014469a5a26318acc4d4000e78395439

Sharing

Copy URL

Twitter E-mail

General

Target

014469a5a26318acc4d4000e78395439
Size

618KB
MD5

014469a5a26318acc4d4000e78395439
SHA1

43c6315661f162095786961a79c171cd3e32603f
SHA256

06d8a1125af3635f4a951e2752313e1d18a912e446e8d6a6d19a7270d97fc1ce
SHA512

79ee8c0075797dcfe049ff2a1487b386a234db16e1b03f7edd3fc3614d556c9a3794ae6ef78eaf653dce833341b5699c0be17caf5370ba07a32a5bbb412764f1
SSDEEP

12288:VwqCW0Bn5vh5E79ywG8eTzp3u4uFx5Jv0q4n7ENhM6:VpwnJAJRgzp3u4Q5JoE9

Score

1^/10

Malware Config

Signatures

Files

014469a5a26318acc4d4000e78395439
.exe windows:4 windows x86 arch:x86

8d3eaa3fe3a08913f986000adfb11c3d

Code Sign

25:95:e9:af:2c:4d:1e:db:85:26:a0:0c:99:35:7f:23
Certificate

Issuer

CN=COMODO RSA Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

25-05-2015 00:00

Not After

24-05-2016 23:59

Subject

CN=Minimus,O=Minimus,POSTALCODE=236022,STREET=ul. Repina\, 46\, 12,L=Kaliningrad,ST=Kaliningrad Region,C=RU

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

29:6b:1c:91:3a:36:c3:aa:10:1a:ab:eb:ab:a9:80:b1:bf:93:df:44
Signer

Actual PE Digest

29:6b:1c:91:3a:36:c3:aa:10:1a:ab:eb:ab:a9:80:b1:bf:93:df:44

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

user32

DragObject
BringWindowToTop
EmptyClipboard
OemToCharW
RegisterDeviceNotificationW
SetClipboardData
WaitMessage
ToUnicode
MoveWindow
GetKeyState
SendMessageCallbackA
GetGuiResources
GetWindowTextLengthA
SetWindowPos
GetClientRect
IsCharUpperA
CreateMDIWindowA
LoadKeyboardLayoutA
GetMenuBarInfo
SetClassLongA
ShowWindowAsync
GetCapture
DrawTextExW
wsprintfA
IsMenu
GetKeyboardLayoutNameA
UnloadKeyboardLayout
LoadCursorFromFileA
AdjustWindowRectEx
SetMenuItemInfoA
DefFrameProcW
GetWindowThreadProcessId
MessageBoxTimeoutW
GetMessageA
EnumDisplaySettingsW
CopyAcceleratorTableA
GetClipboardFormatNameA
SubtractRect
SendMessageTimeoutW
OemToCharBuffW
RegisterClipboardFormatA
DrawIcon
SetMenuInfo
CreateCursor
ShowCaret
LoadStringA
LoadCursorW
SetClassLongW
GetTabbedTextExtentA
GetAncestor
UnhookWindowsHook
GetClassInfoExW
LoadCursorFromFileW
GetListBoxInfo
ShowOwnedPopups
EnumDesktopsW
DefDlgProcW
SystemParametersInfoA
DlgDirListW
SystemParametersInfoW
FindWindowW
MessageBoxTimeoutA
PeekMessageW
HideCaret
MessageBoxIndirectW
GetKeyboardLayoutNameW
CloseDesktop
GetUserObjectInformationW
ActivateKeyboardLayout
OpenInputDesktop
ModifyMenuW
PostThreadMessageW
GetKeyboardState
SetDlgItemTextW
GetMenuItemInfoA
RealGetWindowClassA
GetUpdateRgn
IsDialogMessageA
UnregisterHotKey
GetMonitorInfoW
GetWindowWord
GetCursorPos
FindWindowA
IsWindow
EqualRect
EnumThreadWindows
IsDlgButtonChecked
GetMessagePos
EnumDesktopsA
CreateDialogIndirectParamW
UpdateWindow
GetClipboardFormatNameW
BroadcastSystemMessageExW
InsertMenuA
BroadcastSystemMessageExA
GetSystemMetrics
TranslateMessageEx
GetScrollInfo
GetMessageTime
MessageBoxW
IsCharAlphaNumericW
OpenWindowStationW
SetCaretPos
GetWindowTextW
SetWindowWord

