b30a5d8280297b0cc5e709a00a653029c1c5e5d5e1a00f9c2fdfe2fa9c0b92e6N[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

b30a5d8280297b0cc5e709a00a653029c1c5e5d5e1a00f9c2fdfe2fa9c0b92e6N.exe
Size

1.3MB
MD5

5ff92db1405f3855ccda86849598b250
SHA1

04a684bfa0b59bbefd0f77555d5ad49748cc782d
SHA256

b30a5d8280297b0cc5e709a00a653029c1c5e5d5e1a00f9c2fdfe2fa9c0b92e6
SHA512

f144430133c6a30176526ee9c1242ddd41a5719c2068f470a15d9f4f87470a19530e701e7fb6698710378fa097fef0b627087a188efd6a8ae752593cb519196c
SSDEEP

24576:re9svvw/1fKPSjAMHHTChtaV4n57CqckW36vy0rPW5:re9AfPS5n+htaGFcky0LW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
b30a5d8280297b0cc5e709a00a653029c1c5e5d5e1a00f9c2fdfe2fa9c0b92e6N.exe

Files

b30a5d8280297b0cc5e709a00a653029c1c5e5d5e1a00f9c2fdfe2fa9c0b92e6N.exe
.exe windows:4 windows x86 arch:x86

faf5965290a57df446a71c98881467c3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

setupapi

SetupDiEnumDeviceInfo
SetupDiGetDeviceRegistryPropertyA
SetupDiSetClassInstallParamsA
SetupDiCallClassInstaller
CM_Locate_DevNodeA
CM_Remove_SubTree
CM_Get_Sibling
CM_Get_Parent
CM_Get_DevNode_Registry_PropertyA
CM_Get_Child
SetupDiGetClassDevsA
SetupDiEnumDeviceInterfaces
SetupDiGetDeviceInterfaceDetailA
SetupDiDestroyDeviceInfoList

kernel32

TlsGetValue
GetProcessVersion
GetCPInfo
GetOEMCP
GetFileSize
GetFileTime
LocalFileTimeToFileTime
SystemTimeToFileTime
SetFileTime
SetFileAttributesA
SetErrorMode
lstrlenW
GetCurrentDirectoryA
GetTickCount
RtlUnwind
HeapFree
HeapAlloc
ExitProcess
GetTimeFormatA
GetDateFormatA
GetSystemTimeAsFileTime
GetCommandLineA
GetProcessHeap
GetStartupInfoA
RaiseException
ExitThread
SetStdHandle
GetFileType
GetACP
HeapReAlloc
HeapSize
HeapDestroy
HeapCreate
VirtualFree
FatalAppExitA
VirtualAlloc
IsBadWritePtr
GetTimeZoneInformation
VirtualProtect
GetSystemInfo
VirtualQuery
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
SetUnhandledExceptionFilter
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
LocalReAlloc
IsBadCodePtr
InterlockedExchange
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
IsValidCodePage
SetConsoleCtrlHandler
GetLocaleInfoW
CompareStringA
CompareStringW
SetEnvironmentVariableA
TlsSetValue
GetProfileStringA
CreateDirectoryA
lstrcpyA
Sleep
WritePrivateProfileStringA
GetSystemDefaultLangID
GetLastError
OutputDebugStringA
CloseHandle
SetCommState
GetCommState
SetCommTimeouts
GetCommTimeouts
CreateFileA
ReadFile
WriteFile
SetThreadPriority
CreateThread
CreateEventA
SetPriorityClass
GetCurrentProcess
WaitForSingleObject
SetEvent
ResetEvent
FindClose
FindNextFileA
FindFirstFileA
SetCurrentDirectoryA
GetPrivateProfileStringA
GetPrivateProfileIntA
CopyFileA
GetLocalTime
DeleteFileA
GetFileAttributesA
GetProcAddress
GlobalUnlock
GlobalLock
GlobalAlloc
GlobalSize
EnterCriticalSection
GlobalReAlloc
LeaveCriticalSection
TlsFree
GlobalHandle
DeleteCriticalSection
TlsAlloc
InitializeCriticalSection
SizeofResource
GlobalFlags
FileTimeToLocalFileTime
FileTimeToSystemTime
GetCurrentThread
lstrcmpA
MulDiv
SetLastError
GetShortPathNameA
GetThreadLocale
GetStringTypeExA
GetFullPathNameA
lstrcpynA
GetVolumeInformationA
MoveFileA
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
DuplicateHandle
FormatMessageA
SuspendThread
ResumeThread
MultiByteToWideChar
InterlockedDecrement
InterlockedIncrement
GetVersion
lstrcatA
GetCurrentThreadId
GlobalGetAtomNameA
lstrcmpiA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
GetModuleHandleA
LockResource
FindResourceA
LoadResource
LocalFree
LocalAlloc
lstrlenA
GlobalFree
WideCharToMultiByte
GetSystemDirectoryA
GetDriveTypeA
GetModuleFileNameA
GetVersionExA
DeviceIoControl
GetExitCodeThread
TerminateThread
CreateProcessA
FreeLibrary
LoadLibraryA
IsBadReadPtr

