ProxyChecker[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

ProxyChecker.exe
Size

791KB
MD5

87c2d98cbacb74a0a73a5162f279b743
SHA1

338234ab881e46cd55eb30ea6ee4e90fc57cb08a
SHA256

5527dc7eac16fbc16e55829245f0d0fcb3f8d44b962d314fb5a934a804802143
SHA512

1ff746956b0619d2d02cfa5dece674d380ee9f44589fa26135e35c5588caf282160e0c6fc2800a8baabc4aa48109b8862fc700c078120e76375dd8c2929d87b1
SSDEEP

12288:GsXM3cucUsW1jWg3Td4V8+nJyVRNIvRXEALoq4oj78+r:v0Bs8XMJyVRNQDfjr

Score

1^/10

Malware Config

Signatures

Files

ProxyChecker.exe
.exe windows:6 windows x86 arch:x86

773eec4507e87ce458080f27f78c1b4c

Code Sign

01:ee:5f:16:9d:ff:97:35:2b:64:65:d6:6a
Certificate

Issuer

CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE

Not Before

19-09-2018 00:00

Not After

28-01-2028 12:00

Subject

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

48:1b:6a:07:a9:42:4c:1e:aa:fe:f3:cd:f1:0f
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

15-06-2016 00:00

Not After

15-06-2024 00:00

Subject

CN=GlobalSign Extended Validation CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageOCSPSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

3c:6a:86:79:f7:b3:fa:a3:ab:61:e2:13
Certificate

Issuer

CN=GlobalSign Extended Validation CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Not Before

10-07-2019 06:15

Not After

10-10-2022 06:15

Subject

SERIALNUMBER=1089847274439,CN=Initeks\, OOO,O=Initeks\, OOO,STREET=Prospect Komendantsky\, 51/1\, office 300,L=Saint Petersburg,ST=Saint Petersburg,C=RU,1.3.6.1.4.1.311.60.2.1.2=#13105361696e742050657465727362757267,1.3.6.1.4.1.311.60.2.1.3=#13025255,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12
Certificate

Issuer

CN=VeriSign Universal Root Certification Authority,OU=VeriSign Trust Network+OU=(c) 2008 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

12-01-2016 00:00

Not After

11-01-2031 23:59

Subject

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

7b:d4:e5:af:ba:cc:07:3f:a1:01:23:04:22:41:4d:12
Certificate

Issuer

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

23-12-2017 00:00

Not After

22-03-2029 23:59

Subject

CN=Symantec SHA256 TimeStamping Signer - G3,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

ba:a3:bc:94:bc:98:c2:74:ee:35:f5:4b:c4:09:3b:a7:e4:78:66:2c:3f:e2:5c:b2:5d:27:83:c1:31:53:42:b7
Signer

Actual PE Digest

ba:a3:bc:94:bc:98:c2:74:ee:35:f5:4b:c4:09:3b:a7:e4:78:66:2c:3f:e2:5c:b2:5d:27:83:c1:31:53:42:b7

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
LockResource
WriteConsoleW
GetStringTypeW
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCPInfo
GetOEMCP
IsValidCodePage
FindFirstFileExW
SetFilePointerEx
ReadConsoleW
GetConsoleMode
GetConsoleCP
GetTimeZoneInformation
LCMapStringW
GetTimeFormatW
GetDateFormatW
ExitProcess
GetStdHandle
VirtualQuery
VirtualAlloc
GetSystemInfo
GetFileType
SetStdHandle
HeapQueryInformation
GetModuleHandleExW
FreeLibraryAndExitThread
ExitThread
CreateThread
GetCommandLineW
GetCommandLineA
RtlUnwind
LoadLibraryExA
ExpandEnvironmentStringsA
OutputDebugStringW
LoadResource
FindResourceW
SetLastError
GetComputerNameA
GetVersionExW
LoadLibraryA
GetProcAddress
FreeLibrary
MultiByteToWideChar
WideCharToMultiByte
GlobalAlloc
GlobalFree
LoadLibraryW
GetModuleFileNameW
GetCurrentThreadId
GetLastError
HeapFree
InitializeCriticalSectionEx
HeapSize
HeapReAlloc
RaiseException
HeapAlloc
DecodePointer
DeleteCriticalSection
GetProcessHeap
ResumeThread
GetACP
OutputDebugStringA
InitializeCriticalSectionAndSpinCount
GetModuleHandleA
GetModuleHandleW
FreeResource
GlobalLock
GlobalUnlock
MulDiv
EncodePointer
GetSystemDirectoryW
LoadLibraryExW
GlobalDeleteAtom
lstrcmpW
GlobalAddAtomW
GlobalFindAtomW
CompareStringW
LocalFree
FormatMessageW
GetCurrentThread
lstrcmpA
GetPrivateProfileIntW
GetPrivateProfileStringW
WritePrivateProfileStringW
GetCurrentProcessId
CloseHandle
SetEvent
WaitForSingleObject
CreateEventW
SetThreadPriority
SuspendThread
EnterCriticalSection
LeaveCriticalSection
LocalAlloc
SystemTimeToTzSpecificLocalTime
FileTimeToSystemTime
GlobalFlags
InitializeCriticalSection
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GlobalReAlloc
GlobalHandle
LocalReAlloc
GetLocaleInfoW
GetSystemDefaultUILanguage
GetUserDefaultUILanguage
VirtualProtect
GetThreadLocale
DeleteFileW
CreateFileW
FindClose
FindFirstFileW
FlushFileBuffers
GetFileSize
GetFullPathNameW
GetVolumeInformationW
LockFile
ReadFile
SetEndOfFile
SetFilePointer
UnlockFile
WriteFile
DuplicateHandle
GetCurrentProcess
FileTimeToLocalFileTime
GetFileAttributesW
GetFileAttributesExW
GetFileSizeEx
GetFileTime
FindNextFileW
SetErrorMode
GetTickCount
SizeofResource

