30dddd87e515eea664b1b747915d5c833884361d8edde0c95dd9be054213139c

Sharing

Copy URL Twitter E-mail

General

Target

30dddd87e515eea664b1b747915d5c833884361d8edde0c95dd9be054213139c
Size

2.2MB
MD5

2b9f0693769b477a1e75f2bb2cf9f4ac
SHA1

9f3219bdc27f970759e321d2968321825680a382
SHA256

30dddd87e515eea664b1b747915d5c833884361d8edde0c95dd9be054213139c
SHA512

b083201f1dbf97b39510f31568bf0b1d872a8d8b0186d952f013be5c75c3c6d4d427f4f4e8910d41fe285c297741032b6f05a3990dab21a834d0261e8f4cbc96
SSDEEP

49152:V9jkhvhr83216zWd+l+4tM+n+i9krLEzo3SdkTi4POoc4624apg79beVAsS3Wy/t:V9jme3216zWM+j+n+iGAzo3SdkTi4C4y

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
30dddd87e515eea664b1b747915d5c833884361d8edde0c95dd9be054213139c

Files

30dddd87e515eea664b1b747915d5c833884361d8edde0c95dd9be054213139c
.exe windows x86

fa53332b410bd2c93bc7609f1a9bebc2

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpynA
GlobalAlloc
MulDiv
ActivateActCtx
GetProcAddress
GetModuleHandleA
LoadLibraryA
DeactivateActCtx
SetLastError
MoveFileA
GetTempFileNameA
GlobalUnlock
GlobalLock
SetFileTime
WriteFile
CreateDirectoryA
GetFileAttributesA
GetCurrentDirectoryW
lstrcatA
lstrlenA
lstrcpyA
GetCurrentDirectoryA
SystemTimeToFileTime
ReadFile
SetFilePointer
GetCurrentThreadId
DeleteFileA
FindClose
FindFirstFileA
GetSystemInfo
UnmapViewOfFile
CloseHandle
GetLastError
CreateFileA
FindFirstFileExA
GetDriveTypeA
LocalFileTimeToFileTime
GetFileInformationByHandle
GetTickCount
GetTempPathA
MultiByteToWideChar
lstrlenW
LocalFree
FormatMessageA
GlobalSize
CopyFileA
GlobalFree
ReplaceFileA
GetFileTime
GetFullPathNameA
GetDiskFreeSpaceA
GetStringTypeExA
GetThreadLocale
lstrcmpiA
FlushFileBuffers
LockFile
UnlockFile
SetEndOfFile
GetFileSize
DuplicateHandle
GetCurrentProcess
GetVolumeInformationA
GetModuleFileNameA
GetShortPathNameA
CreateActCtxW
ReleaseActCtx
GetModuleFileNameW
FreeLibrary
lstrcmpW
LoadLibraryW
CompareStringA
GetVersionExA
GlobalDeleteAtom
GlobalFindAtomA
GlobalAddAtomA
GlobalGetAtomNameA
FreeResource
FindResourceA
GetCurrentProcessId
SetThreadPriority
ResumeThread
WaitForSingleObject
lstrcmpA
GetModuleHandleW
InterlockedExchange
GetLocaleInfoA
GetSystemDefaultUILanguage
ConvertDefaultLocale
GetUserDefaultUILanguage
GetCurrentThread
GetPrivateProfileIntA
WritePrivateProfileStringA
GetPrivateProfileStringA
GetProfileIntA
FileTimeToSystemTime
LocalAlloc
LeaveCriticalSection
TlsGetValue
EnterCriticalSection
GlobalReAlloc
GlobalHandle
InitializeCriticalSection
TlsAlloc
TlsSetValue
LocalReAlloc
DeleteCriticalSection
TlsFree
FileTimeToLocalFileTime
GetFileAttributesExA
GetFileSizeEx
GlobalFlags
SetErrorMode
GetCPInfo
GetOEMCP
GetACP
GetWindowsDirectoryA
GetNumberFormatA
InitializeCriticalSectionAndSpinCount
Sleep
VirtualProtect
SearchPathA
FindResourceExW
EncodePointer
DecodePointer
ExitProcess
GetSystemTimeAsFileTime
HeapFree
HeapAlloc
GetCommandLineA
HeapSetInformation
GetStartupInfoW
HeapReAlloc
RtlUnwind
RaiseException
VirtualAlloc
VirtualQuery
ExitThread
CreateThread
HeapQueryInformation
HeapSize
SetStdHandle
GetFileType
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
IsProcessorFeaturePresent
GetStdHandle
IsValidCodePage
LCMapStringW
GetConsoleCP
GetConsoleMode
SetHandleCount
HeapCreate
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetStringTypeW
GetTimeZoneInformation
CompareStringW
WriteConsoleW
GetProcessHeap
CreateFileW
SetEnvironmentVariableA
SleepEx
VerifyVersionInfoA
VerSetConditionMask
GetSystemDirectoryA
PeekNamedPipe
WaitForMultipleObjects
ExpandEnvironmentStringsA
InterlockedDecrement
InterlockedIncrement
FindResourceW
LoadResource
LockResource
SizeofResource
WideCharToMultiByte
GetDriveTypeW

