B��{�؛��!��y�Fn ��w )7DZ�+�42��x�?�&��`C�78do�p�yF��wx��T��J�x�[��X=��>�-#�)"�W��?gcx��hk�p�1]�O�]�;�ϏϚ,q��v~�v��,��۲��D{䜨NN�P�)W>X�B�3y��O@�\�y��x�Ʉ7mju;�� 2�]R��t��n��6�`e��_|�Z�U��d��Ï��ؓ%�pY�� sqP��?�`��M��Ct9�N�x��u��.](Sw�4@S��.��h;�+�X�c췫��l��m1��'��8�34��Ԍ)��q��*��ˁ�?��d�B��Fe�fr��rt�kY��~�-��Ԟ��[�C��q��-~ &�l��mxj�`<�?� �lpH�< y�G�*�g��d�9�[��&�m��z9�%��!��~a��p%�:��w��Y�U��δ��o�,��EZў�huw^5p�魟��Y�n��>��~�TФ Ԯ民7?s��֫�4�� uLcH�44��[��%�F-ث� ~M9�{�o��8��z��4?�^��Fnko�Ҍ�}Q ��S@��Д\��hERI��U��DMeT�l�؟��pZh�v�K��JN��Nkǻ��<W��$��r��kQ@�ØF 15G�5m��i�Φ� ��4�kBOnZ9��9��=�8MD��&LN0�\ɶ d�d�cD ��-��t�s�`7�R�_�� ɛ��wؿܹ!�z~4ky/իQ��h��j�\1��5Y�ʰE2�g�צ��f�9�JH��V��O׋��h�֣�l�|�@��h0G�0��m��]�?W@<�s�-՞��6� ��_PG��Ή��3y��!��u!�My��,[�D�>H��0�S��ўfp��v�nLH�NZ�n.�/�i3*��d��R�b_��=I�uU�e�x�c�M�#�17��ӆ��p��T�X>(�\ Cg7F'io�II�Ç��b��_�:観x/g>� `6�~h��h��2��L�0��f� C"�`�`�/[��SIR3�ЇiZ�.��F�_w�s�)Y�=�Ho�)��G'��=��f��@��MP7 ��=��[H�$�^��t��5�ň@�.��r��հ<��e��mS�,��4d4ǂ��A�v��R�hm�}�$�.�P��s�V��P�ڃ��Ä��O�V].f�!�SY=eˎԯ�7��K�?H�ޚ��9j��}�]�'H$M�~��*{��:�$s�r|Umf�.Q�Opy�Л`V��`��1m��N[#'�m�G�cKi��E��P�?��檈2�͙c6`��:�W�+�P��>�QO Ԅ ��gx�� j�W��Cn�J��@n��5�� d��9�(&�3^�+�G��Hz��x'52�A��f�c�3KuCB7=��J�|`��eА��꠵�� k:k��b%�u��O�Pz??�}��2��R�j�.�(u�԰��bNgr~RӣmeW��ڕӿ�m��=��rn�VI�� v��@C�a�L(�s�2T~��#�,59�س[ ��K��EK�^b�T�zx�߁��w#�Ɛ%��5��g��&��&��\�#��s��)�l]��W�SJ1��FaÈ�Ђ��ʙ�bG��T�k��Ál�5��!��mog�.-j^��<@/��H�(��0�I�u�Hj��r��o��P�G2�Y8&��bWO77�d��18о��E��ܫ%d��R3p��`��B.��(V �r0:r�d�,��i,<I[��J��T�i��]� ^*�n'�:榾J��3�_��P�T��e��V �e 4��5�� A&�_'��Qߪ�p0)'Iϫ��/8��9��<(�gth�ՙ�Ɍ�S[��KS9(��X��ٵ ��Ǳ�ƈ�B_��ao�J��1n�wЊ�6�U��8�pK)��,��/� �Pi�G�� z�{��I'T�˭�p4��zM6'��r�\� �%��.��/A��'G�B#��>�a) �/��Z��a�\��#X�~~�zx4��!��!��;�-�ܘ�.��IjiU��_uv|��_�Lu#��]�5��4�R,y��iZ�D�Ά��좂��N��D/�%R%�[��C��mF|o� ��W�_��!'��٣� ⷙ�2R� IE>/4��:|r�k!d�3��^�ȃ�J�$��(�ЕAe��+��~D��o=//?H��rƑT\��?kd��5�}9 � ]�#��>"�Z{�� ~ X�p��-$�_��x?F_��HW��ӊ!c�]�;�L��oѩ��ħb��$�&�oG�蘫j�ep��L6�z��@�~�j��a�|z��7 �T��# ��Ef��-�G�� ;uM0&��&��6i�@��\Bmet��-�H� ��S}�P'��3��{嫒C��/�S`j��KHc�*p��ߖ�PG�]`q m[Uޱ��è��ߗ��@W�\|!�tS��[�p� ��7ѝx��\݆�@2�zq&?6�q��K��<�^�E� �%��|?T�%@�}�8�PD>`��cp��4�JS�y݆ߕ1��t \3(s��7��+f��{M��}��a�)�p��%�b� �!��j��

Sections

CODE
Size: 441KB - Virtual size: 440KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 821B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text0
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text1
Size: 71KB - Virtual size: 70KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 53KB - Virtual size: 53KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8d3eaa3fe3a08913f986000adfb11c3d

Code Sign

25:95:e9:af:2c:4d:1e:db:85:26:a0:0c:99:35:7f:23Certificate

Extended Key Usages

Key Usages

88:04:10:83:51:a7:41:f8:76:3b:78:6a:46:0a:a0:01:36:10:55:26Signer

Headers

File Characteristics

Imports

user32

kernel32

comdlg32

shell32

Exports

Exports

Sections

CODE Size: 441KB - Virtual size: 440KB

DATA Size: 19KB - Virtual size: 18KB

BSS Size: - Virtual size: 821B

.idata Size: 5KB - Virtual size: 4KB

.text0 Size: 19KB - Virtual size: 19KB

.tls Size: 512B - Virtual size: 24B

.text1 Size: 71KB - Virtual size: 70KB

.reloc Size: 6KB - Virtual size: 5KB

.rsrc Size: 53KB - Virtual size: 53KB

25:95:e9:af:2c:4d:1e:db:85:26:a0:0c:99:35:7f:23
Certificate

88:04:10:83:51:a7:41:f8:76:3b:78:6a:46:0a:a0:01:36:10:55:26
Signer

CODE
Size: 441KB - Virtual size: 440KB

DATA
Size: 19KB - Virtual size: 18KB

BSS
Size: - Virtual size: 821B

.idata
Size: 5KB - Virtual size: 4KB

.text0
Size: 19KB - Virtual size: 19KB

.tls
Size: 512B - Virtual size: 24B

.text1
Size: 71KB - Virtual size: 70KB

.reloc
Size: 6KB - Virtual size: 5KB

.rsrc
Size: 53KB - Virtual size: 53KB