user32

MoveWindow
ShowWindow
LoadBitmapW
SetMenuItemInfoW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
EnableMenuItem
CheckMenuItem
GetMonitorInfoW
MonitorFromWindow
WinHelpW
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExW
GetWindow
GetLastActivePopup
GetTopWindow
GetClassNameW
GetClassLongW
SetWindowLongW
EqualRect
CopyRect
MapWindowPoints
MessageBoxW
AdjustWindowRectEx
GetWindowTextLengthW
GetWindowTextW
RemovePropW
GetPropW
SetPropW
GetScrollPos
ValidateRect
GetForegroundWindow
UpdateWindow
TrackPopupMenu
GetMenuItemCount
GetMenuItemID
SetMenu
GetMenu
GetCapture
GetKeyState
GetFocus
SetFocus
GetDlgCtrlID
IsWindowVisible
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
GetCursorPos
SetWindowPos
IsChild
IsMenu
CreateWindowExW
EnableWindow
LoadIconW
GetSystemMenu
AppendMenuW
SendMessageW
GetClassInfoExW
GetClassInfoW
RegisterClassW
CallWindowProcW
DefWindowProcW
PostMessageW
GetMessageTime
GetMessagePos
PeekMessageW
DispatchMessageW
RegisterWindowMessageW
GetSysColor
ScreenToClient
ClientToScreen
CheckRadioButton
IsDlgButtonChecked
EndPaint
BeginPaint
SetWindowTextW
IsDialogMessageW
PostQuitMessage
SetWindowContextHelpId
MapDialogRect
GetWindowThreadProcessId
GetMessageW
SetForegroundWindow
GetClientRect
GetDC
SetTimer
IsIconic
GetSystemMetrics
DrawIcon
GetWindowRect
PtInRect
LoadMenuW
GetSubMenu
RedrawWindow
GetSysColorBrush
SetCursor
KillTimer
LoadCursorW
UnregisterClassW
SendDlgItemMessageA
SetRectEmpty
OffsetRect
GetParent
IsWindow
DestroyWindow
CreateDialogIndirectParamW
EndDialog
GetDlgItem
GetNextDlgTabItem
GetActiveWindow
IsWindowEnabled
SetActiveWindow
GetWindowLongW
GetDesktopWindow
DrawTextW
DrawTextExW
GrayStringW
TabbedTextOutW
GetWindowDC
ReleaseDC
DestroyMenu
TranslateMessage
RealChildWindowFromPoint
IntersectRect
SetCapture
ReleaseCapture
PostThreadMessageW
RegisterClipboardFormatW
CharUpperW
MessageBeep
GetNextDlgGroupItem
IsRectEmpty
SetRect
InvalidateRgn
CopyAcceleratorTableW
CharNextW
InvalidateRect

gdi32

GetRgnBox
GetTextColor
GetBkColor
GetMapMode
CreateRectRgnIndirect
ScaleWindowExtEx
ScaleViewportExtEx
OffsetViewportOrgEx
SetWindowExtEx
SetViewportOrgEx
SetViewportExtEx
ExtTextOutW
TextOutW
GetObjectW
SetTextColor
SetMapMode
SetBkMode
SetBkColor
SelectObject
ExtSelectClipRgn
SaveDC
RestoreDC
RectVisible
PtVisible
GetWindowExtEx
GetViewportExtEx
GetClipBox
Escape
DeleteObject
DeleteDC
CreateBitmap
CreateFontW
GetDeviceCaps
GetStockObject

