030ae27ee5fab5053595f54abc478ab7943a7fb16fdcb7fea6525d398a00a4bd

Sharing

Copy URL Twitter E-mail

General

Target

030ae27ee5fab5053595f54abc478ab7943a7fb16fdcb7fea6525d398a00a4bd
Size

396KB
MD5

42ce6e0580d5ac9ce9bc49511b6a3e9c
SHA1

ec67b0bdcf04ce8c2cb07754463dd04f2d6d0074
SHA256

030ae27ee5fab5053595f54abc478ab7943a7fb16fdcb7fea6525d398a00a4bd
SHA512

1fe9bd6e1e7208f6bfe9178366c2052db556c8465c6895710f154b1314a0f78b2368ffdf9f9bda6da62e3cba3d5f5d8740422edab79d8b5714dcdf82c712ae1f
SSDEEP

6144:3ybelgIV7DRUyWhh0OgULhe/hDLZpS3PJVMAP:3ybelFV3RUvhh0OgUwYs

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
030ae27ee5fab5053595f54abc478ab7943a7fb16fdcb7fea6525d398a00a4bd

Files

030ae27ee5fab5053595f54abc478ab7943a7fb16fdcb7fea6525d398a00a4bd
.exe windows:4 windows x86 arch:x86

a282e3085d1816f806d6614bd77d36ce

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

setupapi

SetupDiGetDeviceInstanceIdA
SetupDiEnumDeviceInfo
SetupDiGetDeviceRegistryPropertyA
SetupDiGetClassDevsA
SetupDiDestroyDeviceInfoList

kernel32

RaiseException
HeapAlloc
ExitProcess
HeapFree
TerminateProcess
HeapSize
RtlUnwind
GetCommandLineA
GetTimeZoneInformation
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetStartupInfoA
SetHandleCount
HeapReAlloc
GetACP
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
SetUnhandledExceptionFilter
VirtualAlloc
IsBadWritePtr
LCMapStringA
LCMapStringW
CreateFileA
WriteFile
DuplicateHandle
IsBadReadPtr
IsBadCodePtr
SetStdHandle
CompareStringA
CompareStringW
SetEnvironmentVariableA
GetFileTime
GetFileSize
GetFileAttributesA
GetTickCount
FileTimeToLocalFileTime
FileTimeToSystemTime
GetFullPathNameA
GetVolumeInformationA
FindFirstFileA
FindClose
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
GetEnvironmentVariableA
ReadFile
SetLastError
LoadLibraryA
FreeLibrary
FindResourceA
LoadResource
LockResource
GetVersion
lstrcatA
GetCurrentThreadId
GlobalGetAtomNameA
lstrcmpiA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
lstrcpyA
GetModuleHandleA
GetProcAddress
GetCurrentProcess
GetVersionExA
GetLastError
GetStringTypeA
SetErrorMode
GetThreadLocale
GetProfileStringA
SizeofResource
GetOEMCP
GetCPInfo
GetProcessVersion
GlobalFlags
TlsGetValue
LocalReAlloc
TlsSetValue
EnterCriticalSection
GlobalReAlloc
LeaveCriticalSection
TlsFree
GlobalHandle
DeleteCriticalSection
TlsAlloc
InitializeCriticalSection
LocalAlloc
WritePrivateProfileStringA
CloseHandle
GetModuleFileNameA
GlobalAlloc
GetCurrentThread
GlobalFree
lstrcpynA
lstrcmpA
FormatMessageA
LocalFree
MultiByteToWideChar
WideCharToMultiByte
lstrlenA
InterlockedDecrement
InterlockedIncrement
GlobalLock
GlobalUnlock
MulDiv
GetStringTypeW
GetStdHandle
GetFileType

