16cf2008a3b41efbf01d71ecc4cf0c7d2c8847e5c32be0e4d1c7be2fc3ca53a1

Sharing

Copy URL Twitter E-mail

General

Target

16cf2008a3b41efbf01d71ecc4cf0c7d2c8847e5c32be0e4d1c7be2fc3ca53a1
Size

188KB
MD5

96e1c0bd33f92cc63889d53156301f25
SHA1

5e949af1a29b1524752e2d2b12848885dced563c
SHA256

16cf2008a3b41efbf01d71ecc4cf0c7d2c8847e5c32be0e4d1c7be2fc3ca53a1
SHA512

cb61eb57fc4c560ba75b2cedec4fdc5b33d437f13945d1adca01ec5ba57ceaa6ad68eef97324c42f1218154246d71908b575b8dfd73eb41561f41b828a12ab16
SSDEEP

3072:569thn59dosUMRbCqM8LmqopplO/lSCXwwOjmkzPR7i7wI11/Lce:wT9dosDbCqMweplONlXwwOjdVbkxLc

Score

N/A

Malware Config

Signatures

Files

16cf2008a3b41efbf01d71ecc4cf0c7d2c8847e5c32be0e4d1c7be2fc3ca53a1
.exe windows x86

5309c6ec19b7a81456ecafdc2d720d13

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_itoa
_strnicmp
_strrev
free
malloc
_except_handler3
strcpy
rand
srand
_ftol
toupper
tolower
strcat
strlen
strncat
strchr
memset
wcstombs
memcpy
strcmp
__CxxFrameHandler
strncpy
strstr
??3@YAXPAX@Z
??1type_info@@UAE@XZ
_exit
_XcptFilter
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_controlfp
_strlwr
_stricmp
_strupr

shlwapi

SHDeleteKeyA

advapi32

ChangeServiceConfig2A
GetUserNameA
GetServiceKeyNameA
GetServiceDisplayNameA
StartServiceA
ControlService
OpenSCManagerA
CreateServiceA
DeleteService
CloseServiceHandle
GetFileSecurityA
LookupAccountNameA
GetSecurityDescriptorDacl
GetAclInformation
GetAce
EqualSid
AddAce
GetSecurityDescriptorControl
SetFileSecurityA
RegCreateKeyExA
RegSetValueExA
RegDeleteKeyA
RegDeleteValueA
RegQueryValueExA
RegEnumKeyExA
RegEnumValueA
RegOpenKeyExA
GetLengthSid
InitializeAcl
AddAccessAllowedAce
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
RegCloseKey

user32

CharNextA
wsprintfA

kernel32

CreateDirectoryA
GetStartupInfoA
MultiByteToWideChar
WideCharToMultiByte
GetCommandLineA
SetUnhandledExceptionFilter
OpenEventA
ExpandEnvironmentStringsA
GetShortPathNameA
CreateEventA
WaitForSingleObject
GetModuleFileNameA
CreateFileA
WriteFile
SystemTimeToFileTime
LocalFileTimeToFileTime
SetFileTime
MoveFileA
GetCurrentDirectoryA
GetTempPathA
GetWindowsDirectoryA
SetEnvironmentVariableA
ExitProcess
GetModuleHandleA
GetProcAddress
Sleep
GetProcessHeap
HeapAlloc
HeapFree
GetSystemDirectoryA
lstrcatA
GetTickCount
CreateToolhelp32Snapshot
Process32First
GetCurrentProcessId
Process32Next
CloseHandle
SetFileAttributesA
DeleteFileA
lstrlenA
lstrcpyA
GetFileAttributesA
GetLastError

netapi32

NetUserGetLocalGroups

Sections

.text
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 164KB - Virtual size: 163KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5309c6ec19b7a81456ecafdc2d720d13

Headers

File Characteristics

Imports

msvcrt

shlwapi

advapi32

user32

kernel32

netapi32

Sections

.text Size: 12KB - Virtual size: 11KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 164KB - Virtual size: 163KB

.rsrc Size: 4KB - Virtual size: 1KB

.text
Size: 12KB - Virtual size: 11KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 164KB - Virtual size: 163KB

.rsrc
Size: 4KB - Virtual size: 1KB