user32

GetForegroundWindow
GetClassLongA
GetCapture
WinHelpA
LoadIconA
LoadIconW
RegisterWindowMessageA
IsIconic
DefFrameProcA
DefMDIChildProcA
DrawMenuBar
GetActiveWindow
BringWindowToTop
TranslateMDISysAccel
RedrawWindow
GetDesktopWindow
IntersectRect
CreatePopupMenu
InsertMenuItemA
GetWindowThreadProcessId
DestroyIcon
LoadImageA
LoadMenuA
ReuseDDElParam
UnpackDDElParam
TabbedTextOutA
DrawTextA
DrawTextExA
GrayStringA
GetWindowDC
BeginPaint
EndPaint
ValidateRect
TranslateMessage
GetMessageA
PostQuitMessage
MapDialogRect
SetWindowContextHelpId
LoadAcceleratorsW
EndDialog
GetNextDlgTabItem
CreateDialogIndirectParamA
ShowOwnedPopups
IsZoomed
GetKeyNameTextA
MapVirtualKeyA
IsRectEmpty
DeleteMenu
GetSystemMenu
SetParent
WindowFromPoint
SetCursorPos
GetSysColorBrush
RealChildWindowFromPoint
DrawIcon
SetWindowRgn
CopyAcceleratorTableA
CreateMenu
PostThreadMessageA
GetTabbedTextExtentW
UnregisterClassA
EnumDisplayMonitors
SetLayeredWindowAttributes
UnionRect
GetMessagePos
InvalidateRgn
GetNextDlgGroupItem
MessageBeep
GetDCEx
LockWindowUpdate
WaitMessage
GetMenuDefaultItem
InvertRect
NotifyWinEvent
GetIconInfo
CopyImage
DrawIconEx
DrawEdge
DrawFrameControl
MonitorFromPoint
UpdateLayeredWindow
IsMenu
SetClassLongA
DestroyAcceleratorTable
ToAsciiEx
GetKeyboardLayout
GetKeyboardState
CreateAcceleratorTableA
RegisterClipboardFormatA
LoadImageW
IsCharLowerA
GetLastActivePopup
SetMenuDefaultItem
CopyIcon
GetDoubleClickTime
GetUpdateRect
CharUpperBuffA
SubtractRect
FrameRect
GetWindowRgn
GetMenuState
GetMenuStringA
AppendMenuA
GetMenuItemID
InsertMenuA
GetMenuItemCount
RemoveMenu
ClientToScreen
LoadMenuW
GetSubMenu
GetParent
EnableWindow
MonitorFromWindow
GetMonitorInfoA
MapWindowPoints
ScrollWindow
TrackPopupMenu
SetMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
SetForegroundWindow
PostMessageA
MessageBoxA
CreateWindowExA
GetClassInfoExA
GetClassInfoA
GetFocus
AdjustWindowRectEx
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
SetWindowPlacement
GetWindowPlacement
DefWindowProcA
GetMenu
DestroyMenu
GetMenuItemInfoA
LoadCursorW
DestroyCursor
ShowScrollBar
PtInRect
PeekMessageA
CharUpperA
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
ModifyMenuA
EnableMenuItem
CheckMenuItem
GetWindowTextLengthA
SetFocus
SetWindowPos
IsWindowEnabled
ShowWindow
MoveWindow
GetDlgCtrlID
RegisterClassA
SetWindowTextA
IsDialogMessageA
SetDlgItemTextA
SendDlgItemMessageA
CheckDlgButton
wsprintfA
UpdateWindow
GetSystemMetrics
SystemParametersInfoA
GetDC
ReleaseDC
GetSysColor
GetPropA
SetWindowLongA
RemovePropA
SetWindowsHookExA
UnhookWindowsHookEx
GetClassNameA
GetWindowLongA
SetPropA
CallNextHookEx
SetActiveWindow
DispatchMessageA
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
MapVirtualKeyExA
GetMessageTime
GetWindow
DestroyWindow
IsChild
CharNextA
SetRectEmpty
GetClipboardData
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
IsClipboardFormatAvailable
SetTimer
SetCapture
GetKeyState
TranslateAcceleratorA
LoadAcceleratorsA
KillTimer
ReleaseCapture
LoadCursorA
SetCursor
ScreenToClient
GetCursorPos
EnableScrollBar
GetDlgItem
IsWindow
HideCaret
ShowCaret
SetCaretPos
CreateCaret
GetAsyncKeyState
DrawFocusRect
FillRect
CallWindowProcA
IsWindowVisible
GetWindowRect
OffsetRect
InflateRect
SetRect
DrawStateA
GetWindowTextA
CopyRect
InvalidateRect
GetClientRect
SendMessageA

