030c1c8322f1d7be57714499a389f738685d8e6e08737eced9b8030688bc3c1a

Sharing

Copy URL Twitter E-mail

General

Target

030c1c8322f1d7be57714499a389f738685d8e6e08737eced9b8030688bc3c1a
Size

656KB
MD5

c3a03c7ccc8364f30bf9e26ecb6800e1
SHA1

1a9fce483a10c9f1674d8b522fe35b46e775e8e9
SHA256

030c1c8322f1d7be57714499a389f738685d8e6e08737eced9b8030688bc3c1a
SHA512

bd9e335bda8be0a00e0d98e805763b4682f6819bb3b6a30e1f3ca085aae20c6d824f74799599a63bddc1a1c0533fab8d5fd0ce5f2b46acc873fb5e6cf2e7ee01
SSDEEP

12288:04Maui+DJhpGKIzbZC7mB+Gkp+emCCYKMRMhKZCrk3yMKjk0nT9T7O:DCJhpGDfZC7mDxyC7fN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
030c1c8322f1d7be57714499a389f738685d8e6e08737eced9b8030688bc3c1a

Files

030c1c8322f1d7be57714499a389f738685d8e6e08737eced9b8030688bc3c1a
.dll regsvr32 windows:4 windows x86 arch:x86

4455f0854dfaf14562d653fcc75662b5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

winmm

PlaySoundA

setupapi

SetupIterateCabinetA

kernel32

WideCharToMultiByte
MultiByteToWideChar
CreateDirectoryA
GetTempPathA
SetCurrentDirectoryA
LoadLibraryA
DebugBreak
GlobalUnlock
GlobalLock
FreeLibrary
lstrcpyA
lstrcatA
GetModuleFileNameA
WaitForSingleObject
ResetEvent
CreateEventA
RemoveDirectoryA
DeleteFileA
MoveFileExA
WriteFile
CreateFileA
CopyFileA
MoveFileA
GetTempFileNameA
FindFirstFileA
FindNextFileA
FindClose
GlobalFree
GlobalAlloc
lstrcmpA
GetVersion
Sleep
GetTickCount
GetShortPathNameA
DisableThreadLibraryCalls
InitializeCriticalSection
HeapDestroy
DeleteCriticalSection
ReadFile
GetFileType
GetStdHandle
SetHandleCount
SetUnhandledExceptionFilter
GetDriveTypeA
UnhandledExceptionFilter
TlsGetValue
TlsFree
lstrlenW
HeapCreate
GetEnvironmentVariableA
IsBadWritePtr
VirtualAlloc
VirtualFree
GetStringTypeW
GetStringTypeA
HeapSize
TerminateProcess
GetOEMCP
GetACP
GetCPInfo
ExitProcess
GetCommandLineA
RaiseException
GetLocalTime
GetSystemTime
GetTimeZoneInformation
GetFullPathNameA
GetCurrentDirectoryA
SetEnvironmentVariableA
ExitThread
TlsSetValue
CreateThread
ResumeThread
HeapReAlloc
RtlUnwind
LocalFree
InterlockedExchange
LCMapStringW
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
HeapFree
GetProcessHeap
HeapAlloc
CloseHandle
GetCurrentThread
GetVersionExA
GetCurrentProcess
FlushInstructionCache
GetCurrentThreadId
lstrlenA
InterlockedIncrement
GetModuleHandleW
GetModuleHandleA
GetProcAddress
GetModuleFileNameW
LoadLibraryW
OutputDebugStringA
GetLastError
SetLastError
EnterCriticalSection
LeaveCriticalSection
InterlockedDecrement
FlushFileBuffers
IsBadReadPtr
IsBadCodePtr
SetStdHandle
SetEndOfFile
CompareStringA
GetStartupInfoA
CompareStringW
LocalAlloc
SetFilePointer
TlsAlloc
LCMapStringA

