b30b0e955073d37687b9ca9c1170eaca6789b45e05459225886abf498663c18a[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

b30b0e955073d37687b9ca9c1170eaca6789b45e05459225886abf498663c18a.exe
Size

553KB
MD5

ada68107f0a2f2e809a2793ef591d6a1
SHA1

9fc310ad8ef6ea8d2520a1593adfb978dc166f4d
SHA256

b30b0e955073d37687b9ca9c1170eaca6789b45e05459225886abf498663c18a
SHA512

91a28fbdaaaf2166b341543f298a4594a860556f8eaadc3d717e49c46d4292e3e8c58bf9764d2823bee8c55a6bfba79b046da5a2abbf1d90b35a6171cc76145e
SSDEEP

12288:HpNWz8beHITmTmbA4yrRGsR5A5lcwFhpto/cT9uRzSI:HpC/mbANrr5MiwFhDoET9pI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
b30b0e955073d37687b9ca9c1170eaca6789b45e05459225886abf498663c18a.exe

Files

b30b0e955073d37687b9ca9c1170eaca6789b45e05459225886abf498663c18a.exe
.exe windows:5 windows x86 arch:x86

d6573ee33f5b2b7399ecc825eec0cd40

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

install.pdb

Imports

kernel32

GetLastError
LeaveCriticalSection
UnmapViewOfFile
DeleteCriticalSection
GetTempPathW
GetCurrentProcess
GetCurrentThread
CreateDirectoryW
GetFileSize
WideCharToMultiByte
WriteFile
FlushFileBuffers
GetModuleFileNameW
GetCommandLineW
DeleteFileW
lstrlenA
MultiByteToWideChar
GetCurrentThreadId
ResetEvent
MapViewOfFile
FlushInstructionCache
WaitForMultipleObjects
FormatMessageW
MulDiv
lstrlenW
GetDriveTypeW
GlobalHandle
lstrcmpW
TerminateThread
InterlockedIncrement
InterlockedDecrement
GetModuleHandleW
lstrcmpiW
LoadLibraryExW
InterlockedExchange
HeapSetInformation
GetUserDefaultLangID
CreateFileMappingW
EnterCriticalSection
InitializeCriticalSection
SizeofResource
LockResource
LoadResource
FindResourceW
GetSystemDirectoryW
SetEvent
CreateThread
CreateEventW
Sleep
SetLastError
GetTickCount
GetExitCodeProcess
WaitForSingleObject
CreateProcessW
GetProcAddress
GetVersionExW
LoadLibraryW
FreeLibrary
SetFilePointer
GlobalAlloc
LocalFree
LocalAlloc
GlobalUnlock
ReadFile
GlobalLock
GlobalReAlloc
GlobalFree
CloseHandle
RaiseException
CreateFileW
GetDriveTypeA
GetCurrentDirectoryA
ResumeThread
ExitThread
FileTimeToLocalFileTime
FileTimeToSystemTime
GetModuleHandleA
SetEndOfFile
FindClose
DuplicateHandle
GetSystemDefaultLCID
ReleaseMutex
IsProcessorFeaturePresent
GetProcessHeap
InterlockedCompareExchange
SetEnvironmentVariableA
CompareStringA
CreateFileA
GetTimeZoneInformation
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
GetLocaleInfoA
GetStringTypeA
LCMapStringA
GetConsoleMode
GetConsoleCP
RtlUnwind
InitializeCriticalSectionAndSpinCount
HeapSize
GetOEMCP
GetACP
HeapReAlloc
VirtualAlloc
IsDebuggerPresent
UnhandledExceptionFilter
TerminateProcess
GetCurrentProcessId
QueryPerformanceCounter
VirtualFree
HeapCreate
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetStartupInfoA
GetFileType
SetHandleCount
GetModuleFileNameA
GetStdHandle
ExitProcess
SetUnhandledExceptionFilter
GetLocalTime
GetSystemTimeAsFileTime
HeapFree
HeapAlloc
LoadLibraryA