gdi32

CopyMetaFileA
SelectClipRgn
CreateRectRgn
GetViewportExtEx
GetWindowExtEx
PtVisible
RectVisible
TextOutA
SetTextAlign
MoveToEx
SetLayout
IntersectClipRect
ExcludeClipRect
GetClipBox
SetMapMode
SetStretchBltMode
SetROP2
SetPolyFillMode
SetBkMode
RestoreDC
SaveDC
SetBkColor
SetTextColor
ExtTextOutA
GetStockObject
PatBlt
Rectangle
LineTo
GetLayout
SetPixelV
GetBoundsRect
FrameRgn
FillRgn
PtInRegion
SetPaletteEntries
ExtFloodFill
EnumFontFamiliesExA
OffsetRgn
StretchBlt
SetDIBColorTable
CreateRoundRectRgn
Polygon
Polyline
CreatePolygonRgn
GetSystemPaletteEntries
RealizePalette
GetNearestPaletteIndex
GetPaletteEntries
CreatePalette
GetRgnBox
GetTextCharsetInfo
EnumFontFamiliesA
CreateDIBitmap
CreateCompatibleDC
CreateCompatibleBitmap
SelectObject
BitBlt
DeleteDC
GetPixel
SetPixel
CreatePen
CreateSolidBrush
RoundRect
GetTextExtentPoint32A
CreateFontIndirectA
GetObjectA
GetDeviceCaps
GetWindowOrgEx
GetTextExtentPoint32W
GetTextExtentPointA
GetTextFaceA
GetViewportOrgEx
EndDoc
AbortDoc
SetAbortProc
EndPage
StartPage
StartDocA
DPtoLP
CreateBitmap
CreateDCA
DeleteObject
GetTextAlign
GetTextColor
GetStretchBltMode
GetROP2
GetPolyFillMode
GetBkMode
GetNearestColor
CreateDIBSection
Ellipse
LPtoDP
CreateEllipticRgn
GetBkColor
GetMapMode
CombineRgn
SetRectRgn
CreateRectRgnIndirect
StretchDIBits
CreateFontA
GetCharWidthA
GetTextMetricsA
CreateHatchBrush
GetObjectType
SelectPalette
CreatePatternBrush
ExtSelectClipRgn
GetCurrentPositionEx
ScaleWindowExtEx
SetWindowExtEx
OffsetWindowOrgEx
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
Escape

shell32

SHBrowseForFolderA
SHAppBarMessage
SHGetSpecialFolderLocation
SHGetPathFromIDListA
SHGetDesktopFolder
ExtractIconA
SHAddToRecentDocs
DragQueryFileA
DragFinish
SHGetFileInfoA
ShellExecuteA

msimg32

AlphaBlend
TransparentBlt

comctl32

_TrackMouseEvent
ImageList_GetIconSize

shlwapi

PathStripToRootA
PathFindExtensionA
PathFindFileNameA
PathRemoveFileSpecW
PathIsUNCA

