f721aaaa075ac8d89d661a3e35c510b9

Sharing

Copy URL

Twitter E-mail

General

Target

f721aaaa075ac8d89d661a3e35c510b9
Size

596KB
MD5

f721aaaa075ac8d89d661a3e35c510b9
SHA1

043579d2037795af01dd7b6ea8ad38ceccc3f0ef
SHA256

2040dc94db1d445d2e9abaab2468edaf4dc97dbceb6d1be24ab7613ddb1b9c5f
SHA512

fbe9141d73f8a4ebaec1e2eaf14b99f31eef90f4d2d70e3893081a64a1ee898706572638f5da46650df7da06853ddc20d8406d70d1783cfa1fac1fcc700286a2
SSDEEP

12288:iiIZnlZN6aKaZ3Ija+f05qkFvyy+Aot68dWbA3V7D:IZnlOvaZ3R+0v6Pt68dWGV7D

Score

1^/10

Malware Config

Signatures

Files

f721aaaa075ac8d89d661a3e35c510b9
.exe windows:4 windows x86 arch:x86

6ccbb37149bc2278c966a2f3f769a4ea

Code Sign

2e:7c:87:cc:0e:93:4a:52:fe:94:fd:1c:b7:cd:34:af
Certificate

Issuer

CN=COMODO RSA Certification Authority,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

09-05-2013 00:00

Not After

08-05-2028 23:59

Subject

CN=COMODO RSA Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

27:66:ee:56:eb:49:f3:8e:ab:d7:70:a2:fc:84:de:22
Certificate

Issuer

CN=AddTrust External CA Root,OU=AddTrust External TTP Network,O=AddTrust AB,C=SE

Not Before

30-05-2000 10:48

Not After

30-05-2020 10:48

Subject

CN=COMODO RSA Certification Authority,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

01
Certificate

Issuer

CN=AddTrust External CA Root,OU=AddTrust External TTP Network,O=AddTrust AB,C=SE

Not Before

30-05-2000 10:48

Not After

30-05-2020 10:48

Subject

CN=AddTrust External CA Root,OU=AddTrust External TTP Network,O=AddTrust AB,C=SE

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

9c:39:5a:86:d9:1d:a6:3b:ac:9c:ef:69:4a:77:2b:43
Certificate

Issuer

CN=COMODO RSA Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

20-05-2015 00:00

Not After

19-05-2016 23:59

Subject

CN=PKK OOO,O=PKK OOO,POSTALCODE=241037,STREET=103 ul.Krasnoarmeiskaya,L=Bryansk,ST=Bryansk Region,C=RU

