16faa81c954dbf8c267efed4a155675f7701178b630c6119103d93898519c633

Sharing

Copy URL

Twitter E-mail

General

Target

16faa81c954dbf8c267efed4a155675f7701178b630c6119103d93898519c633
Size

4.6MB
MD5

adf4b405bde0cb85448267b2bc4482ad
SHA1

35621dcc68e24f2fbe7f24df702ba4cc7debc4ba
SHA256

16faa81c954dbf8c267efed4a155675f7701178b630c6119103d93898519c633
SHA512

c2cd2d23bf041b53fb74a339f7e32afd9e240063eb1510ca1861e4361a6f27ec715ab517fae62a25cb1b114babef592ef0b62e0586e0a08571c875fee73b54bf
SSDEEP

98304:FnlPITLd15vXLvkrVWnL2U9FXTx9C2DhW:FnlP0LdmVWnbbhl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
16faa81c954dbf8c267efed4a155675f7701178b630c6119103d93898519c633

Files

16faa81c954dbf8c267efed4a155675f7701178b630c6119103d93898519c633
.exe windows:5 windows x86

3b139bf7957f6c3af62315faa273c582

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

RtlUnwind
GetModuleFileNameA
GetModuleHandleExW
HeapValidate
GetSystemInfo
SetStdHandle
GetFileType
CreateThread
ExitThread
FreeLibraryAndExitThread
GetCommandLineA
GetCommandLineW
HeapQueryInformation
QueryPerformanceFrequency
VirtualAlloc
GetStdHandle
WriteConsoleW
ExitProcess
GetACP
LCMapStringW
IsValidLocale
EnumSystemLocalesW
GetTimeZoneInformation
GetStringTypeW
GetConsoleCP
GetConsoleMode
ReadConsoleW
SetFilePointerEx
GetDriveTypeW
FindFirstFileExW
IsValidCodePage
GetOEMCP
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableA
VirtualQuery
GetStartupInfoW
IsDebuggerPresent
InitializeSListHead
GetSystemTimeAsFileTime
QueryPerformanceCounter
IsProcessorFeaturePresent
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
WaitForSingleObjectEx
GetUserDefaultLCID
Sleep
SearchPathW
GetWindowsDirectoryW
GetTempPathW
GetTempFileNameW
FindResourceExW
VerifyVersionInfoW
lstrcpyW
VerSetConditionMask
GetFileTime
GetFileSizeEx
GetFileAttributesExW
GetFileAttributesW
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetLocaleInfoW
CompareStringW
VirtualProtect
GetProfileIntW
LocalReAlloc
LocalAlloc
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
SetErrorMode
GlobalFlags
GetTickCount
GetCurrentProcessId
GetPrivateProfileIntW
OutputDebugStringW
GetCurrentThread
WaitForSingleObject
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
FindNextFileW
FileTimeToLocalFileTime
GetThreadLocale
GetCurrentProcess
GetHandleInformation
DuplicateHandle
UnlockFile
SetFilePointer
SetEndOfFile
LockFile
GetVolumeInformationW
GetFullPathNameW
GetFileSize
FlushFileBuffers
FindFirstFileW
FindClose
CreateFileW
GlobalFindAtomW
GlobalAddAtomW
lstrcmpW
GlobalDeleteAtom
LoadLibraryExW
FreeLibrary
GetSystemDirectoryW
GetCurrentThreadId
EncodePointer
lstrcmpA
GetAtomNameW
GlobalGetAtomNameW
ResumeThread
SuspendThread
SetThreadPriority
CopyFileW
GlobalFree
GlobalSize
GlobalAlloc
LoadLibraryW
LoadLibraryA
GetProcAddress
GetModuleHandleW
GetModuleHandleA
OutputDebugStringA
MulDiv
GlobalUnlock
GlobalLock
WideCharToMultiByte
InterlockedDecrement
GetProcessHeap
DeleteCriticalSection
DecodePointer
HeapAlloc
RaiseException
HeapReAlloc
HeapSize
InitializeCriticalSectionAndSpinCount
HeapFree
ReadFile
GetOverlappedResult
WriteFile
LocalFree
FormatMessageW
GetVersion
GetCommMask
WaitForMultipleObjects
ClearCommError
WaitCommEvent
LeaveCriticalSection
PurgeComm
SetCommState
BuildCommDCBW
GetCommState
SetCommMask
SetCommTimeouts
CreateFileA
EnterCriticalSection
InitializeCriticalSection
CreateEventW
ResetEvent
CloseHandle
SetEvent
WritePrivateProfileStringW
DeleteFileW
GetPrivateProfileStringW
GetCurrentDirectoryW
GetModuleFileNameW
lstrcmpiW
lstrlenW
FreeResource
FindResourceW
LoadResource
LockResource
SizeofResource
GetCPInfo
GetLastError
SetLastError
MultiByteToWideChar
GetVersionExW