oledlg

ord8

wldap32

ord46
ord41
ord27
ord301
ord33
ord79
ord35
ord32
ord200
ord30
ord26
ord50
ord60
ord143
ord211
ord22

ws2_32

WSACleanup
WSAStartup
WSASetLastError
__WSAFDIsSet
WSAGetLastError
select
recv
WSAIoctl
setsockopt
ntohl
htonl
gethostname
ioctlsocket
listen
accept
recvfrom
sendto
getaddrinfo
freeaddrinfo
connect
socket
closesocket
getpeername
getsockopt
htons
bind
ntohs
getsockname
send

crypt32

CertFreeCertificateContext

oleacc

AccessibleObjectFromWindow
CreateStdAccessibleObject
LresultFromObject

gdiplus

GdipGetImageGraphicsContext
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStream
GdipGetImagePalette
GdipGetImagePaletteSize
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipCloneImage
GdipDrawImageRectI
GdipSetInterpolationMode
GdipCreateFromHDC
GdiplusStartup
GdipCreateBitmapFromHBITMAP
GdipDisposeImage
GdipDeleteGraphics
GdipAlloc
GdipFree
GdiplusShutdown
GdipDrawImageI

imm32

ImmGetOpenStatus
ImmReleaseContext
ImmGetContext

winmm

PlaySoundA

winspool.drv

OpenPrinterA
GetJobA
ClosePrinter
DocumentPropertiesA

comdlg32

GetFileTitleA

advapi32

RegSetValueExA
CryptImportKey
CryptEncrypt
CryptDestroyKey
CryptGetHashParam
CryptDestroyHash
CryptHashData
CryptCreateHash
CryptAcquireContextA
CryptGenRandom
CryptReleaseContext
RegCloseKey
RegSetValueA
SetFileSecurityA
GetFileSecurityA
RegQueryValueExA
RegOpenKeyExA
RegOpenKeyExW
RegCreateKeyExA
RegEnumKeyExA
RegDeleteValueA
RegDeleteKeyA
RegEnumKeyA
RegQueryValueA
RegEnumValueA

ole32

OleGetClipboard
OleUninitialize
CoFreeUnusedLibraries
OleInitialize
CoRevokeClassObject
CoRegisterMessageFilter
RevokeDragDrop
CoLockObjectExternal
RegisterDragDrop
CLSIDFromString
CLSIDFromProgID
CoCreateGuid
OleDuplicateData
CoTaskMemAlloc
ReleaseStgMedium
StringFromCLSID
CoTaskMemFree
OleLockRunning
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CoInitialize
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
IsAccelerator
OleTranslateAccelerator
CoInitializeEx
CoUninitialize
CreateStreamOnHGlobal
CoCreateInstance
DoDragDrop
OleFlushClipboard
OleIsCurrentClipboard

oleaut32

VarBstrFromDate
SysFreeString
SysAllocStringByteLen
VariantChangeType
VariantInit
SysAllocStringLen
OleCreateFontIndirect
SysAllocString
VariantClear
VariantCopy
SafeArrayDestroy
VariantTimeToSystemTime
SystemTimeToVariantTime
SysStringLen

Sections

.text
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 363KB - Virtual size: 362KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 27KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 54KB - Virtual size: 53KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 187KB - Virtual size: 186KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fa53332b410bd2c93bc7609f1a9bebc2

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

shell32

msimg32

comctl32

shlwapi

oledlg

wldap32

ws2_32

crypt32

oleacc

gdiplus

imm32

winmm

winspool.drv

comdlg32

advapi32

ole32

oleaut32

Sections

.text Size: 1.6MB - Virtual size: 1.6MB

.rdata Size: 363KB - Virtual size: 362KB

.data Size: 27KB - Virtual size: 66KB

.rsrc Size: 54KB - Virtual size: 53KB

.reloc Size: 187KB - Virtual size: 186KB

.text
Size: 1.6MB - Virtual size: 1.6MB

.rdata
Size: 363KB - Virtual size: 362KB

.data
Size: 27KB - Virtual size: 66KB

.rsrc
Size: 54KB - Virtual size: 53KB

.reloc
Size: 187KB - Virtual size: 186KB