e16b1cfde1345ef9bcac83f9dda01e4e505bd5b764c352ab039f0ea972205abe

Sharing

Copy URL Twitter E-mail

General

Target

e16b1cfde1345ef9bcac83f9dda01e4e505bd5b764c352ab039f0ea972205abe
Size

232KB
MD5

bc5ff79902ba5aa76caae40d295a13fa
SHA1

6f025ef4ed333678aa6ef4c423dfd6f9477e1cd4
SHA256

e16b1cfde1345ef9bcac83f9dda01e4e505bd5b764c352ab039f0ea972205abe
SHA512

0c323c662731fab0443b8f7bd79ffdc9192afe0ec31ae17036340c8162ee3b4bb41e43188f953b771aec2afa7bd908e0a50d5cdb57f2130ae72f8258ad8e2b18
SSDEEP

3072:TkA65Tgr8RF5KWl3aAuYWaoz2z6wSb43rknmLr1i1JGZs49koDvjvGPhNjlP:TnoRfdaGPXGQOJVIvz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e16b1cfde1345ef9bcac83f9dda01e4e505bd5b764c352ab039f0ea972205abe

Files

e16b1cfde1345ef9bcac83f9dda01e4e505bd5b764c352ab039f0ea972205abe
.exe windows x86

960ab1f0e85593b3343507a7d93dc72b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpyA
FlushInstructionCache
GetCurrentProcess
lstrcmpiA
CompareStringA
InterlockedIncrement
ReadFile
CreateFileA
GetTempPathA
FreeResource
WriteFile
SizeofResource
LockResource
WritePrivateProfileStringA
GetTempFileNameA
Module32Next
GetFileAttributesExA
Module32First
LoadResource
FindResourceA
GetProcAddress
LoadLibraryW
GetLastError
LocalFree
LocalAlloc
CreateFileW
MultiByteToWideChar
FlushFileBuffers
SetStdHandle
LoadLibraryA
SetFilePointer
IsBadCodePtr
IsBadReadPtr
GetStringTypeW
GetStringTypeA
DeleteCriticalSection
Sleep
SetUnhandledExceptionFilter
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
IsBadWritePtr
VirtualAlloc
VirtualFree
HeapCreate
GetVersionExA
GetEnvironmentVariableA
GetModuleFileNameA
TlsGetValue
SetLastError
TlsAlloc
TlsSetValue
GetOEMCP
GetACP
GetCPInfo
LCMapStringW
LCMapStringA
WideCharToMultiByte
HeapSize
HeapReAlloc
RaiseException
ExitProcess
GetVersion
GetCommandLineA
GetStartupInfoA
GetModuleHandleA
HeapAlloc
HeapDestroy
InitializeCriticalSection
CreateToolhelp32Snapshot
Process32First
Process32Next
OpenProcess
TerminateProcess
CloseHandle
GetSystemDirectoryA
GetWindowsDirectoryA
DeleteFileA
MoveFileExA
EnterCriticalSection
LeaveCriticalSection
lstrlenA
HeapFree
RtlUnwind
InterlockedDecrement
GetCurrentThreadId

user32

GetActiveWindow
SetWindowPos
EndDialog
DefWindowProcA
DialogBoxParamA
GetDlgItem
SendMessageA
GetParent
CallWindowProcA
GetSysColor
GetFocus
DrawFocusRect
GetDlgCtrlID
CreateWindowExA
LoadStringA
DrawTextA
ReleaseDC
GetClassNameA
CreateCursor
GetWindowTextLengthA
GetWindowTextA
GetDC
OffsetRect
CharNextA
BeginPaint
EndPaint
GetWindowLongA
FillRect
GetWindow
GetWindowRect
SystemParametersInfoA
GetClientRect
MapWindowPoints
DestroyWindow
InvalidateRect
PtInRect
SetCursor
UpdateWindow
SetFocus
SetCapture
GetCapture
ReleaseCapture
GetCursorPos
ScreenToClient
SetWindowLongA
IsWindow
DestroyCursor
SetRectEmpty
IsWindowEnabled
EnableWindow
MessageBoxA
ShowWindow
SetWindowTextA
GetSystemMetrics
LoadImageA

gdi32

SetTextColor
DeleteDC
GetStockObject
GetObjectA
CreateFontIndirectA
SelectObject
DeleteObject
SetBkMode

advapi32

RegOpenKeyExA
RegDeleteValueA
RegEnumKeyExA
RegCloseKey
RegEnumValueA
RegQueryValueExA

shell32

ShellExecuteA

ole32

CoInitialize
CoUninitialize

comctl32

InitCommonControlsEx
_TrackMouseEvent

wsock32

WSAStartup
ioctlsocket
gethostbyaddr
WSACleanup

shlwapi

PathFileExistsA
SHGetValueA
SHSetValueA
SHDeleteKeyA

Sections

.text
Size: 56KB - Virtual size: 56KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 148KB - Virtual size: 148KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

960ab1f0e85593b3343507a7d93dc72b

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

comctl32

wsock32

shlwapi

Sections

.text Size: 56KB - Virtual size: 56KB

.rdata Size: 8KB - Virtual size: 8KB

.data Size: 16KB - Virtual size: 19KB

.rsrc Size: 148KB - Virtual size: 148KB

.text
Size: 56KB - Virtual size: 56KB

.rdata
Size: 8KB - Virtual size: 8KB

.data
Size: 16KB - Virtual size: 19KB

.rsrc
Size: 148KB - Virtual size: 148KB