user32

DeferWindowPos
BeginDeferWindowPos
SetWindowPlacement
GetWindowPlacement
SetWindowPos
DestroyWindow
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
CallWindowProcW
DefWindowProcW
GetMessageTime
GetMessagePos
DispatchMessageW
RegisterWindowMessageW
GetMenuCheckMarkDimensions
NotifyWinEvent
LoadIconW
LoadCursorW
GetWindow
GetLastActivePopup
GetTopWindow
SetParent
GetParent
GetDesktopWindow
GetWindowLongW
WindowFromPoint
MapWindowPoints
HideCaret
SetWindowContextHelpId
GetWindowRect
GetClientRect
EnableScrollBar
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
LockWindowUpdate
RedrawWindow
InvalidateRgn
ValidateRect
InvalidateRect
GetWindowRgn
SetWindowRgn
GetUpdateRect
SetForegroundWindow
GetForegroundWindow
SetActiveWindow
UpdateWindow
GetSystemMenu
DrawMenuBar
EnableWindow
KillTimer
SetTimer
SetCapture
GetCapture
GetFocus
GetActiveWindow
OpenClipboard
GetNextDlgTabItem
GetNextDlgGroupItem
IsZoomed
BringWindowToTop
IsIconic
IsWindowVisible
ShowOwnedPopups
IsChild
PostThreadMessageW
IntersectRect
MapDialogRect
DestroyMenu
MapVirtualKeyW
GetKeyNameTextW
LoadBitmapW
InvertRect
FrameRect
DrawFocusRect
EndDeferWindowPos
GetDlgItem
GetDlgCtrlID
SetFocus
PostQuitMessage
PeekMessageW
CopyRect
TabbedTextOutW
DrawStateW
GrayStringW
DrawTextExW
DrawIcon
SetMenuDefaultItem
GetMenuDefaultItem
SetMenuItemInfoW
InsertMenuItemW
SetMenuItemBitmaps
GetKeyState
GetMenu
SetMenu
TrackPopupMenu
ScrollWindow
SetPropW
GetPropW
RemovePropW
GetWindowTextW
GetWindowTextLengthW
AdjustWindowRectEx
MessageBoxW
EqualRect
GetClassLongW
DeleteMenu
RemoveMenu
ModifyMenuW
AppendMenuW
GetClassNameW
SetWindowsHookExW
UnhookWindowsHookEx
CallNextHookEx
SetScrollInfo
GetScrollInfo
WinHelpW
MonitorFromWindow
GetMonitorInfoW
GetSysColor
SetRect
GetMenuItemInfoW
SystemParametersInfoW
DrawIconEx
DestroyIcon
GetSystemMetrics
FillRect
GetSysColorBrush
DestroyCursor
IsMenu
SetCursor
SendMessageW
PostMessageW
InflateRect
OffsetRect
GetDC
ReleaseDC
GetIconInfo
CreateIconIndirect
LoadImageW
DrawTextW
UnregisterClassW
GetCursorPos
PtInRect
IsWindow
SetRectEmpty
SetWindowLongW
GetWindowDC
BeginPaint
EndPaint
ClientToScreen
ScreenToClient
DrawEdge
DrawFrameControl
LoadMenuW
GetMenuStringW
GetMenuState
CreateMenu
CreatePopupMenu
CheckMenuItem
EnableMenuItem
GetSubMenu
GetMenuItemID
GetMenuItemCount
InsertMenuW
GetComboBoxInfo
SubtractRect
IsClipboardFormatAvailable
TranslateMDISysAccel
DefMDIChildProcW
DefFrameProcW
MapVirtualKeyExW
IsCharLowerW
GetDoubleClickTime
CopyIcon
CharUpperBuffW
EmptyClipboard
SetClipboardData
CloseClipboard
SetClassLongW
SetCursorPos
DestroyAcceleratorTable
CreateAcceleratorTableW
GetKeyboardState
GetKeyboardLayout
ToUnicodeEx
CopyAcceleratorTableW
CharNextW
WaitMessage
MonitorFromPoint
UnionRect
UpdateLayeredWindow
MessageBeep
TrackMouseEvent
EnumDisplayMonitors
SetLayeredWindowAttributes
IsRectEmpty
GetClipboardFormatNameW
GetClipboardFormatNameA
CopyImage
GetAsyncKeyState
ReuseDDElParam
UnpackDDElParam
TranslateAcceleratorW
LoadAcceleratorsW
ReleaseCapture
ShowWindow
MoveWindow
CheckDlgButton
IsWindowEnabled
SetWindowTextW
IsDialogMessageW
CharUpperW
CreateDialogIndirectParamW
EndDialog
SendDlgItemMessageA
GetMessageW
TranslateMessage
GetWindowThreadProcessId
RegisterClipboardFormatW
RealChildWindowFromPoint

