30cfe0991b592581ebec2398a9ee684ffa2ad0625d14d60413e31b0a2837d5e1

Sharing

Copy URL Twitter E-mail

General

Target

30cfe0991b592581ebec2398a9ee684ffa2ad0625d14d60413e31b0a2837d5e1
Size

389KB
MD5

1c654d5cfcbc2c189bfc759733884b80
SHA1

f8d27b6a536edf21803130d021749a0e6668e74f
SHA256

30cfe0991b592581ebec2398a9ee684ffa2ad0625d14d60413e31b0a2837d5e1
SHA512

33814d2f1ef1245392ade06ab0e139a02e3af98b3a3cb6ae00831d6df96eed4f18bd6b32ea87c3a9f5bf05bdecb46e6aff1ece4e38dda74c7cb11050146bf8a0
SSDEEP

6144:t1PKgH2+mKXXLF4u5v+iMa0imbljqk6VPvuhOFVAe7f8lK+Gpy01:Pt2+mKXXWu5v+iMdpjBoPvVFVpqe1

Score

N/A

Malware Config

Signatures

Files

30cfe0991b592581ebec2398a9ee684ffa2ad0625d14d60413e31b0a2837d5e1
.exe windows x86

17e6a04cf59049043ceb25e8cdb3c174

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateMutexW
GetCurrentProcessId
DeleteCriticalSection
InitializeCriticalSection
SetEvent
CreateEventW
RaiseException
SetLastError
GetCurrentThreadId
FlushInstructionCache
DeviceIoControl
InterlockedIncrement
EnterCriticalSection
GetLastError
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
FlushFileBuffers
SetStdHandle
InitializeCriticalSectionAndSpinCount
GetConsoleMode
GetConsoleCP
lstrcmpiW
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
QueryPerformanceCounter
GetStartupInfoA
GetFileType
SetHandleCount
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
LeaveCriticalSection
GetStdHandle
HeapCreate
HeapSize
LCMapStringW
LCMapStringA
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
HeapReAlloc
RtlUnwind
GetStartupInfoW
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
MultiByteToWideChar
FindClose
SizeofResource
FindNextFileW
FindFirstFileW
lstrcpyW
GetTickCount
CreateThread
CopyFileW
GetLongPathNameW
LoadLibraryExW
FindResourceW
LoadResource
CreateFileW
LocalFree
DeleteFileW
MoveFileExW
lstrlenA
OutputDebugStringW
DebugBreak
SetFileAttributesW
GetTempPathW
GetCurrentProcess
GetModuleHandleW
GetExitCodeProcess
WaitForSingleObject
GetModuleFileNameW
DeleteAtom
FindAtomW
ReleaseMutex
AddAtomW
OpenThread
GetAtomNameW
TlsGetValue
FormatMessageW
GetFileSizeEx
SetFilePointerEx
LocalFileTimeToFileTime
CreateFileA
GetSystemTimeAsFileTime
ExitProcess
TlsFree
TlsAlloc
ReadFile
SetFilePointer
InterlockedDecrement
GetPrivateProfileIntW
WideCharToMultiByte
lstrlenW
GetProcAddress
LoadLibraryW
Sleep
CloseHandle
CreateProcessW
TlsSetValue
RemoveDirectoryW
GetModuleHandleA
GetModuleFileNameA
FreeLibrary
InterlockedCompareExchange
HeapFree
GetProcessHeap
HeapAlloc
LoadLibraryA
IsProcessorFeaturePresent
VirtualFree
VirtualAlloc
GetSystemTime
SystemTimeToFileTime
OpenProcess
TerminateProcess
WaitForMultipleObjects
LockResource
GlobalAlloc
GlobalFree
WriteFile

user32

GetSystemMenu
EnableMenuItem
LoadImageW
ReleaseCapture
GetDlgCtrlID
SystemParametersInfoW
SetCapture
AdjustWindowRectEx
GetMenu
GetParent
SetWindowTextW
PostQuitMessage
GetDlgItem
IsDialogMessageW
SetCursor
GetDC
SetTimer
PtInRect
ClientToScreen
UpdateWindow
DrawFocusRect
GetSystemMetrics
InflateRect
DrawEdge
GetSysColor
IsWindowEnabled
KillTimer
OffsetRect
FillRect
PostMessageW
EndPaint
DrawTextW
GetWindowTextW
GetClientRect
BeginPaint
CallWindowProcW
GetWindowLongW
CreateWindowExW
LoadCursorW
GetClassInfoExW
RegisterClassExW
SendMessageW
DestroyWindow
DefWindowProcW
PeekMessageW
UnregisterClassA
FindWindowW
GetMessageW
TranslateMessage
DispatchMessageW
GetWindowRect
SetWindowPos
BringWindowToTop
IsIconic
CreateDialogParamW
IsWindow
SetWindowLongW
MessageBoxW
CharNextW
wvsprintfW
LoadStringW
SetForegroundWindow
ShowWindow
InvalidateRect
GetCapture

gdi32

DeleteDC
CreateFontW
GetCurrentObject
GetStockObject
CreateSolidBrush
CreateDIBSection
BitBlt
CreateCompatibleBitmap
CreateCompatibleDC
DeleteObject
SetTextColor
SelectObject
SetBkMode

advapi32

RegDeleteValueW
RegCreateKeyExW
RegSetValueExW
RegQueryInfoKeyW
RegDeleteKeyW
RegCloseKey
RegQueryValueExW
RegEnumKeyExW
RegOpenKeyExW
RegQueryValueExA

shell32

ShellExecuteW
SHGetSpecialFolderPathW
SHChangeNotify

ole32

CreateStreamOnHGlobal
CoCreateInstance
CoUninitialize
CoInitialize
CoTaskMemFree
CoTaskMemRealloc
CoTaskMemAlloc

oleaut32

VarUI4FromStr

shlwapi

PathFileExistsW
SHGetValueW
SHDeleteKeyW
SHSetValueW
PathRemoveFileSpecW
PathCombineW
PathMatchSpecW

comctl32

InitCommonControlsEx
ImageList_GetIconSize
ImageList_Draw
ImageList_Destroy
_TrackMouseEvent
ImageList_Create
ImageList_Add
ImageList_SetImageCount

msimg32

AlphaBlend

version

VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW

gdiplus

GdiplusStartup
GdipFree
GdipAlloc
GdipCloneImage
GdipDisposeImage
GdipCreateHBITMAPFromBitmap
GdiplusShutdown
GdipCreateBitmapFromStream

psapi

GetModuleFileNameExW
EnumProcesses
EnumProcessModules

Sections

.text
Size: 146KB - Virtual size: 145KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 38KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 16KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 181KB - Virtual size: 184KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

17e6a04cf59049043ceb25e8cdb3c174

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

shlwapi

comctl32

msimg32

version

gdiplus

psapi

Sections

.text Size: 146KB - Virtual size: 145KB

.rdata Size: 38KB - Virtual size: 37KB

.data Size: 16KB - Virtual size: 32KB

.rsrc Size: 181KB - Virtual size: 184KB

.text
Size: 146KB - Virtual size: 145KB

.rdata
Size: 38KB - Virtual size: 37KB

.data
Size: 16KB - Virtual size: 32KB

.rsrc
Size: 181KB - Virtual size: 184KB