fc82c4456949b5f4dfc28f271be666b0[.]bin

Sharing

Copy URL

Twitter E-mail

General

Target

fc82c4456949b5f4dfc28f271be666b0.bin
Size

1.1MB
MD5

ab48f174f3e8c41eeb04933d4761f1fc
SHA1

f9dfd8cacd61f7dfeeb6fc15307b528b64de0f76
SHA256

c8812f5886a35a80e2b048d73e6d65e4a1a230fa4d8a9860844624541136f37b
SHA512

094cf4b31adf66c955e860525501c35e3c1ea35c663e966e87d1cb263c49e77b53b64259fda418479f2009cb26a2a64255a02198df4d2e13d14ea9913382f756
SSDEEP

24576:v82P18sWMMOH4WEiUjfuRe5oC7tJyukblJeDKpPJ:v8NoZP02RYz7tJdkLe+r

Score

1^/10

Malware Config

Signatures

Files

fc82c4456949b5f4dfc28f271be666b0.bin
.zip

Password: infected
90bbc186938b8bf66f288b9376a9ee09e3ea004231d79e29eac556060cd7f6a3.exe
.exe windows:5 windows x86 arch:x86

Password: infected

ffd867d9b99452cca8ae0e3b4468b213

Code Sign

05:9b:1b:57:9e:8e:21:32:e2:39:07:bd:a7:77:75:5c
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01-08-2013 12:00

Not After

15-01-2038 12:00

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29-04-2021 00:00

Not After

28-04-2036 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

06:8d:c5:9b:80:b3:ad:b6:e7:6b:7e:7f:ae:51:ef:76
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

17-08-2021 00:00

Not After

27-09-2023 23:59

Subject

SERIALNUMBER=1027739867473,CN=Kaspersky Lab JSC,O=Kaspersky Lab JSC,L=Moscow,C=RU,1.3.6.1.4.1.311.60.2.1.3=#13025255,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

05:9b:1b:57:9e:8e:21:32:e2:39:07:bd:a7:77:75:5c
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01-08-2013 12:00

Not After

15-01-2038 12:00

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29-04-2021 00:00

Not After

28-04-2036 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

06:8d:c5:9b:80:b3:ad:b6:e7:6b:7e:7f:ae:51:ef:76
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

17-08-2021 00:00

Not After

27-09-2023 23:59

Subject

SERIALNUMBER=1027739867473,CN=Kaspersky Lab JSC,O=Kaspersky Lab JSC,L=Moscow,C=RU,1.3.6.1.4.1.311.60.2.1.3=#13025255,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

f0:c2:0a:6c:ed:83:56:83:26:9f:42:52:c6:6e:d0:51:d7:a9:e9:d1:6b:5a:12:a6:8f:b2:9c:e6:24:38:07:8a
Signer

Actual PE Digest

f0:c2:0a:6c:ed:83:56:83:26:9f:42:52:c6:6e:d0:51:d7:a9:e9:d1:6b:5a:12:a6:8f:b2:9c:e6:24:38:07:8a

Digest Algorithm

sha256

PE Digest Matches

false

09:b2:33:e1:f0:1d:fa:ec:03:09:52:fe:b3:98:73:30:cb:08:28:c0
Signer

Actual PE Digest

09:b2:33:e1:f0:1d:fa:ec:03:09:52:fe:b3:98:73:30:cb:08:28:c0

Digest Algorithm

sha1

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ord17
ImageList_Create
ImageList_Add

setupapi

SetupDiOpenClassRegKey
SetupOpenInfFileA
SetupInstallFromInfSectionA
SetupCloseInfFile

