bba30b32ede3c343efc02a0cb13e4d91ee3daa2f9cc5529f8d8b45435684c8d4

Sharing

Copy URL

Twitter E-mail

General

Target

bba30b32ede3c343efc02a0cb13e4d91ee3daa2f9cc5529f8d8b45435684c8d4
Size

3.2MB
MD5

61762fe92eda10ad820246750ec8483e
SHA1

991728b5cfb9781c71656fbd7be818d5915ff2a7
SHA256

bba30b32ede3c343efc02a0cb13e4d91ee3daa2f9cc5529f8d8b45435684c8d4
SHA512

3e397c24fca83dd93fe47f58f5d374feb9fc15d344116c42895e7ad98d5c13269d454393a3c55adbd473aa8667687eb25279df09161c78f2fe9ee3a294d71316
SSDEEP

98304:SqxqzvqbCVlX6WTpst2/tmy+i4QZPALSnw6dfe:SBSbnitwSnw6dfe

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bba30b32ede3c343efc02a0cb13e4d91ee3daa2f9cc5529f8d8b45435684c8d4

Files

bba30b32ede3c343efc02a0cb13e4d91ee3daa2f9cc5529f8d8b45435684c8d4
.exe windows:5 windows x86

3c3af8290f6bb97b64e873a93863199e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

IsProcessorFeaturePresent
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
LCMapStringW
GetStringTypeW
GetConsoleCP
GetConsoleMode
IsDebuggerPresent
GetEnvironmentStringsW
CreateFileA
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
GetProcessHeap
SetEnvironmentVariableA
UnhandledExceptionFilter
QueryPerformanceCounter
HeapCreate
SetHandleCount
FreeEnvironmentStringsW
SetUnhandledExceptionFilter
HeapSize
HeapQueryInformation
GetFileType
SetStdHandle
ExitProcess
HeapReAlloc
ExitThread
VirtualQuery
GetSystemInfo
VirtualAlloc
DecodePointer
EncodePointer
HeapAlloc
HeapFree
RaiseException
RtlUnwind
GetSystemTimeAsFileTime
HeapSetInformation
FindResourceExW
GetUserDefaultLCID
VirtualProtect
SearchPathW
GetProfileIntW
GetTempFileNameW
GetNumberFormatW
GetWindowsDirectoryW
SetErrorMode
GetFileTime
GetFileSizeEx
GetFileAttributesExW
GetCurrentDirectoryW
GetFileAttributesW
lstrcpyW
lstrlenA
GlobalGetAtomNameW
InterlockedIncrement
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
TlsGetValue
GlobalFlags
FindNextFileW
GetFullPathNameW
GetVolumeInformationW
FindFirstFileW
FindClose
GetCurrentProcess
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
CreateFileW
lstrcmpiW
GetThreadLocale
LocalAlloc
FileTimeToLocalFileTime
InterlockedDecrement
ReleaseActCtx
CreateActCtxW
SuspendThread
ResumeThread
SetThreadPriority
lstrcmpA
GetCurrentThread
GetUserDefaultUILanguage
ConvertDefaultLocale
GetSystemDefaultUILanguage
GetLocaleInfoW
LoadLibraryExW
GetCurrentProcessId
GetCurrentThreadId
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
GetVersionExW
GetModuleHandleW
CompareStringW
ActivateActCtx
DeactivateActCtx
lstrcmpW
FileTimeToSystemTime
GlobalSize
FormatMessageW
LocalFree
MulDiv
SetLastError
FreeResource
GetTimeZoneInformation
GetStartupInfoW
CreateProcessW
TerminateProcess
GetSystemDirectoryW
GetLogicalDriveStringsW
GetDriveTypeW
CreateMutexW
CreateEventW
GetSystemTime
GetTempPathW
CreateDirectoryW
TerminateThread
CopyFileW
SizeofResource
MoveFileW
InitializeCriticalSectionAndSpinCount
GetLastError
lstrlenW
WritePrivateProfileStringW
GetPrivateProfileStringW
SystemTimeToFileTime
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalFree
FreeLibrary
LoadLibraryW
GetProcAddress
GetStdHandle
WriteConsoleW
AllocConsole
GetConsoleWindow
GetCommandLineW
DeleteFileW
GetLocalTime
SetThreadUILanguage
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
InterlockedExchange
GetModuleFileNameW
GetPrivateProfileIntW
CreateThread
Sleep
CloseHandle
ReleaseMutex
WideCharToMultiByte
MultiByteToWideChar
GetTickCount
SetEvent
WaitForSingleObject
FindResourceW
LoadResource
LockResource
InterlockedCompareExchange

