30f53707d7e044e49385a0891e7b6c3e9efad8946c60abf290b8df8073e1eb8c

Sharing

Copy URL

Twitter E-mail

General

Target

30f53707d7e044e49385a0891e7b6c3e9efad8946c60abf290b8df8073e1eb8c
Size

2.3MB
MD5

eb25ea5145847d434409f2567f40c9a6
SHA1

b7faf8e85f60c1ca9de4f6e925f877fecd925965
SHA256

30f53707d7e044e49385a0891e7b6c3e9efad8946c60abf290b8df8073e1eb8c
SHA512

ebc1a50adfe333f5108c4a2676604517e27917e868802e9e4aa41e14f9e94c876a429984de78a0a06558b77521d1fccee75efd7c5758c08426d59d246053429b
SSDEEP

49152:B3bVCvVKEys1qJiwHvwjFGDHwToAlpLUS2WqdU:B3bVQQEys1qJi2wjYjwToAlpL/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
30f53707d7e044e49385a0891e7b6c3e9efad8946c60abf290b8df8073e1eb8c

Files

30f53707d7e044e49385a0891e7b6c3e9efad8946c60abf290b8df8073e1eb8c
.dll regsvr32 windows:4 windows x86 arch:x86

2d0d798ed12e671d1266d40127cae877

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mfc42d

ord945
ord943
ord2640
ord2256
ord985
ord685
ord493
ord812
ord2129
ord3482
ord3552
ord706
ord5077
ord3702
ord1880
ord1860
ord4415
ord3231
ord1033
ord4130
ord1789
ord2661
ord4227
ord4229
ord3366
ord3826
ord4239
ord4215
ord4408
ord2340
ord2481
ord2584
ord3691
ord2473
ord2585
ord2341
ord2432
ord2339
ord3143
ord3144
ord3142
ord738
ord3367
ord3784
ord3657
ord2021
ord1285
ord4492
ord2986
ord528
ord728
ord3244
ord2104
ord986
ord4333
ord4330
ord714
ord1510
ord590
ord592
ord4123
ord344
ord342
ord726
ord285
ord1192
ord551
ord1166
ord1164
ord1186
ord1129
ord1179
ord1101
ord1157
ord333
ord719
ord1041
ord1114
ord1087
ord1191
ord1189
ord1110
ord523
ord987
ord3043
ord2259
ord3555
ord702
ord899
ord3403
ord5016
ord5019
ord813
ord3554
ord490
ord485
ord284
ord550
ord711
ord824
ord492
ord721
ord684
ord1787
ord487
ord734
ord880
ord1136
ord4405
ord903
ord901
ord736
ord2431
ord2168
ord1050

msvcrtd

_malloc_dbg
_adjust_fdiv
_CxxThrowException
wcslen
_initterm
_free_dbg
_onexit
__dllonexit
?terminate@@YAXXZ
_except_handler3
??1type_info@@UAE@XZ
strcpy
_vsnprintf
memcmp
_purecall
_CrtDbgReport
memset
memcpy
atoi
atol
atof
fabs
_chkesp
__CxxFrameHandler

kernel32

LocalAlloc
GetPrivateProfileStringA
GetComputerNameA
OutputDebugStringA
WideCharToMultiByte
lstrcatA
LoadLibraryA
GetProcAddress
FreeLibrary
lstrlenW
MultiByteToWideChar
InterlockedExchange
GetModuleHandleA
GetShortPathNameA
lstrlenA
HeapDestroy
InterlockedIncrement
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
InterlockedDecrement
lstrcpyA
RaiseException
GetLastError
GetModuleFileNameA
LocalFree

user32

CharNextA
MessageBoxA

advapi32

RegOpenKeyExA
RegCloseKey
RegQueryValueExA

mfco42d

ord904
ord589
ord340
ord1059
ord388
ord1197
ord1412
ord640
ord717
ord736
ord740
ord2662
ord319
ord321
ord1987
ord2663
ord332
ord1758
ord846
ord1547
ord331
ord2061
ord796
ord614

ole32

CoCreateInstance
OleRun

oleaut32

SysStringLen
LoadRegTypeLi
RegisterTypeLi
LoadTypeLi
VariantChangeType
VariantInit
VariantCopy
SysAllocString
SysStringByteLen
SysAllocStringByteLen
VariantClear
SysFreeString
SetErrorInfo
GetErrorInfo
CreateErrorInfo

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 2.0MB - Virtual size: 2.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 172KB - Virtual size: 170KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.didat
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 52KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 44KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2d0d798ed12e671d1266d40127cae877

Headers

File Characteristics

Imports

mfc42d

msvcrtd

kernel32

user32

advapi32

mfco42d

ole32

oleaut32

Exports

Exports

Sections

.text Size: 2.0MB - Virtual size: 2.0MB

.rdata Size: 172KB - Virtual size: 170KB

.data Size: 8KB - Virtual size: 8KB

.idata Size: 8KB - Virtual size: 4KB

.didat Size: 4KB - Virtual size: 1KB

.rsrc Size: 52KB - Virtual size: 51KB

.reloc Size: 44KB - Virtual size: 41KB

.text
Size: 2.0MB - Virtual size: 2.0MB

.rdata
Size: 172KB - Virtual size: 170KB

.data
Size: 8KB - Virtual size: 8KB

.idata
Size: 8KB - Virtual size: 4KB

.didat
Size: 4KB - Virtual size: 1KB

.rsrc
Size: 52KB - Virtual size: 51KB

.reloc
Size: 44KB - Virtual size: 41KB