user32

OffsetRect
GetMenuItemInfoA
EnableMenuItem
LoadMenuA
GetSubMenu
InsertMenuA
PeekMessageA
GetMessagePos
LoadBitmapA
DrawFrameControl
GetCursorPos
PostMessageA
CopyRect
ClientToScreen
GetAsyncKeyState
SetWindowRgn
DrawEdge
InflateRect
GetMenu
AdjustWindowRectEx
KillTimer
DrawTextA
LoadImageA
IsWindowVisible
SetWindowsHookExA
TrackPopupMenu
UnhookWindowsHookEx
IsWindowEnabled
GetDlgItem
IsChild
SetCapture
RedrawWindow
InvalidateRgn
InvalidateRect
ReleaseCapture
DestroyAcceleratorTable
CreateAcceleratorTableA
GetDC
ReleaseDC
BeginPaint
FillRect
EndPaint
GetSysColor
GetWindowRect
SystemParametersInfoA
MapWindowPoints
EndDialog
GetDlgCtrlID
GetDesktopWindow
SetWindowPos
GetClientRect
GetWindow
GetSystemMetrics
UnregisterClassA
DialogBoxIndirectParamA
WindowFromPoint
CallNextHookEx
SetCursor
ScreenToClient
PtInRect
GetKeyState
DrawFocusRect
EndMenu
GetCapture
GetClassNameA
DestroyCursor
SetActiveWindow
SetFocus
GetWindowTextA
TranslateMessage
DispatchMessageA
GetWindowTextLengthA
CharUpperA
GetWindowLongA
CharNextA
wvsprintfA
CallWindowProcA
DefWindowProcA
SetTimer
LoadCursorFromFileA
CharLowerA
OpenClipboard
EmptyClipboard
CloseClipboard
MessageBoxA
CreateWindowExA
SetWindowLongA
LoadStringA
GetParent
GetClassInfoExA
RegisterClassExA
LoadCursorA
wsprintfA
ShowWindow
MoveWindow
SetWindowTextA
SendMessageA
GetFocus
IsWindow
DestroyWindow
DestroyMenu
CreatePopupMenu
AppendMenuA
RegisterWindowMessageA
UpdateWindow

gdi32

CreateFontA
ExtTextOutA
CreateRectRgn
SetBkMode
GetTextMetricsA
CreateBrushIndirect
CreateRectRgnIndirect
CreatePatternBrush
SelectClipRgn
GetClipBox
SetBkColor
RestoreDC
SaveDC
SetTextColor
GetTextExtentPointA
GetStockObject
GetObjectA
GetDeviceCaps
CreateSolidBrush
CreateCompatibleBitmap
CreateCompatibleDC
BitBlt
DeleteDC
DeleteObject
GetTextExtentPoint32A
SelectObject

shell32

SHAddToRecentDocs
ShellExecuteA
DragQueryFileA
SHEmptyRecycleBinA

ole32

StringFromCLSID
CoTaskMemFree
OleLockRunning
CoTaskMemAlloc
CoCreateGuid
CLSIDFromProgID
OleInitialize
CreateStreamOnHGlobal
OleUninitialize
ReleaseStgMedium
RegisterDragDrop
CoCreateInstance
CoInitialize
CoUninitialize
CLSIDFromString

oleaut32

SysFreeString
SysAllocStringByteLen
SysStringLen
VariantInit
SysStringByteLen
SysAllocStringLen
SysAllocString
VariantClear
LoadTypeLi
OleCreateFontIndirect
LoadRegTypeLi
SafeArrayDestroy
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayCreateVector
DispCallFunc
VariantCopy
VariantChangeType
SafeArrayPutElement
SafeArrayCreate
RegisterTypeLi

wininet

FindFirstUrlCacheEntryA
FindNextUrlCacheEntryA
DeleteUrlCacheEntry
FindCloseUrlCache

shlwapi

PathFileExistsA
PathRemoveFileSpecA

Exports

Exports

CanReload
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
TBStudioReg

Sections

.text
Size: 528KB - Virtual size: 525KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 48KB - Virtual size: 58KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.SHARED
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4455f0854dfaf14562d653fcc75662b5

Headers

File Characteristics

Imports

winmm

setupapi

kernel32

user32

gdi32

shell32

ole32

oleaut32

wininet

shlwapi

Exports

Exports

Sections

.text Size: 528KB - Virtual size: 525KB

.rdata Size: 28KB - Virtual size: 27KB

.data Size: 48KB - Virtual size: 58KB

.SHARED Size: 4KB - Virtual size: 2KB

.rsrc Size: 20KB - Virtual size: 19KB

.reloc Size: 24KB - Virtual size: 23KB

.text
Size: 528KB - Virtual size: 525KB

.rdata
Size: 28KB - Virtual size: 27KB

.data
Size: 48KB - Virtual size: 58KB

.SHARED
Size: 4KB - Virtual size: 2KB

.rsrc
Size: 20KB - Virtual size: 19KB

.reloc
Size: 24KB - Virtual size: 23KB