30ef5338e210a01d6204530a0982023058320a7d65dbe683c7fae93202caafed

Sharing

Copy URL Twitter E-mail

General

Target

30ef5338e210a01d6204530a0982023058320a7d65dbe683c7fae93202caafed
Size

2.5MB
MD5

0e68a1f03ad14efd518403cd2ff4320c
SHA1

64a5f9478294c5f678e8357d0960624d7119aec7
SHA256

30ef5338e210a01d6204530a0982023058320a7d65dbe683c7fae93202caafed
SHA512

19a08c63fcb7ceea2eaad1681b72eabe2c93eaaf9d2d8c7afb5ea6b0f9628692131860ee20c6a93ad5382ae69eb70dfeafdd7b88ef4b5e0b147598eb3fc56610
SSDEEP

49152:vfxsIuCJITm9x/qdwikdILjdu/qyMNeIJtIvDCzkfFD97MecnbLrz9qJUKlbd:vfxsIuCJITm9FqdwikqLxui1NeIJtIFD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
30ef5338e210a01d6204530a0982023058320a7d65dbe683c7fae93202caafed

Files

30ef5338e210a01d6204530a0982023058320a7d65dbe683c7fae93202caafed
.exe windows:6 windows x86

c44b7f4da48b6722dcfb4ef3f5aff304

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateFileW
FindFirstFileExA
SetEnvironmentVariableA
FreeEnvironmentStringsW
GetEnvironmentStringsW
IsValidCodePage
SetFilePointerEx
ReadConsoleW
GetConsoleMode
GetConsoleCP
GetStringTypeW
GetTimeZoneInformation
LCMapStringW
WriteConsoleW
GetDateFormatW
GetStdHandle
ExitProcess
QueryPerformanceFrequency
HeapQueryInformation
GetModuleHandleExW
FreeLibraryAndExitThread
ExitThread
CreateThread
GetCommandLineW
GetCommandLineA
GetFileType
SetStdHandle
VirtualQuery
VirtualAlloc
GetSystemInfo
RtlUnwind
OutputDebugStringW
GetTimeFormatW
FindClose
SizeofResource
LockResource
LoadResource
FindResourceW
ResetEvent
PurgeComm
DeleteFileA
CloseHandle
CreateEventA
GetTickCount
CreateFileA
GetModuleFileNameA
SetEvent
Sleep
FindResourceA
InitializeCriticalSection
EnterCriticalSection
SetCommTimeouts
SetCommMask
GetCommState
SetCommState
LeaveCriticalSection
WaitCommEvent
GetLastError
ClearCommError
WaitForMultipleObjects
GetCommMask
ResumeThread
SuspendThread
FormatMessageA
LocalFree
WriteFile
GetOverlappedResult
WaitForSingleObject
ReadFile
HeapFree
InitializeCriticalSectionEx
HeapSize
HeapReAlloc
RaiseException
HeapAlloc
DecodePointer
DeleteCriticalSection
GetProcessHeap
OutputDebugStringA
SetLastError
FreeResource
GetModuleFileNameW
GetModuleHandleA
GetModuleHandleW
GetProcAddress
GlobalLock
GlobalUnlock
GlobalFree
LoadLibraryW
InitializeCriticalSectionAndSpinCount
EncodePointer
GetCurrentThreadId
GetSystemDirectoryW
FreeLibrary
LoadLibraryExW
GlobalDeleteAtom
lstrcmpW
LoadLibraryA
GlobalAddAtomA
GlobalFindAtomA
GlobalGetAtomNameA
MultiByteToWideChar
CompareStringA
GlobalAlloc
GlobalSize
MulDiv
CopyFileA
GetCurrentProcessId
GetVersionExA
FileTimeToLocalFileTime
WideCharToMultiByte
FindFirstFileA
FindNextFileA
SystemTimeToTzSpecificLocalTime
FileTimeToSystemTime
GetCurrentThread
lstrcmpA
GetPrivateProfileIntA
GetPrivateProfileStringA
WritePrivateProfileStringA
SetThreadPriority
GetACP
GlobalFlags
lstrcpyA
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GlobalReAlloc
GlobalHandle
LocalAlloc
LocalReAlloc
CompareStringW
GetLocaleInfoW
GetSystemDefaultUILanguage
GetUserDefaultUILanguage
VirtualProtect
GetOEMCP
GetCPInfo
GetThreadLocale
FlushFileBuffers
GetFileSize
GetFullPathNameA
LockFile
SetEndOfFile
SetFilePointer
UnlockFile
DuplicateHandle
GetCurrentProcess
lstrcmpiA
GetVolumeInformationA
GetFileAttributesA
GetFileAttributesExA
GetFileSizeEx
GetFileTime
GetCurrentDirectoryA
GetWindowsDirectoryA
VerSetConditionMask
VerifyVersionInfoA
FindResourceExW
SetErrorMode
GetTempPathA
GetTempFileNameA
GetProfileIntA
SearchPathA
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
WaitForSingleObjectEx
CreateEventW
IsDebuggerPresent
GetStartupInfoW
QueryPerformanceCounter
GetSystemTimeAsFileTime
InitializeSListHead

