76fd308e3b00d0c8c0ab63b2c0163e81

Sharing

Copy URL

Twitter E-mail

General

Target

76fd308e3b00d0c8c0ab63b2c0163e81
Size

681KB
MD5

76fd308e3b00d0c8c0ab63b2c0163e81
SHA1

8313cf98c95cd15b99026a3e0d98c831b1e58a05
SHA256

22fc9592cd6347b675a4b7787e3e202f75544ce63eecbaec934b1abab9d42304
SHA512

3c8370251f1e956ab1d6b5cd3ce961a9e28f65d3de1491525d5e4f74e0a127ae1ff5699a6b10e7c5920e603a9a1cce4453b1d775f31d7613fd21d9b4bbfbfb0b
SSDEEP

12288:NmPBi672nTZtB5uxb7K0XMO4UmtBLYIk+FU:NlR7vaMvvk+FU

Score

1^/10

Malware Config

Signatures

Files

76fd308e3b00d0c8c0ab63b2c0163e81
.exe windows:4 windows x86 arch:x86

7e85430d3c19bd02d67e2653c29e89c3

Code Sign

2e:7c:87:cc:0e:93:4a:52:fe:94:fd:1c:b7:cd:34:af
Certificate

Issuer

CN=COMODO RSA Certification Authority,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

09-05-2013 00:00

Not After

08-05-2028 23:59

Subject

CN=COMODO RSA Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

27:66:ee:56:eb:49:f3:8e:ab:d7:70:a2:fc:84:de:22
Certificate

Issuer

CN=AddTrust External CA Root,OU=AddTrust External TTP Network,O=AddTrust AB,C=SE

Not Before

30-05-2000 10:48

Not After

30-05-2020 10:48

Subject

CN=COMODO RSA Certification Authority,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

01
Certificate

Issuer

CN=AddTrust External CA Root,OU=AddTrust External TTP Network,O=AddTrust AB,C=SE

Not Before

30-05-2000 10:48

Not After

30-05-2020 10:48

Subject

CN=AddTrust External CA Root,OU=AddTrust External TTP Network,O=AddTrust AB,C=SE

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

81:b9:12:c7:b2:e2:52:f9:f5:7d:ec:fa:ae:e1:52:c5
Certificate

Issuer

CN=COMODO RSA Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

05-06-2015 00:00

Not After

04-06-2016 23:59

Subject

CN=PROSTOR,O=PROSTOR,POSTALCODE=614000,STREET=ul. Ekaterininskaya 96,L=Perm,ST=Perm region,C=RU

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

2d:f5:83:e1:28:b6:29:6e:1c:fa:c4:0b:89:98:8e:51:7f:8f:58:09
Signer

Actual PE Digest

2d:f5:83:e1:28:b6:29:6e:1c:fa:c4:0b:89:98:8e:51:7f:8f:58:09

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

user32

CharUpperA
GetClipboardData
GetDialogBaseUnits
GetMenuItemID
GetSubMenu
CallNextHookEx
ToAsciiEx
GetSysColorBrush
IsCharAlphaA
GetClipCursor
CreateMDIWindowA
CreateIconFromResourceEx
CallMsgFilterW
MenuItemFromPoint
UnionRect
TranslateAcceleratorW
LoadMenuW
GetMenuDefaultItem
SetPropA
GetUserObjectInformationW
DlgDirListA
AllowForegroundActivation
ShowWindowAsync
PrivateExtractIconsW
IsCharAlphaW
SetProgmanWindow
GetLastActivePopup
UnhookWindowsHook
GetUserObjectInformationA
SetMenuItemBitmaps
CheckMenuItem
GetWindowInfo
DefWindowProcW
OpenInputDesktop
EnumWindowStationsW
DefFrameProcA
SetWindowWord
SetWindowsHookA
EndTask
GetSystemMetrics
MonitorFromRect
GetMouseMovePointsEx
SetMenuItemInfoW
OpenDesktopA
MapVirtualKeyA
UpdateLayeredWindow
GetSystemMenu
CreateDialogIndirectParamA
DragObject
DefDlgProcA
GetClipboardViewer
RegisterDeviceNotificationW
CharNextExA
DrawEdge
GetGUIThreadInfo
DrawStateW
SetWindowsHookExA
GetTabbedTextExtentA
CharPrevExA
GetPropW
RegisterClipboardFormatW
WinHelpW
AnimateWindow
DrawMenuBar
GetClientRect
CopyRect
LoadMenuA
SetUserObjectInformationA
GetShellWindow
GetDCEx
DrawTextW
FindWindowExA
GetForegroundWindow
GetCaretPos
BroadcastSystemMessageA
EnableMenuItem
PostQuitMessage
SetScrollRange
ChangeMenuW
EnumDisplayMonitors
ModifyMenuW
CopyAcceleratorTableA
GetWindowTextW
CharLowerBuffW
DestroyMenu
LoadCursorFromFileA
LoadCursorFromFileW
LoadBitmapW
TrackMouseEvent
EnumDisplaySettingsW
CharToOemA
InvalidateRect
SetWindowPos
SetCursorContents
EnumDesktopsA
GetWindowTextLengthA
LockWorkStation
CheckDlgButton
CallWindowProcW
GetMenuItemInfoA
CloseClipboard
DrawAnimatedRects
GetMonitorInfoA
DrawTextExW
wvsprintfA
GetAsyncKeyState
CharLowerW
FindWindowExW
SetMenu
GetRawInputDeviceInfoA
GetWindowPlacement
IsCharAlphaNumericW
SendDlgItemMessageW
OemKeyScan
SendDlgItemMessageA
OemToCharA
ActivateKeyboardLayout
SetKeyboardState
OffsetRect
FindWindowW
GetKeyboardState
CharToOemW
PrivateExtractIconsA
SetWindowsHookW
PeekMessageA
SetDoubleClickTime
EqualRect
GetMessageW
GetScrollBarInfo
RemovePropA
ChangeDisplaySettingsExW
GetWindowTextA
CreateAcceleratorTableA
CreatePopupMenu
SetCursor
GetClipboardFormatNameW
GetScrollInfo
SendMessageCallbackA
GetInternalWindowPos
GetTabbedTextExtentW
GetClassLongA
InsertMenuItemA
ShowCursor
CloseWindowStation
UnregisterDeviceNotification
InflateRect
SetFocus
GetAncestor
LoadAcceleratorsW
DlgDirListW
ShowOwnedPopups
GetMenuItemInfoW
GetKeyNameTextA
GetUserObjectSecurity
GetClassLongW
PostThreadMessageW
FindWindowA
GetKeyState
wsprintfW
SetWindowLongW
FrameRect
SetDlgItemTextA
GetWindowLongA
DrawTextW