user32

IntersectRect
SystemParametersInfoW
DestroyMenu
GetMenuItemInfoW
DrawStateW
MapVirtualKeyW
GetKeyNameTextW
LoadImageW
GetIconInfo
CopyImage
DrawIconEx
DestroyIcon
GetNextDlgGroupItem
SetRectEmpty
IsRectEmpty
WindowFromPoint
GetWindowThreadProcessId
EndPaint
BeginPaint
GrayStringW
DrawTextExW
TabbedTextOutW
LoadMenuW
MoveWindow
SetWindowTextW
IsDialogMessageW
SetDlgItemTextW
SetDlgItemInt
GetDlgItemInt
CheckDlgButton
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
ModifyMenuW
CheckMenuItem
SendDlgItemMessageW
SendDlgItemMessageA
WinHelpW
IsChild
GetCapture
SetWindowsHookExW
CallNextHookEx
GetClassLongW
GetClassNameW
SetPropW
GetPropW
RemovePropW
GetFocus
GetForegroundWindow
GetLastActivePopup
DispatchMessageW
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
PeekMessageW
MonitorFromWindow
MapWindowPoints
ScrollWindow
TrackPopupMenu
GetKeyState
SetMenu
SetScrollRange
GetScrollRange
SetForegroundWindow
ShowScrollBar
ValidateRect
MessageBoxW
CreateWindowExW
GetClassInfoExW
GetClassInfoW
AdjustWindowRectEx
EqualRect
DeferWindowPos
GetScrollInfo
PostQuitMessage
SetWindowPlacement
GetWindowPlacement
GetDlgCtrlID
DefWindowProcW
CallWindowProcW
GetMenu
GetWindowTextLengthW
GetWindowTextW
GetScrollPos
SetScrollPos
GetWindow
SetFocus
GetMenuState
GetMenuStringW
GetMenuItemID
InsertMenuW
GetMenuItemCount
GetSubMenu
RemoveMenu
SetActiveWindow
CreateDialogIndirectParamW
DestroyWindow
GetDlgItem
IsWindowEnabled
GetNextDlgTabItem
EndDialog
InflateRect
RedrawWindow
UpdateWindow
GetWindowDC
MessageBoxExW
RegisterWindowMessageW
GetWindowLongW
GetSysColor
DrawFocusRect
DrawFrameControl
DrawTextW
RegisterClassW
LoadCursorW
SetCursor
FillRect
TrackMouseEvent
GetParent
CopyRect
ShowWindow
IsWindowVisible
RegisterHotKey
PtInRect
GetCursorPos
CharUpperBuffW
FrameRect
RegisterClipboardFormatW
MonitorFromPoint
GetMonitorInfoW
SendMessageW
EnableWindow
GetWindowRect
OffsetRect
UnpackDDElParam
SetWindowPos
ReleaseCapture
IsWindow
UnregisterHotKey
GetSystemMetrics
LoadIconW
SetParent
GetDesktopWindow
SetCapture
GetActiveWindow
ScreenToClient
ClientToScreen
IsZoomed
IsIconic
AppendMenuW
TranslateMessage
GetMessageW
ShowOwnedPopups
MapDialogRect
SetWindowContextHelpId
WaitMessage
CharUpperW
GetWindowRgn
DestroyCursor
SubtractRect
GetUpdateRect
CreatePopupMenu
DrawIcon
KillTimer
SetTimer
GetSystemMenu
EnableMenuItem
ReleaseDC
GetDC
GetClientRect
PostMessageW
CreateMenu
TranslateMDISysAccel
DrawMenuBar
DefMDIChildProcW
DefFrameProcW
MapVirtualKeyExW
PostThreadMessageW
IsCharLowerW
ReuseDDElParam
InsertMenuItemW
InvalidateRect
SetWindowLongW
TranslateAcceleratorW
GetDoubleClickTime
CopyIcon
LockWindowUpdate
BringWindowToTop
SetCursorPos
CreateAcceleratorTableW
LoadAcceleratorsW
GetKeyboardState
GetKeyboardLayout
ToUnicodeEx
SetClassLongW
DestroyAcceleratorTable
HideCaret
InvertRect
UnregisterClassW
InvalidateRgn
CopyAcceleratorTableW
CharNextW
RealChildWindowFromPoint
SetRect
IsClipboardFormatAvailable
GetMenuDefaultItem
SetMenuDefaultItem
NotifyWinEvent
MessageBeep
DeleteMenu
IsMenu
GetAsyncKeyState
UpdateLayeredWindow
EnableScrollBar
UnionRect
SetWindowRgn
DrawEdge
EmptyClipboard
CloseClipboard
SetClipboardData
OpenClipboard
SetLayeredWindowAttributes
EnumDisplayMonitors
GetSysColorBrush
SetScrollInfo