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

a0:98:99:2c:a4:24:74:d8:7d:f0:9c:fa:06:b5:22:05:5b:ee:32:34
Signer

Actual PE Digest

a0:98:99:2c:a4:24:74:d8:7d:f0:9c:fa:06:b5:22:05:5b:ee:32:34

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

user32

ArrangeIconicWindows
SetWindowWord
PostMessageW
ScrollWindow
SetRectEmpty
CharNextA
RegisterClipboardFormatA
IsDialogMessage
PostQuitMessage
SetSystemCursor
DispatchMessageA
CreateMDIWindowW
LoadAcceleratorsA
CharToOemW
SetUserObjectInformationA
AdjustWindowRectEx
CharToOemA
SwitchDesktop
ToAsciiEx
GetMessageW
CascadeWindows
CreateDialogParamA
SetClipboardData
CreatePopupMenu
GetAncestor
DeleteMenu
ModifyMenuW
SendMessageCallbackW
InsertMenuW
FrameRect
GetMenuStringW
GetDesktopWindow
GetScrollBarInfo
BroadcastSystemMessageW
GetWindowDC
GetAsyncKeyState
CloseClipboard
SendMessageW
GetMessagePos
SetWindowTextW
EnumDesktopsW
MenuItemFromPoint
SetMenuDefaultItem
EnumPropsExA
GetTitleBarInfo
EnableScrollBar
GetKeyboardState
SetWindowsHookW
GetWindowThreadProcessId
OpenDesktopW
RegisterClipboardFormatW
ReleaseDC
CreateIcon
CopyRect
GetActiveWindow
GetLastInputInfo
SetWindowPlacement
GetMenuDefaultItem
GetListBoxInfo
ChangeMenuW
SendDlgItemMessageA
MonitorFromWindow
SetClassWord
GetClassWord
SendMessageTimeoutW
TranslateMessageEx
DrawStateW
CallWindowProcW
DestroyMenu
OpenDesktopA
TranslateAcceleratorW
IsMenu
GetTabbedTextExtentA
SetSystemMenu
GetMonitorInfoW
AlignRects
GetClipboardViewer
ShowScrollBar
MessageBoxA
DrawIconEx
EnumDisplaySettingsW
EnumPropsA
GetPropA
GetWindowContextHelpId
SetPropA
CharUpperA
FillRect
DrawMenuBarTemp
OffsetRect
IsWindowEnabled
SendNotifyMessageA
LoadKeyboardLayoutA
CreateMDIWindowA
DialogBoxIndirectParamA
GetUpdateRect
ShowWindowAsync
CreateIconFromResourceEx
DispatchMessageW
GetThreadDesktop
ValidateRgn
SetForegroundWindow
CharPrevExA
SystemParametersInfoA
ChangeDisplaySettingsW
DrawStateA
SetDlgItemTextA
DragObject
GetUserObjectInformationA
ActivateKeyboardLayout
IsDialogMessageW
SetPropW
RegisterClassExW
EndDialog
CharNextW
DrawTextA
RedrawWindow
DialogBoxParamA
GetMenuStringA
GetMouseMovePointsEx
GetMenuItemInfoA
IsWindowVisible
MenuWindowProcW
SubtractRect
InsertMenuA
LoadCursorFromFileA
LoadStringW
LoadIconA
DrawFrame
TileWindows
SetDebugErrorLevel
GetComboBoxInfo
ChildWindowFromPoint
ShowOwnedPopups
DestroyIcon
GetProgmanWindow
SetActiveWindow
GetClipboardData
ClipCursor
SetThreadDesktop
wsprintfW
SendInput
TabbedTextOutW
FindWindowW
GetWindowTextLengthW
CheckMenuItem
FindWindowExW
WaitMessage
DefWindowProcW
IsCharAlphaA
SetCursorPos
CharUpperBuffW
SetClassLongW
CloseDesktop
SetMenuInfo
SetWindowTextA
BeginPaint
ScreenToClient
GetRawInputDeviceInfoA
MapVirtualKeyA
GetInputState
SetLayeredWindowAttributes
DefDlgProcW
InflateRect
DrawAnimatedRects
EnumDisplaySettingsExW
CascadeChildWindows
CheckRadioButton
GetMenuItemID
KillTimer
ShowCursor
SetCapture
ChangeMenuA
GetUserObjectInformationW
GetWindowTextW
DestroyCursor
GetClipboardOwner
PrivateExtractIconExA
GetWindowInfo
UpdateLayeredWindow
DestroyAcceleratorTable
IsCharAlphaW
UnregisterDeviceNotification
CopyAcceleratorTableA
SetProgmanWindow
CopyAcceleratorTableW
DrawTextExW
PtInRect
CreateIconIndirect
EnumClipboardFormats
LoadImageW
GetDlgItemTextW
DefFrameProcA
BringWindowToTop
SetRect
CreateDialogIndirectParamA
GetSystemMenu
RegisterWindowMessageA
CreateCaret
IsWindowUnicode
EnumDesktopsA
EmptyClipboard
UpdateWindow
GetClassInfoExA
GetAltTabInfoW
GetDC
GetWindowTextA
CharUpperW
IsCharUpperA
ScrollChildren
IsZoomed
wsprintfA
FlashWindow
FindWindowA
DlgDirListA
LoadMenuIndirectA
CallMsgFilterW
GetWindowRgnBox
SetScrollInfo
InvertRect
SetFocus
SetMenuItemInfoW
ReleaseCapture
GetMenuItemInfoW
GetWindowModuleFileNameA
LoadKeyboardLayoutW
IsIconic
DlgDirSelectExA
SetInternalWindowPos
MessageBoxTimeoutW
GetFocus
AdjustWindowRect
InsertMenuItemA

shlwapi

PathRemoveBlanksA
StrTrimA
UrlIsNoHistoryW
SHRegQueryInfoUSKeyW
SHCopyKeyA

ole32

IsValidInterface
CoGetApartmentID
OleRegEnumVerbs
CoGetInterceptor
OleCreateLinkToFile