version

VerQueryValueA
GetFileVersionInfoA
GetFileVersionInfoSizeA

kernel32

GetVolumeNameForVolumeMountPointA
SystemTimeToFileTime
GetSystemTime
VirtualLock
CopyFileA
GetTempPathA
GetDriveTypeA
GetShortPathNameA
GetVolumeInformationA
GetVolumePathNameA
FindNextVolumeW
QueryDosDeviceW
FindFirstVolumeW
WriteFile
LocalFree
VirtualUnlock
DefineDosDeviceA
GetCurrentProcessId
FormatMessageW
VirtualQuery
ReleaseMutex
OpenMutexA
GetVolumeInformationW
QueryPerformanceCounter
QueryPerformanceFrequency
FlushFileBuffers
GetFileSize
GetCurrentProcess
GetModuleHandleA
GetVersionExA
GetCurrentDirectoryA
LockResource
SizeofResource
LoadResource
FindResourceA
GetFileAttributesA
SetFilePointer
GetModuleFileNameW
SetCurrentDirectoryA
GetDiskFreeSpaceA
UnhandledExceptionFilter
GetFileInformationByHandle
GetCurrentThread
SetUnhandledExceptionFilter
SetErrorMode
InterlockedExchangeAdd
InterlockedExchange
SetEvent
ResetEvent
CreateEventA
GetFileAttributesExA
FindNextFileW
CreateFileW
FindFirstFileW
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
DeleteVolumeMountPointA
GetProcessWorkingSetSize
GetProcessTimes
GetThreadTimes
GlobalMemoryStatus
GetProcessHeap
InitializeCriticalSection
GetStringTypeA
GetLocaleInfoA
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
PeekNamedPipe
GetFullPathNameA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetHandleCount
IsValidCodePage
GetOEMCP
GetACP
InitializeCriticalSectionAndSpinCount
HeapSize
HeapReAlloc
VirtualAlloc
VirtualFree
HeapCreate
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetStdHandle
GetStringTypeW
GetCPInfo
LCMapStringW
LCMapStringA
FileTimeToLocalFileTime
FileTimeToSystemTime
CreateThread
ResumeThread
ExitThread
GetFileType
SetStdHandle
GetSystemTimeAsFileTime
GetFileAttributesW
GetConsoleMode
GetConsoleCP
HeapAlloc
ExitProcess
GetModuleHandleW
HeapFree
RtlUnwind
RaiseException
IsDebuggerPresent
TerminateProcess
InterlockedCompareExchange
SetVolumeMountPointA
GetWindowsDirectoryA
WaitForSingleObject
GetExitCodeProcess
CreatePipe
SetHandleInformation
GetSystemInfo
FindFirstFileA
LoadLibraryA
GetProcAddress
FreeLibrary
FindNextFileA
FindClose
SetFilePointerEx
CreateFileA
GetFileSizeEx
GetFileTime
SetEnvironmentVariableA
ReadFile
SetFileTime
SetLastError
GetLogicalDrives
MoveFileA
GetCommandLineA
GetCommandLineW
GetTickCount
CreateMutexA
Sleep
GetSystemDirectoryA
CreateDirectoryA
GetModuleFileNameA
CreateProcessA
CloseHandle
SetProcessShutdownParameters
GetCurrentThreadId
lstrlenW
WideCharToMultiByte
MultiByteToWideChar
InterlockedIncrement
GetLastError
InterlockedDecrement
DeviceIoControl
FindFirstVolumeA
QueryDosDeviceA
FindNextVolumeA
FindVolumeClose
DeleteFileA
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
GetLocaleInfoW
SetEndOfFile
GetTimeZoneInformation
CompareStringA
CompareStringW
GetStartupInfoA

user32

GetKeyState
EnumChildWindows
GetDlgCtrlID
GetClassNameA
LoadCursorA
SetCursor
DefDlgProcA
UnregisterClassA
LoadIconA
RegisterClassA
GetUpdateRect
BeginPaint
DefWindowProcA
GetDialogBaseUnits
EndPaint
PeekMessageA
DestroyWindow
GetWindowTextW
GetSystemMetrics
GetWindowInfo
ReleaseDC
MessageBoxA
GetActiveWindow
GetMessagePos
EnumWindows
RegisterWindowMessageA
IsWindowEnabled
SystemParametersInfoA
DrawMenuBar
PostMessageA
GetCursorPos
MessageBeep
SetMenuItemInfoW
GetSubMenu
LoadBitmapA
FlashWindowEx
SetLayeredWindowAttributes
CreateWindowExA
RegisterClassExA
TrackMouseEvent
GetSystemMenu
SystemParametersInfoW
SendMessageTimeoutA
wsprintfA
DrawTextA
GetClassInfoA
UnhookWindowsHookEx
CallNextHookEx
GetCaretPos
GetQueueStatus
GetInputState
GetProcessWindowStation
GetOpenClipboardWindow
GetMessageTime
SetWindowsHookExA
GetCapture
EnableWindow
GetDlgItem
CheckDlgButton
GetClipboardOwner
GetClipboardViewer
GetDesktopWindow
GetFocus
GetDC
GetDlgItemInt
CreatePopupMenu
TrackPopupMenu
DestroyMenu
SetDlgItemInt
GetMenu
EnableMenuItem
SetWindowLongA
GetWindowLongA
CallWindowProcA
GetWindowRect
SetForegroundWindow
LoadImageA
GetDlgItemTextA
SetDlgItemTextA
SendDlgItemMessageA
SetFocus
SendDlgItemMessageW
GetKeyboardLayout
LoadKeyboardLayoutA
MessageBoxW
GetWindowTextA
SetWindowTextA
GetWindowTextLengthA
GetMessageA
TranslateMessage
DispatchMessageA
PostThreadMessageA
GetParent
SetTimer
GetWindowTextLengthW
KillTimer
GetAsyncKeyState
RegisterHotKey
UnregisterHotKey
wsprintfW
DialogBoxParamW
ShowWindow
SetWindowTextW
GetClientRect
SetWindowPos
InvalidateRect
SendMessageW
EndDialog
SendMessageA
DeleteMenu
AppendMenuA
AppendMenuW
GetDlgItemTextW
IsDlgButtonChecked
SetDlgItemTextW
MoveWindow