gdi32

CreateBitmap
SaveDC
RestoreDC
SetPolyFillMode
SetROP2
SetMapMode
GetClipBox
ExcludeClipRect
IntersectClipRect
SetTextAlign
GetLayout
SetLayout
SelectClipRgn
CreateRectRgn
GetViewportExtEx
GetWindowExtEx
GetPixel
PtVisible
RectVisible
TextOutW
ExtTextOutW
Escape
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
OffsetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
ExtSelectClipRgn
CreatePatternBrush
SelectPalette
GetObjectType
CreateHatchBrush
SetBkColor
CreateRectRgnIndirect
PatBlt
CreateFontIndirectW
SetRectRgn
CombineRgn
GetMapMode
DPtoLP
GetTextMetricsW
CreateDIBitmap
EnumFontFamiliesW
GetTextCharsetInfo
RealizePalette
SetPixel
CreateEllipticRgn
GetBkColor
GetTextColor
Polyline
Ellipse
Polygon
CreateRoundRectRgn
GetRgnBox
CreatePalette
GetPaletteEntries
GetNearestPaletteIndex
GetSystemPaletteEntries
OffsetRgn
EnumFontFamiliesExW
ExtFloodFill
SetPaletteEntries
LPtoDP
GetWindowOrgEx
GetViewportOrgEx
FillRgn
FrameRgn
GetBoundsRect
SetPixelV
GetTextFaceW
CopyMetaFileW
CreateDCW
GetDeviceCaps
Rectangle
SetStretchBltMode
CreateSolidBrush
SetTextColor
CreateFontW
PtInRegion
CreatePolygonRgn
CreatePen
MoveToEx
LineTo
CreateDIBSection
GetObjectW
SetDIBColorTable
SetBkMode
DeleteObject
StretchBlt
SelectObject
DeleteDC
StretchDIBits
BitBlt
CreateCompatibleDC
CreateCompatibleBitmap
GetTextExtentPoint32W
GetStockObject

msimg32

TransparentBlt
AlphaBlend

comdlg32

GetFileTitleW

winspool.drv

ClosePrinter
DocumentPropertiesW
OpenPrinterW

advapi32

RegEnumKeyExW
RegQueryValueExW
RegOpenKeyExW
RegCreateKeyExW
RegSetValueExW
RegDeleteValueW
RegDeleteKeyW
RegEnumKeyW
RegCloseKey
RegEnumValueW
RegQueryValueW