user32

GetNextDlgGroupItem
MessageBeep
SetRectEmpty
LoadAcceleratorsA
TranslateAcceleratorA
LoadMenuA
SetMenu
ReuseDDElParam
UnpackDDElParam
BringWindowToTop
PostThreadMessageA
DestroyIcon
GetDialogBaseUnits
GetClassNameA
MapDialogRect
SetWindowContextHelpId
ShowOwnedPopups
DestroyMenu
IsClipboardFormatAvailable
WaitMessage
LoadStringA
WindowFromPoint
InflateRect
GrayStringA
TabbedTextOutA
EndPaint
BeginPaint
GetWindowDC
ClientToScreen
GetMessageA
TranslateMessage
ValidateRect
OemToCharA
CharToOemA
wvsprintfA
GetMenuCheckMarkDimensions
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
MoveWindow
IsDialogMessageA
ScrollWindowEx
IsDlgButtonChecked
SetDlgItemInt
GetDlgItemTextA
GetDlgItemInt
CheckRadioButton
CheckDlgButton
SendDlgItemMessageA
MapWindowPoints
PeekMessageA
DispatchMessageA
AdjustWindowRectEx
EqualRect
DeferWindowPos
BeginDeferWindowPos
EndDeferWindowPos
IsWindowVisible
ScrollWindow
SetRect
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
GetTopWindow
IsChild
GetCapture
WinHelpA
GetClassInfoA
RegisterClassA
GetMenu
GetMenuItemCount
GetSubMenu
GetMenuItemID
TrackPopupMenu
SetWindowPlacement
GetWindowTextLengthA
GetWindowTextA
GetDlgCtrlID
DefWindowProcA
CallNextHookEx
GetClassLongA
SetPropA
GetPropA
CallWindowProcA
RemovePropA
GetMessageTime
GetMessagePos
GetLastActivePopup
GetForegroundWindow
SetForegroundWindow
GetWindow
RegisterWindowMessageA
IntersectRect
SystemParametersInfoA
GetWindowPlacement
GetNextDlgTabItem
EndDialog
GetActiveWindow
SetTimer
UnregisterClassA
HideCaret
ExcludeUpdateRgn
DefDlgProcA
IsWindowUnicode
KillTimer
EnableWindow
SetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
IsWindowEnabled
CharUpperA
GetWindowLongA
SetWindowLongA
ReleaseDC
CreateWindowExA
MessageBoxA
GetDesktopWindow
ScreenToClient
GetCursorPos
PostQuitMessage
LoadImageA
CopyAcceleratorTableA
CharNextA
DeleteMenu
GetWindowThreadProcessId
RemoveMenu
GetMenuStringA
InsertMenuA
GetSysColorBrush
GetScrollInfo
LoadCursorA
GetDlgItem
ShowWindow
SetWindowPos
SetFocus
GetDC
SetWindowTextA
SetWindowsHookExA
SetDlgItemTextA
UnhookWindowsHookEx
LoadIconA
IsIconic
SendMessageA
GetSysColor
GetSystemMetrics
CopyRect
FillRect
DrawFocusRect
RedrawWindow
GetWindowRect
GetClientRect
UpdateWindow
InvalidateRect
GetFocus
GetParent
LoadBitmapA
SetCursor
IsWindow
OffsetRect
wsprintfA
GetKeyNameTextA
DestroyCaret
SetScrollPos
DragDetect
EnableScrollBar
SetScrollInfo
ReleaseCapture
GetKeyState
RegisterClipboardFormatA
EmptyClipboard
PtInRect
DrawTextA
SetCapture
CreateCaret
SetCaretPos
ShowCaret
DrawIcon
AppendMenuA
GetSystemMenu
PostMessageA

gdi32

RestoreDC
SelectPalette
SetBkMode
SetPolyFillMode
SetROP2
SetStretchBltMode
SetMapMode
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
OffsetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
SelectClipRgn
ExcludeClipRect
IntersectClipRect
OffsetClipRgn
MoveToEx
LineTo
SetTextAlign
SetTextJustification
SetTextCharacterExtra
SetMapperFlags
GetCurrentPositionEx
ArcTo
SetArcDirection
PolyDraw
PolylineTo
SetColorAdjustment
PolyBezierTo
SaveDC
CreateRectRgn
SelectClipPath
ExtSelectClipRgn
PlayMetaFileRecord
GetObjectType
EnumMetaFile
PlayMetaFile
GetDeviceCaps
GetViewportExtEx
GetWindowExtEx
ExtCreatePen
CreateHatchBrush
CreatePatternBrush
CreateDIBPatternBrushPt
PtVisible
RectVisible
ExtTextOutA
Escape
PatBlt
CreateRectRgnIndirect
GetMapMode
SetRectRgn
CombineRgn
DPtoLP
GetTextMetricsA
CopyMetaFileA
CreateDCA
GetTextColor
GetBkColor
LPtoDP
StartDocA
DeleteDC
CreateBitmap
SetBkColor
SetTextColor
GetClipBox
GetDCOrgEx
SetBoundsRect
GetCharWidthA
GetTextExtentPoint32A
TextOutA
SelectObject
CreateFontA
CreateCompatibleBitmap
GetViewportOrgEx
SetViewportOrgEx
DeleteObject
CreateSolidBrush
BitBlt
CreateCompatibleDC
GetStockObject
Rectangle
GetObjectA
CreateFontIndirectA
GetClipRgn
CreateDIBitmap
GetTextExtentPointA
CreatePen