gdi32

MoveToEx
LineTo
GetCurrentObject
GetObjectA
CreateCompatibleBitmap
SetStretchBltMode
CreatePen
DeleteDC
BitBlt
CreateCompatibleDC
SetMapMode
GetDeviceCaps
SelectObject
GetTextExtentPoint32W
GetTextMetricsA
GetStockObject
CreateFontIndirectW
StretchBlt
DeleteObject

comdlg32

GetSaveFileNameW
GetOpenFileNameW

advapi32

RegisterEventSourceA
RegDeleteValueA
RegDeleteKeyA
RegCreateKeyExA
CryptAcquireContextA
CryptGenRandom
CryptReleaseContext
RegEnumKeyExA
GetTokenInformation
IsWellKnownSid
QueryServiceStatus
ControlService
StartServiceA
OpenProcessToken
RegOpenKeyExA
RegQueryValueExA
RegSetValueExA
ChangeServiceConfigA
OpenSCManagerA
CreateServiceA
ChangeServiceConfig2A
OpenServiceA
DeleteService
RegCloseKey
SetServiceStatus
DeregisterEventSource
ReportEventA
RegisterServiceCtrlHandlerA
StartServiceCtrlDispatcherA
CloseServiceHandle

shell32

ord680
SHGetFileInfoA
SHGetMalloc
SHBrowseForFolderW
SHGetPathFromIDListA
CommandLineToArgvW
SHGetSpecialFolderPathA
ShellExecuteA
SHChangeNotify
SHGetFolderPathA
DragAcceptFiles
DragQueryFileA
DragFinish
Shell_NotifyIconA
Shell_NotifyIconW
ShellExecuteW

ole32

CoCreateInstance
CoGetObject
CoInitialize
CoUninitialize
CoRegisterClassObject
CoRevokeClassObject
StringFromGUID2

oleaut32

SysAllocStringByteLen
SysStringByteLen
SysAllocStringLen
SysFreeString

Sections

.text
Size: 577KB - Virtual size: 576KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 140KB - Virtual size: 139KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 19KB - Virtual size: 210KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Password: infected

Password: infected

ffd867d9b99452cca8ae0e3b4468b213

Code Sign

05:9b:1b:57:9e:8e:21:32:e2:39:07:bd:a7:77:75:5cCertificate

Key Usages

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9Certificate

Extended Key Usages

Key Usages

06:8d:c5:9b:80:b3:ad:b6:e7:6b:7e:7f:ae:51:ef:76Certificate

Extended Key Usages

Key Usages

05:9b:1b:57:9e:8e:21:32:e2:39:07:bd:a7:77:75:5cCertificate

Key Usages

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9Certificate

Extended Key Usages

Key Usages

06:8d:c5:9b:80:b3:ad:b6:e7:6b:7e:7f:ae:51:ef:76Certificate

Extended Key Usages

Key Usages

f0:c2:0a:6c:ed:83:56:83:26:9f:42:52:c6:6e:d0:51:d7:a9:e9:d1:6b:5a:12:a6:8f:b2:9c:e6:24:38:07:8aSigner

09:b2:33:e1:f0:1d:fa:ec:03:09:52:fe:b3:98:73:30:cb:08:28:c0Signer

Headers

DLL Characteristics

File Characteristics

Imports

comctl32

setupapi

version

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

Sections

.text Size: 577KB - Virtual size: 576KB

.rdata Size: 140KB - Virtual size: 139KB

.data Size: 19KB - Virtual size: 210KB

.rsrc Size: 1.6MB - Virtual size: 1.6MB

05:9b:1b:57:9e:8e:21:32:e2:39:07:bd:a7:77:75:5c
Certificate

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

06:8d:c5:9b:80:b3:ad:b6:e7:6b:7e:7f:ae:51:ef:76
Certificate

05:9b:1b:57:9e:8e:21:32:e2:39:07:bd:a7:77:75:5c
Certificate

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

06:8d:c5:9b:80:b3:ad:b6:e7:6b:7e:7f:ae:51:ef:76
Certificate

f0:c2:0a:6c:ed:83:56:83:26:9f:42:52:c6:6e:d0:51:d7:a9:e9:d1:6b:5a:12:a6:8f:b2:9c:e6:24:38:07:8a
Signer

09:b2:33:e1:f0:1d:fa:ec:03:09:52:fe:b3:98:73:30:cb:08:28:c0
Signer

.text
Size: 577KB - Virtual size: 576KB

.rdata
Size: 140KB - Virtual size: 139KB

.data
Size: 19KB - Virtual size: 210KB

.rsrc
Size: 1.6MB - Virtual size: 1.6MB