shell32

DragQueryFileW
SHBrowseForFolderW
Shell_NotifyIconW
ShellExecuteW
SHGetFileInfoW
SHGetDesktopFolder
SHGetSpecialFolderLocation
SHGetPathFromIDListW
DragFinish
SHAppBarMessage

comctl32

ImageList_GetIconSize

shlwapi

PathFileExistsW
PathFindFileNameW
PathIsDirectoryW
PathRemoveFileSpecW
PathFindExtensionW
PathStripToRootW
PathIsUNCW

ole32

OleLockRunning
IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
DoDragDrop
OleFlushClipboard
OleIsCurrentClipboard
CoTaskMemFree
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
CoGetClassObject
CLSIDFromString
CLSIDFromProgID
CoCreateGuid
CoInitializeEx
CoCreateInstance
OleDuplicateData
CoTaskMemAlloc
ReleaseStgMedium
RegisterDragDrop
CoLockObjectExternal
RevokeDragDrop
CreateStreamOnHGlobal
CoInitialize
CoUninitialize
OleGetClipboard
CoRegisterMessageFilter
CoRevokeClassObject
StgOpenStorageOnILockBytes

oleaut32

VariantChangeType
VariantInit
SysAllocString
VariantCopy
VariantClear
SafeArrayDestroy
SysStringLen
VarBstrFromDate
OleCreateFontIndirect
SysAllocStringLen
VariantTimeToSystemTime
SystemTimeToVariantTime
SysFreeString

oledlg

OleUIBusyW

urlmon

URLDownloadToFileW

ws2_32

send
getsockopt
recvfrom
recv
WSAGetLastError
select
__WSAFDIsSet
accept
ioctlsocket
connect
bind
htonl
WSAStartup
WSACleanup
socket
sendto
getsockname
closesocket
WSAAsyncSelect
WSASetLastError
gethostbyname
inet_addr
ntohl
ntohs
htons
inet_ntoa

gdiplus

GdipCloneImage
GdipGetImageWidth
GdipGetImageHeight
GdipGetImagePixelFormat
GdipGetImagePaletteSize
GdipGetImagePalette
GdipCreateBitmapFromStream
GdipDrawImageRectI
GdipCreateBitmapFromScan0
GdipBitmapLockBits
GdipBitmapUnlockBits
GdipGetImageGraphicsContext
GdipDrawImageI
GdipCreateBitmapFromFile
GdipCreateBitmapFromHBITMAP
GdipSetInterpolationMode
GdipSetSmoothingMode
GdipCreateFromHDC
GdipDisposeImage
GdiplusShutdown
GdiplusStartup
GdipFree
GdipAlloc
GdipDeleteGraphics
GdipLoadImageFromFile