user32

GetIconInfo
DrawIconEx
LoadImageA
DrawFocusRect
GetMenuDefaultItem
CreatePopupMenu
MessageBeep
GetNextDlgGroupItem
IsRectEmpty
InvalidateRgn
CopyAcceleratorTableA
CharNextA
KillTimer
SetTimer
DeleteMenu
LoadCursorW
ReleaseCapture
SetCapture
WaitMessage
CharUpperA
GetAsyncKeyState
LoadCursorA
GetSysColorBrush
CopyImage
LoadImageW
DestroyIcon
TrackMouseEvent
RealChildWindowFromPoint
WindowFromPoint
IntersectRect
SystemParametersInfoA
InflateRect
GetMenuItemInfoA
DestroyMenu
SetCursor
ShowOwnedPopups
GetCursorPos
GetMessageA
MapDialogRect
SetWindowContextHelpId
PostQuitMessage
GetWindowThreadProcessId
FillRect
ClientToScreen
GetWindowDC
LoadBitmapW
SetMenuItemInfoA
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
EnableMenuItem
CheckMenuItem
RemoveMenu
InsertMenuA
GetMenuState
GetMenuStringA
IsDialogMessageA
SetWindowTextA
CheckDlgButton
MoveWindow
ShowWindow
GetMonitorInfoA
MonitorFromWindow
WinHelpA
GetScrollInfo
SetScrollInfo
LoadIconA
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExA
GetWindow
GetLastActivePopup
GetTopWindow
GetClassNameA
GetClassLongA
SetWindowLongA
PtInRect
EqualRect
CopyRect
MapWindowPoints
EnableScrollBar
AdjustWindowRectEx
GetWindowTextLengthA
GetWindowTextA
RemovePropA
GetPropA
SetPropA
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
ScrollWindow
RedrawWindow
ValidateRect
EndPaint
BeginPaint
SetForegroundWindow
GetForegroundWindow
HideCaret
InvertRect
NotifyWinEvent
EnableWindow
MsgWaitForMultipleObjects
PeekMessageA
DispatchMessageA
LoadIconW
TrackPopupMenu
GetMenuItemCount
GetMenuItemID
GetSubMenu
SetMenu
GetMenu
GetCapture
GetKeyState
GetFocus
SetFocus
IsWindowVisible
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPlacement
GetWindowPlacement
MapVirtualKeyA
GetKeyNameTextA
SetLayeredWindowAttributes
EnumDisplayMonitors
SetClassLongA
SetWindowRgn
SetParent
OpenClipboard
CloseClipboard
SetClipboardData
EmptyClipboard
DrawStateA
DrawEdge
DrawFrameControl
SetWindowPos
IsChild
IsZoomed
LoadMenuW
BringWindowToTop
SetCursorPos
UpdateLayeredWindow
CopyIcon
FrameRect
LoadAcceleratorsA
GetSystemMenu
AppendMenuA
GetWindowRect
GetSystemMetrics
IsIconic
DrawIcon
SetRect
GetSysColor
TabbedTextOutA
DrawTextA
DrawTextExA
GrayStringA
GetDlgCtrlID
MessageBoxA
TranslateMessage
UnregisterClassA
GetDC
ReleaseDC
IsWindow
DestroyWindow
CreateDialogIndirectParamA
EndDialog
GetDlgItem
GetNextDlgTabItem
GetActiveWindow
IsWindowEnabled
SetActiveWindow
GetWindowLongA
GetDesktopWindow
GetParent
SendDlgItemMessageA
SetRectEmpty
OffsetRect
RegisterWindowMessageA
GetMessagePos
GetMessageTime
PostMessageA
DefWindowProcA
CallWindowProcA
RegisterClassA
GetClassInfoA
GetClassInfoExA
CreateWindowExA
IsMenu
TranslateAcceleratorA
LoadMenuA
InsertMenuItemA
UnpackDDElParam
ReuseDDElParam
RegisterClipboardFormatA
UnionRect
SendMessageA
FindWindowA
GetClientRect
InvalidateRect
DestroyCursor
GetWindowRgn
CreateMenu
SubtractRect
TranslateMDISysAccel
DefMDIChildProcA
DefFrameProcA
DrawMenuBar
GetUpdateRect
IsClipboardFormatAvailable
CharUpperBuffA
ModifyMenuA
GetDoubleClickTime
SetMenuDefaultItem
LockWindowUpdate
DestroyAcceleratorTable
CreateAcceleratorTableA
LoadAcceleratorsW
ToAsciiEx
GetKeyboardState
MapVirtualKeyExA
IsCharLowerA
GetKeyboardLayout
PostThreadMessageA
GetComboBoxInfo
MonitorFromPoint
ScreenToClient
UpdateWindow