gdi32

CreateHatchBrush
CreatePen
CreatePatternBrush
CreateRectRgn
ExcludeClipRect
GetClipBox
GetDeviceCaps
IntersectClipRect
LineTo
RestoreDC
SaveDC
ExtSelectClipRgn
SelectPalette
SetBkMode
SetMapMode
SetLayout
GetLayout
SetPolyFillMode
SetROP2
SetTextAlign
MoveToEx
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
CombineRgn
CreateDCW
CreateEllipticRgn
CreateFontIndirectW
CreatePalette
CreateRectRgnIndirect
CreateRoundRectRgn
Ellipse
Escape
ExtFloodFill
FillRgn
FrameRgn
GetBkColor
GetBkMode
GetBoundsRect
GetMapMode
GetObjectW
StretchDIBits
GetPaletteEntries
GetRgnBox
GetTextColor
GetViewportExtEx
GetViewportOrgEx
GetWindowExtEx
GetWindowOrgEx
OffsetRgn
PatBlt
PtInRegion
PtVisible
RectVisible
Rectangle
RealizePalette
RoundRect
SetPaletteEntries
SetPixelV
StretchBlt
SetRectRgn
GetTextMetricsW
TextOutW
ExtTextOutW
CreatePolygonRgn
DPtoLP
LPtoDP
Polygon
Polyline
GetTextFaceW
CopyMetaFileW
CreateDIBitmap
EnumFontFamiliesW
GetTextCharsetInfo
EnumFontFamiliesExW
SetDIBColorTable
GetSystemPaletteEntries
SetPixel
GetPixel
CreateCompatibleBitmap
GetObjectType
GetCharWidthW
CreateFontW
SetTextColor
SetBkColor
CreateBitmap
GetStockObject
DeleteDC
SelectClipRgn
DeleteObject
CreateSolidBrush
BitBlt
GetTextExtentPoint32W
CreateCompatibleDC
CreateDIBSection
GetNearestPaletteIndex
SelectObject

msimg32

TransparentBlt
AlphaBlend

winspool.drv

ClosePrinter
DocumentPropertiesW
OpenPrinterW

advapi32

RegEnumKeyW
RegEnumValueW
RegCreateKeyExW
RegDeleteKeyW
RegDeleteValueW
RegSetValueExW
RegQueryValueW
RegEnumKeyExW
RegCloseKey
RegQueryValueExW
RegOpenKeyExW
RegQueryInfoKeyW

shell32

ShellExecuteExW
ShellExecuteW
SHBrowseForFolderW
SHGetPathFromIDListW
SHAppBarMessage
SHGetDesktopFolder
SHGetSpecialFolderLocation
DragFinish
DragQueryFileW
SHGetFileInfoW

comctl32

InitCommonControlsEx
_TrackMouseEvent

shlwapi

PathFileExistsW
PathIsUNCW
PathStripToRootW
PathFindExtensionW
PathFindFileNameW
PathRemoveFileSpecW
StrFormatKBSizeW

uxtheme

GetThemePartSize
IsAppThemed
DrawThemeParentBackground
DrawThemeText
GetThemeColor
GetCurrentThemeName
GetThemeSysColor
GetWindowTheme
IsThemeBackgroundPartiallyTransparent
DrawThemeBackground
CloseThemeData
OpenThemeData