iphlpapi

GetAdaptersInfo

zlibwapi

ord72
ord68
ord79
ord62
ord63
ord67
ord64
ord61
ord66

draw

draw_display_yuv420
draw_destroy
draw_create

swscale-2

sws_freeContext
sws_scale
sws_getContext

ice_ipcsdk

ICE_IPCSDK_SetImagingSettings
ICE_IPCSDK_GetImagingSettings
ICE_IPCSDK_SetExpAttr
ICE_IPCSDK_GetExpAttr
ICE_IPCSDK_GetEncoderSettings
ICE_IPCSDK_SetEncoderSettings
ICE_IPCSDK_GetNTPCfg
ICE_IPCSDK_SetNTPCfg
ICE_IPCSDK_GetTime
ICE_IPCSDK_SetSDCfg
ICE_IPCSDK_GetSDCfg
ICE_IPCSDK_SDUnload
ICE_IPCSDK_LogConfigEx
ICE_IPCSDK_Capture
ICE_IPCSDK_GetOSDCfg
ICE_IPCSDK_SetOSDCfg
ICE_IPCSDK_GetPhyChnCfg
ICE_IPCSDK_SetPhyChnCfg
ICE_IPCSDK_GetOfflineMulticast_Config
ICE_IPCSDK_SetOfflineMulticast_Config
ICE_IPCSDK_GetIPAddr
ICE_IPCSDK_GetDNSAddr
ICE_IPCSDK_SetDNSAddr
ICE_IPCSDK_SetIPAddr
ICE_IPCSDK_GetStatus
ICE_IPCSDK_SetTime
ICE_IPCSDK_SyncTime
ICE_IPCSDK_Reboot
ICE_IPCSDK_SetAutoRebootParam
ICE_IPCSDK_GetAutoRebootParam
ICE_IPCSDK_GetUID
ICE_IPCSDK_GetMainSubModeParam
ICE_IPCSDK_SetMainSubModeParam
ICE_IPCSDK_Close
ICE_IPCSDK_Open_Passwd_Ex2
ICE_IPCSDK_Open_Passwd_Ex
ICE_IPCSDK_SetPlateCallback
ICE_IPCSDK_SetFlasePlateCallback
ICE_IPCSDK_SetDeviceEventCallBack
ICE_SDK_SetParam
ICE_IPCSDK_SetVDCParam
ICE_IPCSDK_GetVDCParam
ICE_IPCSDK_SetHDTriggerParam
ICE_IPCSDK_GetHDTriggerParam
ICE_IPCSDK_SetARegCfg
ICE_IPCSDK_GetARegCfg
ICE_IPCSDK_Fini
ICE_IPCSDK_Init
ICE_IPCSDK_LogConfig
ICE_IPCSDK_StartRecord
ICE_IPCSDK_StopRecord
ICE_IPCSDK_TriggerExt
ICE_IPCSDK_SetStrobeLightParam
ICE_IPCSDK_GetStrobeLightParam
ICE_IPCSDK_ControlAlarmOut
ICE_IPCSDK_SetLEDParam
ICE_IPCSDK_GetLEDParam
ICE_SDK_GetParam

version

VerQueryValueW
GetFileVersionInfoW

oleacc

AccessibleObjectFromWindow
CreateStdAccessibleObject
LresultFromObject

wininet

InternetSetFilePointer
InternetSetStatusCallbackW
InternetOpenW
InternetGetLastResponseInfoW
InternetCloseHandle
HttpQueryInfoW
InternetWriteFile
InternetQueryDataAvailable
InternetSetOptionExW
InternetQueryOptionW
DeleteUrlCacheEntryW
HttpOpenRequestW
InternetReadFile
HttpSendRequestW
InternetConnectW

imm32

ImmReleaseContext
ImmGetOpenStatus
ImmGetContext

winmm

PlaySoundW

Sections

.text
Size: 2.3MB - Virtual size: 2.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 537KB - Virtual size: 536KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 30KB - Virtual size: 73KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 111KB - Virtual size: 111KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 248KB - Virtual size: 248KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3c3af8290f6bb97b64e873a93863199e

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

msimg32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

ole32

oleaut32

oledlg

urlmon

ws2_32

gdiplus

iphlpapi

zlibwapi

draw

swscale-2

ice_ipcsdk

version

oleacc

wininet

imm32

winmm

Sections

.text Size: 2.3MB - Virtual size: 2.3MB

.rdata Size: 537KB - Virtual size: 536KB

.data Size: 30KB - Virtual size: 73KB

.rsrc Size: 111KB - Virtual size: 111KB

.reloc Size: 248KB - Virtual size: 248KB

.text
Size: 2.3MB - Virtual size: 2.3MB

.rdata
Size: 537KB - Virtual size: 536KB

.data
Size: 30KB - Virtual size: 73KB

.rsrc
Size: 111KB - Virtual size: 111KB

.reloc
Size: 248KB - Virtual size: 248KB