gdi32

GetTextFaceA
GetViewportOrgEx
GetWindowOrgEx
SetPixelV
SetPaletteEntries
ExtFloodFill
PtInRegion
GetBoundsRect
FrameRgn
FillRgn
RoundRect
OffsetRgn
EnumFontFamiliesExA
CreateRoundRectRgn
Polyline
Ellipse
CreateEllipticRgn
SetDIBColorTable
CreateDIBSection
StretchBlt
SetPixel
GetTextCharsetInfo
EnumFontFamiliesA
CreateDIBitmap
RealizePalette
GetSystemPaletteEntries
GetPaletteEntries
GetNearestPaletteIndex
CreatePalette
GetRgnBox
GetTextColor
GetTextMetricsA
SetRectRgn
PatBlt
CreateRectRgnIndirect
CombineRgn
GetTextExtentPoint32A
ScaleWindowExtEx
ScaleViewportExtEx
OffsetWindowOrgEx
OffsetViewportOrgEx
SetWindowOrgEx
SetWindowExtEx
SetViewportOrgEx
SetViewportExtEx
MoveToEx
SetTextAlign
SetROP2
SetPolyFillMode
GetLayout
SetLayout
SetMapMode
SetBkMode
SelectPalette
SelectObject
ExtSelectClipRgn
SelectClipRgn
SaveDC
RestoreDC
LineTo
IntersectClipRect
GetWindowExtEx
GetViewportExtEx
GetStockObject
GetPixel
GetObjectType
GetClipBox
ExcludeClipRect
DeleteObject
CreateRectRgn
CreatePatternBrush
CreateHatchBrush
CreateBitmap
CreateDCA
CopyMetaFileA
SetTextColor
SetBkColor
DeleteDC
GetDIBits
GetDeviceCaps
Escape
ExtTextOutA
RectVisible
PtVisible
TextOutA
CreateFontA
CreatePolygonRgn
Polygon
Arc
CreatePen
Rectangle
CreateSolidBrush
BitBlt
GetBkColor
DPtoLP
GetMapMode
CreateCompatibleBitmap
LPtoDP
CreateCompatibleDC
CreateFontIndirectA
GetObjectA