user32

SetRectEmpty
GetNextDlgGroupItem
CharUpperA
InflateRect
RegisterClipboardFormatA
PostThreadMessageA
TranslateMessage
ValidateRect
ShowOwnedPopups
EndDialog
CreateDialogIndirectParamA
LoadStringA
BringWindowToTop
InvalidateRect
UnpackDDElParam
ReuseDDElParam
SetMenu
DestroyMenu
GetActiveWindow
GetDesktopWindow
SetCursor
ReleaseCapture
TranslateAcceleratorA
CopyAcceleratorTableA
SetRect
GrayStringA
DrawTextA
TabbedTextOutA
EndPaint
BeginPaint
GetWindowDC
ReleaseDC
GetDC
ClientToScreen
GetMenuCheckMarkDimensions
LoadBitmapA
GetMenuState
GetSysColorBrush
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetNextDlgTabItem
IsWindowEnabled
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
LoadAcceleratorsA
CharNextA
PostMessageA
SendDlgItemMessageA
MapWindowPoints
GetSysColor
PeekMessageA
DispatchMessageA
GetFocus
SetFocus
AdjustWindowRectEx
ScreenToClient
PtInRect
GetClassNameA
BeginDeferWindowPos
CopyRect
EndDeferWindowPos
IsWindowVisible
GetTopWindow
MessageBoxA
IsChild
GetParent
GetCapture
WinHelpA
wsprintfA
GetClassInfoA
RegisterClassA
GetMenu
GetMenuItemCount
GetMenuItemID
TrackPopupMenu
GetDlgItem
GetWindowTextLengthA
GetWindowTextA
GetDlgCtrlID
GetKeyState
DefWindowProcA
DestroyWindow
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
SetPropA
UnhookWindowsHookEx
GetPropA
CallWindowProcA
RemovePropA
GetMessageTime
GetMessagePos
SetWindowContextHelpId
GetLastActivePopup
GetForegroundWindow
SendMessageA
GetWindow
GetWindowLongA
SetWindowLongA
SetWindowPos
RegisterWindowMessageA
OffsetRect
IntersectRect
IsIconic
GetWindowPlacement
GetSystemMetrics
ExitWindowsEx
MessageBeep
GetClientRect
FillRect
SystemParametersInfoA
GetWindowRect
FindWindowA
UpdateWindow
PostQuitMessage
LoadMenuA
GetSubMenu
GetCursorPos
SetForegroundWindow
LoadIconA
EnableWindow
LoadCursorA
MapDialogRect
EqualRect
GetMessageA
DeferWindowPos
IsWindow
SetActiveWindow
ModifyMenuA
DrawFocusRect
UnregisterClassA
HideCaret
ShowCaret
ExcludeUpdateRgn
DefDlgProcA
IsWindowUnicode

gdi32

SetBkColor
SetTextColor
GetObjectA
GetClipBox
DeleteObject
GetDeviceCaps
GetViewportExtEx
GetWindowExtEx
CreateSolidBrush
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
GetTextColor
GetBkColor
DPtoLP
LPtoDP
GetMapMode
PatBlt
CreateDIBitmap
CreateCompatibleDC
BitBlt
GetTextExtentPointA
IntersectClipRect
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SetMapMode
SetBkMode
SelectObject
RestoreDC
SaveDC
DeleteDC
CreateBitmap
GetStockObject

comdlg32

GetFileTitleA

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

advapi32

RegCreateKeyExA
RegOpenKeyExA
RegCloseKey
RegQueryValueExA
RegSetValueExA
AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken

shell32

DragQueryFileA
DragFinish
Shell_NotifyIconA

comctl32

ord17

oledlg

ord8

ole32

CoFreeUnusedLibraries
OleUninitialize
OleInitialize
CoTaskMemFree
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
CoGetClassObject
CLSIDFromString
CLSIDFromProgID
StgOpenStorageOnILockBytes
CoRegisterMessageFilter
CoRevokeClassObject
OleFlushClipboard
OleIsCurrentClipboard
CoTaskMemAlloc

olepro32

ord253

oleaut32

SysFreeString
SysStringLen
SysAllocStringByteLen
VariantChangeType
SysAllocString
VariantCopy
VariantTimeToSystemTime
VariantClear
SysAllocStringLen

Sections

.text
Size: 156KB - Virtual size: 155KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 40KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

lpxja
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 148KB - Virtual size: 144KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

a282e3085d1816f806d6614bd77d36ce

Headers

File Characteristics

Imports

setupapi

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

oledlg

ole32

olepro32

oleaut32

Sections

.text Size: 156KB - Virtual size: 155KB

.rdata Size: 40KB - Virtual size: 38KB

.data Size: 20KB - Virtual size: 33KB

.rsrc Size: 20KB - Virtual size: 18KB

lpxja Size: 8KB - Virtual size: 4KB

Size: 148KB - Virtual size: 144KB

.text
Size: 156KB - Virtual size: 155KB

.rdata
Size: 40KB - Virtual size: 38KB

.data
Size: 20KB - Virtual size: 33KB

.rsrc
Size: 20KB - Virtual size: 18KB

lpxja
Size: 8KB - Virtual size: 4KB