16ef680c1a5c07dc812a7471d2fb8e7c726bff691ac92dc7038ee6fb4bcfcd8c

Sharing

Copy URL Twitter E-mail

General

Target

16ef680c1a5c07dc812a7471d2fb8e7c726bff691ac92dc7038ee6fb4bcfcd8c
Size

176KB
MD5

54cae63bd780e982afb298461ba942f5
SHA1

818c2723b583baa0bce65d7e781a0eeba2041a61
SHA256

16ef680c1a5c07dc812a7471d2fb8e7c726bff691ac92dc7038ee6fb4bcfcd8c
SHA512

981dec08ad612e10121585b3299c039a2f16b29e65c9814741e69b2f772b80f46a52d2d4fce8476080cdcf550c775783be6af509288be97ca26b74fb3c2ec442
SSDEEP

3072:HjEVF/pstBaDqwONnct43rBl3N2USIctRMk:4VF/p/uwONct43T92USjtR

Score

N/A

Malware Config

Signatures

Files

16ef680c1a5c07dc812a7471d2fb8e7c726bff691ac92dc7038ee6fb4bcfcd8c
.exe windows x86

020552b899821979653c0e4eb591b354

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mfc140u

ord6566
ord3882
ord9209
ord6973
ord4886
ord3941
ord12124
ord5935
ord13703
ord3838
ord12089
ord8210
ord2304
ord12143
ord4491
ord12142
ord4599
ord11714
ord8207
ord8230
ord5023
ord13614
ord644
ord7296
ord782
ord1320
ord11990
ord3117
ord13144
ord9574
ord9036
ord9151
ord9099
ord3388
ord3425
ord9062
ord9751
ord8999
ord12949
ord13888
ord12829
ord3003
ord13208
ord14025
ord2404
ord8631
ord8616
ord5271
ord8464
ord2246
ord10250
ord10288
ord4815
ord296
ord6489
ord5763
ord3164
ord3404
ord3403
ord4092
ord10472
ord11396
ord11015
ord9040
ord1111
ord9210
ord2760
ord13752
ord6218
ord12131
ord12219
ord12251
ord8217
ord12239
ord5918
ord3852
ord13248
ord6349
ord14668
ord6350
ord14669
ord6348
ord14667
ord8000
ord12531
ord14466
ord11982
ord11983
ord2034
ord7941
ord12947
ord4090
ord4152
ord9398
ord14595
ord7922
ord14589
ord12541
ord12542
ord2486
ord10144
ord10147
ord10151
ord5357
ord8324
ord12865
ord12928
ord10433
ord12247
ord8386
ord7653
ord8470
ord2322
ord1113
ord6533
ord462
ord12173
ord9235
ord7495
ord1915
ord6861
ord996
ord1473
ord4590
ord8461
ord2801
ord13007
ord11893
ord14216
ord8974
ord9208
ord8479
ord14308
ord12583
ord5652
ord11725
ord11726
ord9139
ord11936
ord14588
ord8965
ord6978
ord11002
ord3266
ord13878
ord12262
ord12258
ord1722
ord1744
ord1770
ord1756
ord1777
ord4936
ord5003
ord4948
ord4966
ord4960
ord4954
ord5013
ord4997
ord4942
ord5019
ord4974
ord4912
ord4927
ord4988
ord4502
ord5790
ord9693
ord4494
ord3055
ord14590
ord7923
ord14596
ord6877
ord11717
ord2682
ord3371
ord3372
ord3265
ord12168
ord5249
ord5549
ord5760
ord9350
ord5525
ord5252
ord5411
ord5228
ord7722
ord7723
ord7712
ord1045
ord3305
ord3302
ord10255
ord2383
ord2178
ord14785
ord10285
ord10287
ord10286
ord10284
ord5409
ord8219
ord1513
ord1511
ord2409

kernel32

CloseHandle
Sleep
VirtualAlloc
ReadFile
GetFileSize
OutputDebugStringW
LocalFree
QueryPerformanceCounter
TerminateProcess
GetCurrentProcess
IsProcessorFeaturePresent
GetStartupInfoW
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsDebuggerPresent
InitializeSListHead
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
CreateFileA
CreateEventW
GetProcAddress
GetModuleHandleW
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
GetLastError

user32

IsChild
GetFocus
EnableWindow

urlmon

URLDownloadToFileA

vcruntime140

__std_terminate
__CxxFrameHandler3
memset
__current_exception
__current_exception_context
_except_handler4_common
_CxxThrowException

api-ms-win-crt-stdio-l1-1-0

__p__commode
__stdio_common_vfprintf
__acrt_iob_func
_set_fmode

api-ms-win-crt-heap-l1-1-0

_set_new_mode
free

api-ms-win-crt-runtime-l1-1-0

_register_thread_local_exe_atexit_callback
_seh_filter_exe
_controlfp_s
terminate
_crt_atexit
_register_onexit_function
_initialize_onexit_table
_set_app_type
_get_wide_winmain_command_line
_c_exit
_cexit
_configure_wide_argv
_exit
exit
_initterm_e
_initterm
_initialize_wide_environment

api-ms-win-crt-math-l1-1-0

__setusermatherr

api-ms-win-crt-locale-l1-1-0

_configthreadlocale

Sections

.text
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 154KB - Virtual size: 156KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

020552b899821979653c0e4eb591b354

Headers

DLL Characteristics

File Characteristics

Imports

mfc140u

kernel32

user32

urlmon

vcruntime140

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-locale-l1-1-0

Sections

.text Size: 8KB - Virtual size: 8KB

.rdata Size: 9KB - Virtual size: 8KB

.data Size: 1024B - Virtual size: 1KB

.rsrc Size: 154KB - Virtual size: 156KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 8KB - Virtual size: 8KB

.rdata
Size: 9KB - Virtual size: 8KB

.data
Size: 1024B - Virtual size: 1KB

.rsrc
Size: 154KB - Virtual size: 156KB

.reloc
Size: 2KB - Virtual size: 1KB