comdlg32

ReplaceTextA
PageSetupDlgA
PageSetupDlgW
WantArrows
ChooseFontW
dwLBSubclass
CommDlgExtendedError
GetFileTitleA
ReplaceTextW
PrintDlgW
GetFileTitleW
FindTextA
PrintDlgA

oleaut32

VarI1FromUI1
VarCmp
SetVarConversionLocaleSetting
VarDateFromUI4
VarFormat
SysAllocString
VarDecFromR8
VarDateFromI8
VarFormatPercent

gdi32

GdiConvertAndCheckDC
GdiGetLocalBrush
PlgBlt
GdiCreateLocalMetaFilePict
GetFontResourceInfoW
SetICMProfileW
SetDCBrushColor
ResetDCA
RemoveFontResourceA
ResizePalette
EngMarkBandingSurface

comctl32

ImageList_EndDrag
ImageList_Merge
ImageList_Read
ImageList_DrawEx
CreatePropertySheetPageA
PropertySheetW
CreateStatusWindowA
UninitializeFlatSB
PropertySheet
InitCommonControlsEx
ImageList_DragShowNolock
ImageList_GetImageCount

kernel32

ConvertDefaultLocale
GetProcessHeap
GetVersion
LoadLibraryExA
GetModuleFileNameW
GetModuleHandleA
LoadLibraryA
LocalAlloc
LocalFree
GetModuleFileNameA
ExitProcess

Sections

CODE
Size: 447KB - Virtual size: 448KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 13KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 15KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text0
Size: 17KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text1
Size: 74KB - Virtual size: 76KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 7KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 99KB - Virtual size: 99KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7e85430d3c19bd02d67e2653c29e89c3

Code Sign

2e:7c:87:cc:0e:93:4a:52:fe:94:fd:1c:b7:cd:34:afCertificate

Extended Key Usages

Key Usages

27:66:ee:56:eb:49:f3:8e:ab:d7:70:a2:fc:84:de:22Certificate

Key Usages

01Certificate

Key Usages

81:b9:12:c7:b2:e2:52:f9:f5:7d:ec:fa:ae:e1:52:c5Certificate

Extended Key Usages

Key Usages

2d:f5:83:e1:28:b6:29:6e:1c:fa:c4:0b:89:98:8e:51:7f:8f:58:09Signer

Headers

File Characteristics

Imports

user32

comdlg32

oleaut32

gdi32

comctl32

kernel32

Sections

CODE Size: 447KB - Virtual size: 448KB

DATA Size: 13KB - Virtual size: 20KB

.idata Size: 15KB - Virtual size: 16KB

.text0 Size: 17KB - Virtual size: 20KB

.tls Size: 512B - Virtual size: 4KB

.text1 Size: 74KB - Virtual size: 76KB

.reloc Size: 7KB - Virtual size: 8KB

.rsrc Size: 99KB - Virtual size: 99KB

2e:7c:87:cc:0e:93:4a:52:fe:94:fd:1c:b7:cd:34:af
Certificate

27:66:ee:56:eb:49:f3:8e:ab:d7:70:a2:fc:84:de:22
Certificate

01
Certificate

81:b9:12:c7:b2:e2:52:f9:f5:7d:ec:fa:ae:e1:52:c5
Certificate

2d:f5:83:e1:28:b6:29:6e:1c:fa:c4:0b:89:98:8e:51:7f:8f:58:09
Signer

CODE
Size: 447KB - Virtual size: 448KB

DATA
Size: 13KB - Virtual size: 20KB

.idata
Size: 15KB - Virtual size: 16KB

.text0
Size: 17KB - Virtual size: 20KB

.tls
Size: 512B - Virtual size: 4KB

.text1
Size: 74KB - Virtual size: 76KB

.reloc
Size: 7KB - Virtual size: 8KB

.rsrc
Size: 99KB - Virtual size: 99KB