kernel32

SetFileApisToANSI
CreateProcessA
lstrcmpiW
SetErrorMode
ReplaceFile
IsBadStringPtrA
AddAtomW
EnumResourceNamesA
HeapReAlloc
GetCalendarInfoW
FindFirstFileExW
SetFileShortNameA
VerLanguageNameA
SetFileApisToOEM
ClearCommError
CloseProfileUserMapping
CancelIo
GetLargestConsoleWindowSize
SetComputerNameW
CreateDirectoryW
GetPrivateProfileIntW
WinExec
GetThreadContext
GetFileInformationByHandle
ReadConsoleOutputCharacterW
GetModuleHandleExA
GetConsoleCursorInfo
GetPrivateProfileStringW
ClearCommBreak
GetEnvironmentStrings
RemoveDirectoryW
WaitNamedPipeA
GetStringTypeExW
SetEnvironmentVariableW
LZInit
CompareStringW
Heap32First
BuildCommDCBAndTimeoutsA
CreateProcessInternalA
FileTimeToLocalFileTime
WriteConsoleOutputW
ScrollConsoleScreenBufferW
OpenEventA
FindClose
GetDiskFreeSpaceExW
ConnectNamedPipe
EnumSystemLanguageGroupsW
WaitForSingleObject
CreateTimerQueue
MapUserPhysicalPages
GetOEMCP
GetProfileIntW
FlushConsoleInputBuffer
GetNamedPipeHandleStateW
GetThreadSelectorEntry
LocalSize
GetStringTypeW
GetTimeFormatW
CreateFileW
GetProcessTimes
ConvertDefaultLocale
GetConsoleKeyboardLayoutNameW
PulseEvent
FindFirstVolumeMountPointA
lstrcpyn
lstrcpyA
QueryDosDeviceA
ExpandEnvironmentStringsA
WaitForMultipleObjectsEx
GetConsoleFontInfo
GetDriveTypeW
GetTimeZoneInformation
FindFirstChangeNotificationW
GetACP
GetLastError
ConvertDefaultLocale
VirtualQuery
LoadLibraryA
GetCurrentProcessId
GetModuleFileNameW
GetModuleHandleA
LoadLibraryA
LocalAlloc
LocalFree
GetModuleFileNameA
ExitProcess