comdlg32

GetOpenFileNameA
GetFileTitleA
GetSaveFileNameA

winspool.drv

OpenPrinterA
ClosePrinter
DocumentPropertiesA

advapi32

RegEnumKeyA
RegQueryValueExA
RegOpenKeyExA
RegEnumKeyExA
RegQueryInfoKeyA
RegOpenKeyA
RegSetValueA
RegCreateKeyExA
RegSetValueExA
RegDeleteValueA
RegCreateKeyA
RegCloseKey
RegQueryValueA
RegDeleteKeyA

shell32

DragQueryFileA
DragFinish
SHGetFileInfoA
DragAcceptFiles
SHBrowseForFolderA
SHGetPathFromIDListA
SHGetMalloc
ShellExecuteA
ExtractIconA

comctl32

_TrackMouseEvent
ord17
ord13
ord14
ImageList_Destroy
ImageList_Create
ImageList_LoadImageA
ImageList_Merge
ImageList_Read
ImageList_Write

oledlg

ord8

ole32

CoTaskMemFree
OleSetClipboard
OleFlushClipboard
OleIsCurrentClipboard
OleGetClipboard
CLSIDFromProgID
CLSIDFromString
CoDisconnectObject
OleDuplicateData
CoTaskMemAlloc
CreateBindCtx
SetConvertStg
WriteFmtUserTypeStg
WriteClassStg
OleRegGetUserType
ReadFmtUserTypeStg
ReadClassStg
StringFromCLSID
CoTreatAsClass
CreateStreamOnHGlobal
CoGetClassObject
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
CoCreateInstance
OleRun
OleInitialize
OleUninitialize
CoFreeUnusedLibraries
CoRegisterMessageFilter
CoRegisterClassObject
CoRevokeClassObject
ReleaseStgMedium

olepro32

ord253

oleaut32

SysFreeString
SysAllocStringLen
VariantClear
VariantTimeToSystemTime
SysStringLen
SysAllocStringByteLen
VariantCopy
VariantChangeType
SysReAllocStringLen
SysAllocString
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayGetUBound
LoadTypeLi
SafeArrayGetLBound
SafeArrayGetElemsize
SafeArrayGetDim
SafeArrayCreate
SafeArrayRedim
SysStringByteLen
VarCyFromStr
VarBstrFromCy
VarDateFromStr
VarBstrFromDate
SafeArrayCopy
SafeArrayAllocData
SafeArrayAllocDescriptor
SafeArrayGetElement
SafeArrayPtrOfIndex
SafeArrayPutElement
SafeArrayLock
SafeArrayUnlock
SafeArrayDestroy
SafeArrayDestroyData
SafeArrayDestroyDescriptor

wsock32

htons
connect
sendto
recvfrom
socket
inet_ntoa
WSAAsyncSelect
send
recv
gethostbyname
shutdown
htonl
closesocket
bind
ioctlsocket
accept
getsockname
getpeername
ntohs
inet_addr
WSAGetLastError
WSASetLastError
WSAStartup
WSACleanup

Sections

.text
Size: 928KB - Virtual size: 924KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 120KB - Virtual size: 118KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 136KB - Virtual size: 161KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sxdata
Size: 4KB - Virtual size: 228B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 84KB - Virtual size: 84KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rmnet
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

faf5965290a57df446a71c98881467c3

Headers

File Characteristics

Imports

setupapi

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

oledlg

ole32

olepro32

oleaut32

wsock32

Sections

.text Size: 928KB - Virtual size: 924KB

.rdata Size: 120KB - Virtual size: 118KB

.data Size: 136KB - Virtual size: 161KB

.sxdata Size: 4KB - Virtual size: 228B

.rsrc Size: 84KB - Virtual size: 84KB

.rmnet Size: 60KB - Virtual size: 60KB

.text
Size: 928KB - Virtual size: 924KB

.rdata
Size: 120KB - Virtual size: 118KB

.data
Size: 136KB - Virtual size: 161KB

.sxdata
Size: 4KB - Virtual size: 228B

.rsrc
Size: 84KB - Virtual size: 84KB

.rmnet
Size: 60KB - Virtual size: 60KB