gdi32

GetStockObject
CreateSolidBrush
GetObjectW
GetTextExtentPoint32W
CreateCompatibleBitmap
CreateFontIndirectW
GetDeviceCaps
SetBkMode
SetTextColor
SetBkColor
CreatePalette
DeleteObject
SetDIBitsToDevice
PatBlt
DeleteDC
BitBlt
SelectObject
CreateCompatibleDC
CreateDIBitmap
RealizePalette
SelectPalette

comctl32

ImageList_ReplaceIcon
_TrackMouseEvent
ImageList_Create
InitCommonControlsEx
ImageList_Destroy

imm32

ImmGetContext
ImmAssociateContext
ImmReleaseContext

ole32

OleLockRunning
CreateStreamOnHGlobal
CoCreateInstance
CoGetClassObject
CLSIDFromProgID
CLSIDFromString
OleInitialize
CoTaskMemFree
StringFromGUID2
CoTaskMemAlloc
OleUninitialize
CoUninitialize
CoInitialize
CoTaskMemRealloc

oleaut32

SysAllocStringByteLen
SysFreeString
SysAllocString
OleCreateFontIndirect
SysStringLen
LoadRegTypeLi
LoadTypeLi
VariantClear
VariantInit
SysAllocStringLen
VarBstrCmp
VarUI4FromStr
SysStringByteLen

shell32

SHGetSpecialFolderLocation
SHGetDesktopFolder
ShellExecuteW

shlwapi

PathCombineW
PathIsRootW
PathStripToRootW
PathRemoveBackslashW
PathAddBackslashW
PathRemoveBlanksW
PathCanonicalizeW

user32

PtInRect
ScreenToClient
GetActiveWindow
DialogBoxIndirectParamW
DestroyAcceleratorTable
InvalidateRgn
FillRect
ReleaseCapture
SetCapture
MoveWindow
ClientToScreen
CreateAcceleratorTableW
RedrawWindow
GetClassNameW
IsChild
EndPaint
BeginPaint
GetWindowTextLengthW
RegisterWindowMessageW
LoadImageW
DestroyIcon
SetWindowContextHelpId
MapDialogRect
UnregisterClassA
ShowWindow
SystemParametersInfoW
SetTimer
GetWindow
GetWindowLongW
MonitorFromWindow
GetMonitorInfoW
GetWindowRect
GetParent
GetCursorPos
MapWindowPoints
SetWindowPos
LoadIconW
GetDesktopWindow
GetSystemMenu
EnableMenuItem
SetFocus
GetFocus
SendMessageW
DestroyWindow
DefWindowProcW
ExitWindowsEx
CharPrevW
CharNextW
DispatchMessageW
TranslateMessage
PeekMessageW
MsgWaitForMultipleObjects
ReleaseDC
GetDC
PostQuitMessage
IsDlgButtonChecked
GetSysColorBrush
InvalidateRect
SetCursor
DrawFocusRect
DrawTextW
GetDlgItem
SetDlgItemTextW
SendDlgItemMessageW
SetWindowTextW
CallWindowProcW
SetWindowLongW
DialogBoxParamW
CreateDialogParamW
CreateWindowExW
LoadCursorW
GetClassInfoExW
RegisterClassExW
MessageBoxW
IsWindow
GetWindowTextW
EnableWindow
GetCursor
EndDialog
GetSysColor
GetClientRect
KillTimer
PostMessageW
IsDialogMessageW
GetSystemMetrics

setupapi

SetupIterateCabinetW

Sections

.text
Size: 490KB - Virtual size: 489KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 38KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.zero
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d6573ee33f5b2b7399ecc825eec0cd40

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

gdi32

comctl32

imm32

ole32

oleaut32

shell32

shlwapi

user32

setupapi

Sections

.text Size: 490KB - Virtual size: 489KB

.data Size: 8KB - Virtual size: 30KB

.rsrc Size: 3KB - Virtual size: 2KB

.reloc Size: 38KB - Virtual size: 37KB

.zero Size: 4KB - Virtual size: 3KB

.text
Size: 490KB - Virtual size: 489KB

.data
Size: 8KB - Virtual size: 30KB

.rsrc
Size: 3KB - Virtual size: 2KB

.reloc
Size: 38KB - Virtual size: 37KB

.zero
Size: 4KB - Virtual size: 3KB