ole32

IsAccelerator
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleTranslateAccelerator
OleLockRunning
OleGetClipboard
CreateStreamOnHGlobal
DoDragDrop
CoRegisterMessageFilter
OleIsCurrentClipboard
OleFlushClipboard
CoRevokeClassObject
CreateILockBytesOnHGlobal
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CoGetClassObject
OleUninitialize
OleInitialize
CoFreeUnusedLibraries
StringFromGUID2
CoInitializeEx
CoDisconnectObject
CLSIDFromProgID
CLSIDFromString
CoCreateGuid
CoUninitialize
ReleaseStgMedium
OleDuplicateData
CoTaskMemFree
CoTaskMemAlloc
StringFromCLSID
OleRun
CoCreateInstance
CoInitialize
CoLockObjectExternal
RegisterDragDrop
RevokeDragDrop

oleaut32

OleCreateFontIndirect
LoadTypeLi
VarBstrFromDate
VariantCopy
SafeArrayDestroy
VariantTimeToSystemTime
SystemTimeToVariantTime
SysStringLen
VariantChangeType
SysAllocStringLen
SysAllocString
SysFreeString
SysAllocStringByteLen
SysStringByteLen
VariantClear
VariantInit
GetErrorInfo

oledlg

OleUIBusyW

gdiplus

GdipBitmapUnlockBits
GdipDrawImageI
GdipCreateBitmapFromScan0
GdipBitmapLockBits
GdipCreateBitmapFromStreamICM
GdiplusShutdown
GdipAlloc
GdipFree
GdiplusStartup
GdipCloneImage
GdipDisposeImage
GdipCreateBitmapFromHBITMAP
GdipCreateFromHDC
GdipDeleteGraphics
GdipSetInterpolationMode
GdipDrawImageRectI
GdipGetImageGraphicsContext
GdipGetImageWidth
GdipGetImageHeight
GdipGetImagePixelFormat
GdipGetImagePalette
GdipGetImagePaletteSize
GdipCreateBitmapFromStream

winmm

PlaySoundW

libhpdf

HPDF_Page_MoveTo
HPDF_New
HPDF_SetCompressionMode
HPDF_UseCNSFonts
HPDF_Page_BeginText
HPDF_Page_MoveTextPos
HPDF_Page_ShowText
HPDF_Free
HPDF_SaveToFile
HPDF_Page_Stroke
HPDF_Page_LineTo
HPDF_Page_EndText
HPDF_Page_GetWidth
HPDF_Page_GetHeight
HPDF_Page_TextOut
HPDF_Page_TextWidth
HPDF_Page_SetFontAndSize
HPDF_AddPage
HPDF_GetFont
HPDF_UseCNSEncodings

oleacc

LresultFromObject
AccessibleObjectFromWindow
CreateStdAccessibleObject

imm32

ImmReleaseContext
ImmGetOpenStatus
ImmGetContext

Sections

.text
Size: 3.5MB - Virtual size: 3.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 604KB - Virtual size: 603KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 23KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 111KB - Virtual size: 111KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.giats
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 215KB - Virtual size: 215KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 188KB - Virtual size: 187KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3b139bf7957f6c3af62315faa273c582

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

uxtheme

ole32

oleaut32

oledlg

gdiplus

winmm

libhpdf

oleacc

imm32

Sections

.text Size: 3.5MB - Virtual size: 3.5MB

.rdata Size: 604KB - Virtual size: 603KB

.data Size: 23KB - Virtual size: 59KB

.gfids Size: 111KB - Virtual size: 111KB

.giats Size: 512B - Virtual size: 16B

.tls Size: 512B - Virtual size: 9B

.rsrc Size: 215KB - Virtual size: 215KB

.reloc Size: 188KB - Virtual size: 187KB

.text
Size: 3.5MB - Virtual size: 3.5MB

.rdata
Size: 604KB - Virtual size: 603KB

.data
Size: 23KB - Virtual size: 59KB

.gfids
Size: 111KB - Virtual size: 111KB

.giats
Size: 512B - Virtual size: 16B

.tls
Size: 512B - Virtual size: 9B

.rsrc
Size: 215KB - Virtual size: 215KB

.reloc
Size: 188KB - Virtual size: 187KB