comdlg32

ReplaceTextW
PageSetupDlgW
ChooseColorA
GetFileTitleA

oleaut32

SafeArraySetIID
VarR8FromR4
VarCyFromUI2
SafeArrayDestroyData

winspool.drv

SetPrinterA

advapi32

StartTraceW

gdi32

CombineTransform
GetStringBitmapA
GetGlyphOutlineWow

ws2_32

WSAStringToAddressA
WSAEnumProtocolsA
WSAAsyncSelect
WSAInstallServiceClassA
WSAGetServiceClassNameByClassIdA

comctl32

CreateStatusWindowW
PropertySheet
FlatSB_GetScrollInfo
ImageList_SetDragCursorImage
ImageList_Destroy
ImageList_Read
InitCommonControls

kernel32

GetCurrentThreadId
GetVersion
LoadLibraryExA
GetTickCount
GetModuleFileNameW
GetModuleHandleA
LoadLibraryA
LocalAlloc
LocalFree
GetModuleFileNameA
ExitProcess

Exports

Exports

[�̊(?��~a[T��9�^9k�P߶��fP�Y��/ q�f��Cɍ�ȷ�8��/l��擄mJJ�ע��AT�6�>��+K�mQ��ȡ� ��M�w+1��,�y2W�o�R��xg"�P��F��ζ��J,X�ܓ�� $�*o�"� Gݛ'�-��c�;1wmR�z�fཱི�xRm��+s ��ea��`1)�Y�Y��l��l��B�_/��r:��}�� ,i%�7g,։kU f��O��D[��|U(�!��Ѧg_NP0��2e�<@�5��d��*��X��Z��i��|Zx�*jQ� ��x*x�4sF-��b�!�<~�X�n-#!F��u�� g[\�_�=�%��t��$��Fu>[��q@��i+��/��h��j�D](�1<�26L�4 DFj��sCz^Y��^�D�� !ܳ�-��>�* �g�VO�ٍ�xfJ)��2k��Q ��U��Rq��t��SڰH��c�F��^�f:��H�c+N�E8n�Q�K�h#�P��Z��3��u[��%9�hE�<R��(��B��p�V$��^��oO��I�9��Ŝ��n=��M�薲�!!��'v�j��l��lO��ʬ{&��rd�}a��6��>Y��Y�q:��ȃ�|b2��JQ��-�T['�J��:��b$�63��n)*}�s�\��8��aJ�/�"��`�sʩQ˟<��/I;_1(��EM�(�~0��f��#L��Q!K��0y�W��v@-Y�)��H�'�;C�/P�ؿ �& �zT��O��G��RIP�&Mt!%��Ϛ?VU��sqHօF;�[ו��Eev��qB�[��J�� d%�Z��ƒ�!��NL�0��6�^A�a�>�a��IY��'&��%��d��-c��w3�^#j�S<l6�a��U�o3�w9�� !��q��Er��CM�O��І�Р�~І� 3�R��Jǻ�(�dM��\�*��4+I��{e)� ��6��1��}�>R��E(e��R��X��z�܀��?�}I��l��*��:h]�ܹ��I��@��*�EUGJ��;,5,B��8��HD�pa��<�e��k��(��U��%^v\k��a�1�k��kbj D��pF{�Q�"��ۭ��MO�]`saL��%h�:�~Rৱ0��T�_�@\lgj+>TJAG��& �L y`ʛW�4��h�휥z𒘯}��A�d��>��$4�Dn��;X�n��Q^��3��`�]ê�Wmq�A�$��r��"qB�g��X��c��~秢�甸��B4��1��y��@��iD�� XٔS�żA��v�D��[�Te��_1��N��(��t'��J>Cu,o7Z�߶�i܋�� G��g�Հx�4��l\}F`��ՕA$��\c1�b��w��ڥ�9g1bO��3բ�n��u@��6l�=��ɯy�,�!�m�9s��Q"�� .! ��{l �,��c�D� m�g�A�� /��S��^��6�F��OB�F��C��d3��+h��as�8��Zx,Y#<Z�jٴ��q�@f㡱dJU'łoݜ"�P�D�>�Y��f�qLW:7��N�7��AC��:��2�7��,'*Rh2�4�k��d}Z]�ZU�ӺXН�6y�v�%4��N�uFI$bw`��Ԝ>��+Z�&��a{��&�t�T��`'�o��r�b��0�b��h$��_U�P��0.��m��^��ØG��˽�{w��GTIZ�H�RB��?'\`��5�ҳ��BdG�x�o��h��U1+˝^��|��pdSw��xCaLp쓢!:�&��t��i#��g0Z�L��ja"��L��vt蠩~B��f�cD)��M=��ڸ�*��w�,�?�y|��4��(�q��Zn|�1'h�6�;m��#�a�jB�}A��|֫��j��P�ҟt��K��A+��<s`C�1��=��(�^P��|�e�=@�VSC_ 9z��N��|چSOV&`��;�V#C\�z�z~̸1&�;T�.��ҩ�B'�� +E�ֿq�|~�K�b#��v��3DQ\�ą�7��Wy*�Е[��V��Ȗ�G��zy��a��%��1�t!1C�Up�כF;�8J[<�g <TM��tKS�'��R��@�� 4+�YXQ:@��;�ǥ��T�H��;��i��W��8$J,��OlZ�<9�!˭i��71��%� ʻ�Zw��X��a�i�� cbO��,�a��eM%p��}v�w��Q�;0�3��B-M�]u�(�L�K]]%�z��v0��֏� �WI Q�9�e��N��X��0A� �\_�Ah��@J0��~ϻ(�� '(��T�|Rt�"g��?=2��R��t��\��"��\��/��8��1��~��T�]��R��0˷o��BF�|��f��M<��d��b<Fp��R`� -��B��ϛj��\��v�f2�j�E(5��6v-��6 �.�2�� .<�1��s�z��DG�?��U)��&�}�l C�5��e�C��􇴻��;oт�v2��Rª\��%� b��,A��h�v@7�-��+f�%p��h�GB?�O��>�N�AeGe1䷥k0E�x��w��4��@c.Veۉ�<�/S��z��Q@*}xX�CY�e�C=�ˢ�)6�9��!��uO��[|lm{��q3ÿ*��V��p�*b�3�I��t��:��n��涧�걂k�ib��jS��Ƒ��k$��

Sections

CODE
Size: 441KB - Virtual size: 444KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 18KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text0
Size: 15KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text1
Size: 67KB - Virtual size: 68KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 35KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6ccbb37149bc2278c966a2f3f769a4ea

Code Sign

2e:7c:87:cc:0e:93:4a:52:fe:94:fd:1c:b7:cd:34:afCertificate

Extended Key Usages

Key Usages

27:66:ee:56:eb:49:f3:8e:ab:d7:70:a2:fc:84:de:22Certificate

Key Usages

01Certificate

Key Usages

9c:39:5a:86:d9:1d:a6:3b:ac:9c:ef:69:4a:77:2b:43Certificate

Extended Key Usages

Key Usages

a0:98:99:2c:a4:24:74:d8:7d:f0:9c:fa:06:b5:22:05:5b:ee:32:34Signer

Headers

File Characteristics

Imports

user32

shlwapi

ole32

comdlg32

oleaut32

winspool.drv

advapi32

gdi32

ws2_32

comctl32

kernel32

Exports

Exports

Sections

CODE Size: 441KB - Virtual size: 444KB

DATA Size: 18KB - Virtual size: 24KB

.idata Size: 6KB - Virtual size: 8KB

.text0 Size: 15KB - Virtual size: 16KB

.tls Size: 512B - Virtual size: 4KB

.text1 Size: 67KB - Virtual size: 68KB

.reloc Size: 5KB - Virtual size: 8KB

.rsrc Size: 35KB - Virtual size: 34KB

2e:7c:87:cc:0e:93:4a:52:fe:94:fd:1c:b7:cd:34:af
Certificate

27:66:ee:56:eb:49:f3:8e:ab:d7:70:a2:fc:84:de:22
Certificate

01
Certificate

9c:39:5a:86:d9:1d:a6:3b:ac:9c:ef:69:4a:77:2b:43
Certificate

a0:98:99:2c:a4:24:74:d8:7d:f0:9c:fa:06:b5:22:05:5b:ee:32:34
Signer

CODE
Size: 441KB - Virtual size: 444KB

DATA
Size: 18KB - Virtual size: 24KB

.idata
Size: 6KB - Virtual size: 8KB

.text0
Size: 15KB - Virtual size: 16KB

.tls
Size: 512B - Virtual size: 4KB

.text1
Size: 67KB - Virtual size: 68KB

.reloc
Size: 5KB - Virtual size: 8KB

.rsrc
Size: 35KB - Virtual size: 34KB