winspool.drv

OpenPrinterW
ClosePrinter
DocumentPropertiesW

advapi32

RegOpenKeyExA
RegQueryValueExA
RegOpenKeyExW
RegQueryValueExW
RegEnumValueW
RegQueryValueW
RegEnumKeyW
RegSetValueExW
RegDeleteValueW
RegDeleteKeyW
RegCreateKeyExW
RegCloseKey

shell32

ShellExecuteW

comctl32

InitCommonControlsEx

shlwapi

UrlUnescapeW
PathIsUNCW
PathStripToRootW
PathFindExtensionW
PathFindFileNameW

ole32

CreateILockBytesOnHGlobal
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CoGetClassObject
CoInitialize
CoRevokeClassObject
CLSIDFromProgID
CoFreeUnusedLibraries
OleInitialize
CoUninitialize
CoTaskMemFree
CoTaskMemAlloc
CoCreateGuid
OleUninitialize
OleFlushClipboard
OleIsCurrentClipboard
CoRegisterMessageFilter
CLSIDFromString
CoCreateInstance

oleaut32

SafeArrayDestroy
VariantCopy
VariantTimeToSystemTime
SystemTimeToVariantTime
SysStringLen
SysAllocString
VariantChangeType
VariantClear
VariantInit
SysAllocStringLen
SysFreeString
OleCreateFontIndirect

oledlg

OleUIBusyW

ws2_32

inet_addr
htons
socket
gethostbyname
closesocket
WSAStartup
send
WSAGetLastError
inet_ntoa
recv
connect

oleacc

LresultFromObject
CreateStdAccessibleObject

wininet

HttpQueryInfoW
InternetCrackUrlW
InternetCanonicalizeUrlW
InternetOpenW
InternetCloseHandle
InternetOpenUrlW
InternetReadFile
InternetSetFilePointer
InternetWriteFile
InternetQueryDataAvailable
InternetQueryOptionW
InternetGetLastResponseInfoW
InternetSetStatusCallbackW

Sections

.text
Size: 367KB - Virtual size: 367KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 109KB - Virtual size: 108KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 296KB - Virtual size: 296KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

773eec4507e87ce458080f27f78c1b4c

Code Sign

01:ee:5f:16:9d:ff:97:35:2b:64:65:d6:6aCertificate

Key Usages

48:1b:6a:07:a9:42:4c:1e:aa:fe:f3:cd:f1:0fCertificate

Extended Key Usages

Key Usages

3c:6a:86:79:f7:b3:fa:a3:ab:61:e2:13Certificate

Extended Key Usages

Key Usages

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12Certificate

Extended Key Usages

Key Usages

7b:d4:e5:af:ba:cc:07:3f:a1:01:23:04:22:41:4d:12Certificate

Extended Key Usages

Key Usages

ba:a3:bc:94:bc:98:c2:74:ee:35:f5:4b:c4:09:3b:a7:e4:78:66:2c:3f:e2:5c:b2:5d:27:83:c1:31:53:42:b7Signer

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

winspool.drv

advapi32

shell32

comctl32

shlwapi

ole32

oleaut32

oledlg

ws2_32

oleacc

wininet

Sections

.text Size: 367KB - Virtual size: 367KB

.rdata Size: 109KB - Virtual size: 108KB

.data Size: 10KB - Virtual size: 21KB

.rsrc Size: 296KB - Virtual size: 296KB

01:ee:5f:16:9d:ff:97:35:2b:64:65:d6:6a
Certificate

48:1b:6a:07:a9:42:4c:1e:aa:fe:f3:cd:f1:0f
Certificate

3c:6a:86:79:f7:b3:fa:a3:ab:61:e2:13
Certificate

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12
Certificate

7b:d4:e5:af:ba:cc:07:3f:a1:01:23:04:22:41:4d:12
Certificate

ba:a3:bc:94:bc:98:c2:74:ee:35:f5:4b:c4:09:3b:a7:e4:78:66:2c:3f:e2:5c:b2:5d:27:83:c1:31:53:42:b7
Signer

.text
Size: 367KB - Virtual size: 367KB

.rdata
Size: 109KB - Virtual size: 108KB

.data
Size: 10KB - Virtual size: 21KB

.rsrc
Size: 296KB - Virtual size: 296KB