16a8e9fcd75e71d1e4a2a31b3b760307[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

16a8e9fcd75e71d1e4a2a31b3b760307.exe
Size

236KB
MD5

16a8e9fcd75e71d1e4a2a31b3b760307
SHA1

646cd827157850c90e3d9a8f9c8ebfea1f6fc52d
SHA256

c02a66141b8e301e75fe2bc47c1b0f564fe123fdecb85caedb142779a9f4f70c
SHA512

b680c933662af51746754e569ce4a652c0719d59d63749a490e97f004fd6675bc8a0610fad5e5d7bec5523001fcf833ae550367cb10d3f0885406d8431e0ff3f
SSDEEP

3072:sD2auT5V4ZA94Nid84L0BPpR1qQLCyzMkDMsj+hXFyfRvDIMw5t7Q7+fVpOi6r:sD2BdpLMpRBrVDMs6zyJBwz7QmV8dr

Score

N/A

Malware Config

Signatures

Files

16a8e9fcd75e71d1e4a2a31b3b760307.exe
.exe windows x86

fa8640a79704fef7deaa607934e0abc9

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFileSize
GetFileType
SetFileValidData
GetCurrentThread
IsWow64Process
GetFileSizeEx
ClearCommError
GetVersion
FreeConsole
FlushInstructionCache
GetSystemInfo
GetMailslotInfo
GetProcessHeap
AssignProcessToJobObject
AddAtomW
LCMapStringW
WideCharToMultiByte
LCMapStringA
GetStringTypeW
GetStringTypeA
GetLocaleInfoA
InitializeCriticalSectionAndSpinCount
LoadLibraryA
HeapSize
HeapReAlloc
VirtualAlloc
IsValidCodePage
GetOEMCP
SetFilePointer
GetCPInfo
EnterCriticalSection
LeaveCriticalSection
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
VirtualFree
HeapCreate
DeleteCriticalSection
GetStartupInfoA
SetHandleCount
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetModuleFileNameW
GetModuleFileNameA
WriteFile
ExitProcess
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
HeapAlloc
HeapFree
InterlockedDecrement
GetLastError
GetCurrentThreadId
SetLastError
InterlockedIncrement
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetModuleHandleW
GetStartupInfoW
RaiseException
RtlUnwind
SetFilePointerEx
InitializeCriticalSection
GetThreadPriority
LocalShrink
GetStdHandle
GlobalUnlock
GetFileInformationByHandle
EncodePointer
GetThreadContext
LocalUnlock
SetEndOfFile
GetProcessHandleCount
DeleteAtom
MultiByteToWideChar
GetModuleHandleA
GetProcAddress
GetACP
Sleep

user32

GetWindowLongA
wvsprintfA
SetWindowPos
FindWindowA
RedrawWindow
GetWindowTextA
EnableWindow
GetSystemMetrics
CheckRadioButton
UnregisterClassA
SetCursor
GetSysColorBrush
DialogBoxParamA
DestroyAcceleratorTable
DispatchMessageA
GetDlgItem
SendDlgItemMessageA
AppendMenuA
CreatePopupMenu
DestroyMenu
ClientToScreen
TrackPopupMenu
GetCursorPos
SendMessageA
GetDlgItemTextA
wsprintfA
MessageBoxA
TranslateMessage
LoadIconA
EmptyClipboard
SetClipboardData
SetFocus
CharUpperA
OpenClipboard
IsDialogMessageA
TranslateAcceleratorA
GetMessageA
LoadAcceleratorsA
RemoveMenu
InvalidateRect
ChildWindowFromPoint
PostMessageA
DestroyCursor
CreateDialogParamA
GetWindowRect
IsMenu
GetSubMenu
SetDlgItemInt
GetWindowPlacement
CharLowerBuffA
EnableMenuItem
CheckMenuRadioItem
GetSysColor
KillTimer
DestroyIcon
DestroyWindow
PostQuitMessage
GetClientRect
MoveWindow
GetSystemMenu
SetTimer
SetWindowPlacement
InsertMenuItemA
GetMenu
CheckMenuItem
SetMenuItemInfoA
SetActiveWindow
DefDlgProcA
RegisterClassA
EndDialog
SetDlgItemTextA
EnumClipboardFormats
GetClipboardData
CloseClipboard
GetClassInfoA
CallWindowProcA
SetWindowLongA
IsDlgButtonChecked
SetWindowTextA
CheckDlgButton
GetActiveWindow
LoadCursorA
IsWindow

comdlg32

CommDlgExtendedError
PrintDlgW
GetSaveFileNameW
ChooseFontW
GetFileTitleW
ChooseColorW

advapi32

OpenProcessToken
RegCreateKeyA
RegSetValueA
GetUserNameA
RegCloseKey
RegOpenKeyExA
RegDeleteKeyA
RegQueryValueExA
LookupPrivilegeValueA
AdjustTokenPrivileges

ole32

MkParseDisplayName
CoCopyProxy
CoInvalidateRemoteMachineBindings
CoRevertToSelf
CoMarshalInterface
CLSIDFromProgIDEx
IsAccelerator
MonikerCommonPrefixWith
CoImpersonateClient

version

GetFileVersionInfoW

Sections

.text
Size: 76KB - Virtual size: 76KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 140KB - Virtual size: 144KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

fa8640a79704fef7deaa607934e0abc9

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

comdlg32

advapi32

ole32

version

Sections

.text Size: 76KB - Virtual size: 76KB

.rdata Size: 18KB - Virtual size: 17KB

.data Size: 140KB - Virtual size: 144KB

.text
Size: 76KB - Virtual size: 76KB

.rdata
Size: 18KB - Virtual size: 17KB

.data
Size: 140KB - Virtual size: 144KB