comdlg32

FindTextA
PageSetupDlgA
ChooseFontA

shell32

ShellExec_RunDLL
InternalExtractIconListW

Exports

Exports

'ht-�q�r�~��뇢��v�(�{�0ayA a��a�*j��@2'�.?"��}��ݒ��,Ч�o�W��!��M�C�M��枖�0ǍL�!!�w�ź�š��DjDl�=rmF�F�B��{�؛��!��y�Fn ��w )7DZ�+�42��x�?�&��`C�78do�p�yF��wx��T��J�x�[��X=��>�-#�)"�W��?gcx��hk�p�1]�O�]�;�ϏϚ,q��v~�v��,��۲��D{䜨NN�P�)W>X�B�3y��O@�\�y��x�Ʉ7mju;�� 2�]R��t��n��6�`e��_|�Z�U��d��Ï��ؓ%�pY�� sqP��?�`��M��Ct9�N�x��u��.](Sw�4@S��.��h;�+�X�c췫��l��m1��'��8�34��Ԍ)��q��*��ˁ�?��d�B��Fe�fr��rt�kY��~�-��Ԟ��[�C��q��-~ &�l��mxj�`<�?� �lpH�< y�G�*�g��d�9�[��&�m��z9�%��!��~a��p%�:��w��Y�U��δ��o�,��EZў�huw^5p�魟��Y�n��>��~�TФ Ԯ民7?s��֫�4�� uLcH�44��[��%�F-ث� ~M9�{�o��8��z��4?�^��Fnko�Ҍ�}Q ��S@��Д\��hERI��U��DMeT�l�؟��pZh�v�K��JN��Nkǻ��<W��$��r��kQ@�ØF 15G�5m��i�Φ� ��4�kBOnZ9��9��=�8MD��&LN0�\ɶ d�d�cD ��-��t�s�`7�R�_�� ɛ��wؿܹ!�z~4ky/իQ��h��j�\1��5Y�ʰE2�g�צ��f�9�JH��V��O׋��h�֣�l�|�@��h0G�0��m��]�?W@<�s�-՞��6� ��_PG��Ή��3y��!��u!�My��,[�D�>H��0�S��ўfp��v�nLH�NZ�n.�/�i3*��d��R�b_��=I�uU�e�x�c�M�#�17��ӆ��p��T�X>(�\ Cg7F'io�II�Ç��b��_�:観x/g>� `6�~h��h��2��L�0��f� C"�`�`�/[��SIR3�ЇiZ�.��F�_w�s�)Y�=�Ho�)��G'��=��f��@��MP7 ��=��[H�$�^��t��5�ň@�.��r��հ<��e��mS�,��4d4ǂ��A�v��R�hm�}�$�.�P��s�V��P�ڃ��Ä��O�V].f�!�SY=eˎԯ�7��K�?H�ޚ��9j��}�]�'H$M�~��*{��:�$s�r|Umf�.Q�Opy�Л`V��`��1m��N[#'�m�G�cKi��E��P�?��檈2�͙c6`��:�W�+�P��>�QO Ԅ ��gx�� j�W��Cn�J��@n��5�� d��9�(&�3^�+�G��Hz��x'52�A��f�c�3KuCB7=��J�|`��eА��꠵�� k:k��b%�u��O�Pz??�}��2��R�j�.�(u�԰��bNgr~RӣmeW��ڕӿ�m��=��rn�VI�� v��@C�a�L(�s�2T~��#�,59�س[ ��K��EK�^b�T�zx�߁��w#�Ɛ%��5��g��&��&��\�#��s��)�l]��W�SJ1��FaÈ�Ђ��ʙ�bG��T�k��Ál�5��!��mog�.-j^��<@/��H�(��0�I�u�Hj��r��o��P�G2�Y8&��bWO77�d��18о��E��ܫ%d��R3p��`��B.��(V �r0:r�d�,��i,<I[��J��T�i��]� ^*�n'�:榾J��3�_��P�T��e��V �e 4��5�� A&�_'��Qߪ�p0)'Iϫ��/8��9��<(�gth�ՙ�Ɍ�S[��KS9(��X��ٵ ��Ǳ�ƈ�B_��ao�J��1n�wЊ�6�U��8�pK)��,��/� �Pi�G�� z�{��I'T�˭�p4��zM6'��r�\� �%��.��/A��'G�B#��>�a) �/��Z��a�\��#X�~~�zx4��!��!��;�-�ܘ�.��IjiU��_uv|��_�Lu#��]�5��4�R,y��iZ�D�Ά��좂��N��D/�%R%�[��C��mF|o� ��W�_��!'��٣� ⷙ�2R� IE>/4��:|r�k!d�3��^�ȃ�J�$��(�ЕAe��+��~D��o=//?H��rƑT\��?kd��5�}9 � ]�#��>"�Z{�� ~ X�p��-$�_��x?F_��HW��ӊ!c�]�;�L��oѩ��ħb��$�&�oG�蘫j�ep��L6�z��@�~�j��a�|z��7 �T��# ��Ef��-�G�� ;uM0&��&��6i�@��\Bmet��-�H� ��S}�P'��3��{嫒C��/�S`j��KHc�*p��ߖ�PG�]`q m[Uޱ��è��ߗ��@W�\|!�tS��[�p� ��7ѝx��\݆�@2�zq&?6�q��K��<�^�E� �%��|?T�%@�}�8�PD>`��cp��4�JS�y݆ߕ1��t \3(s��7��+f��{M��}��a�)�p��%�b� �!��j��

Sections

CODE
Size: 441KB - Virtual size: 440KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 821B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text0
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text1
Size: 71KB - Virtual size: 70KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 53KB - Virtual size: 53KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8d3eaa3fe3a08913f986000adfb11c3d

Code Sign

25:95:e9:af:2c:4d:1e:db:85:26:a0:0c:99:35:7f:23Certificate

Extended Key Usages

Key Usages

29:6b:1c:91:3a:36:c3:aa:10:1a:ab:eb:ab:a9:80:b1:bf:93:df:44Signer

Headers

File Characteristics

Imports

user32

kernel32

comdlg32

shell32

Exports

Exports

Sections

CODE Size: 441KB - Virtual size: 440KB

DATA Size: 19KB - Virtual size: 18KB

BSS Size: - Virtual size: 821B

.idata Size: 5KB - Virtual size: 4KB

.text0 Size: 19KB - Virtual size: 19KB

.tls Size: 512B - Virtual size: 24B

.text1 Size: 71KB - Virtual size: 70KB

.reloc Size: 6KB - Virtual size: 5KB

.rsrc Size: 53KB - Virtual size: 53KB

25:95:e9:af:2c:4d:1e:db:85:26:a0:0c:99:35:7f:23
Certificate

29:6b:1c:91:3a:36:c3:aa:10:1a:ab:eb:ab:a9:80:b1:bf:93:df:44
Signer

CODE
Size: 441KB - Virtual size: 440KB

DATA
Size: 19KB - Virtual size: 18KB

BSS
Size: - Virtual size: 821B

.idata
Size: 5KB - Virtual size: 4KB

.text0
Size: 19KB - Virtual size: 19KB

.tls
Size: 512B - Virtual size: 24B

.text1
Size: 71KB - Virtual size: 70KB

.reloc
Size: 6KB - Virtual size: 5KB

.rsrc
Size: 53KB - Virtual size: 53KB