msimg32

AlphaBlend
TransparentBlt

winspool.drv

DocumentPropertiesA
ClosePrinter
OpenPrinterA

advapi32

SystemFunction036
RegEnumValueA
RegCloseKey
RegEnumKeyExA
RegQueryValueA
RegEnumKeyA
RegSetValueExA
RegDeleteValueA
RegDeleteKeyA
RegCreateKeyExA
RegQueryValueExA
RegOpenKeyExA

shell32

SHGetFileInfoA
SHGetPathFromIDListA
SHAppBarMessage
SHBrowseForFolderA
DragFinish
DragQueryFileA
ShellExecuteA
SHGetDesktopFolder
SHGetSpecialFolderLocation

comctl32

InitCommonControlsEx

shlwapi

PathFindFileNameA
PathRemoveFileSpecW
StrFormatKBSizeA
PathStripToRootA
PathFindExtensionA
PathIsUNCA

uxtheme

GetThemeSysColor
IsAppThemed
GetWindowTheme
IsThemeBackgroundPartiallyTransparent
DrawThemeText
DrawThemeParentBackground
OpenThemeData
CloseThemeData
DrawThemeBackground
GetThemeColor
GetCurrentThemeName
GetThemePartSize

ole32

CoDisconnectObject
OleGetClipboard
CoLockObjectExternal
RegisterDragDrop
RevokeDragDrop
CoRevokeClassObject
CoRegisterMessageFilter
OleLockRunning
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleTranslateAccelerator
IsAccelerator
DoDragDrop
OleIsCurrentClipboard
OleFlushClipboard
OleUninitialize
OleInitialize
CoFreeUnusedLibraries
CreateStreamOnHGlobal
CreateILockBytesOnHGlobal
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CoGetClassObject
CoInitialize
CLSIDFromProgID
CLSIDFromString
CoCreateGuid
CoCreateInstance
CoInitializeEx
CoUninitialize
ReleaseStgMedium
OleDuplicateData
CoTaskMemFree
CoTaskMemAlloc

oleaut32

SysAllocString
VariantCopy
SysStringLen
SystemTimeToVariantTime
VariantTimeToSystemTime
SafeArrayDestroy
SysAllocStringByteLen
VarBstrFromDate
LoadTypeLi
OleCreateFontIndirect
SysFreeString
VariantClear
VariantChangeType
VariantInit
SysAllocStringLen

oledlg

ord8

winmm

timeKillEvent
PlaySoundA
timeSetEvent

gdiplus

GdipCreateBitmapFromHBITMAP
GdipCreateFromHDC
GdipDeleteGraphics
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStream
GdipSetInterpolationMode
GdipGetImagePalette
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipGetImageGraphicsContext
GdipDisposeImage
GdipCloneImage
GdiplusStartup
GdipFree
GdipAlloc
GdiplusShutdown
GdipDrawImageRectI
GdipGetImagePaletteSize
GdipDrawImageI

oleacc

AccessibleObjectFromWindow
LresultFromObject
CreateStdAccessibleObject

imm32

ImmGetContext
ImmGetOpenStatus
ImmReleaseContext

Sections

.text
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 335KB - Virtual size: 334KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 23KB - Virtual size: 2.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 575KB - Virtual size: 574KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 130KB - Virtual size: 129KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c44b7f4da48b6722dcfb4ef3f5aff304

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

uxtheme

ole32

oleaut32

oledlg

winmm

gdiplus

oleacc

imm32

Sections

.text Size: 1.5MB - Virtual size: 1.5MB

.rdata Size: 335KB - Virtual size: 334KB

.data Size: 23KB - Virtual size: 2.3MB

.tls Size: 512B - Virtual size: 9B

.rsrc Size: 575KB - Virtual size: 574KB

.reloc Size: 130KB - Virtual size: 129KB

.text
Size: 1.5MB - Virtual size: 1.5MB

.rdata
Size: 335KB - Virtual size: 334KB

.data
Size: 23KB - Virtual size: 2.3MB

.tls
Size: 512B - Virtual size: 9B

.rsrc
Size: 575KB - Virtual size: 574KB

.reloc
Size: 130KB - Virtual size: 129KB