16d3c8f75d0ba82bace61afc8df9be1c60735a45a1699a5f06e6c0687b9936a7

Sharing

Copy URL

Twitter E-mail

General

Target

16d3c8f75d0ba82bace61afc8df9be1c60735a45a1699a5f06e6c0687b9936a7
Size

256KB
MD5

6e4786b175f5dca83d53b955f8a5f425
SHA1

c1acb4208dcbf189a6d6eeb078b6fb1a16140d9b
SHA256

16d3c8f75d0ba82bace61afc8df9be1c60735a45a1699a5f06e6c0687b9936a7
SHA512

8711864f2eeb049f2b8b812168a297546322c5f9b843a3418e3ae1fa6d779d39b51a2be7d2ae5f2a668e019519e8cbe5a5b2071d29b06a7457ca390df5bfb24a
SSDEEP

3072:2TE5Nr32PnYGb+1sVFc0WSY74IoVV47w8mCW7mH6Mc7wr73mlDe/XEt+lGFD:eELT2PYGb+1sVi0I74dIU/EmWlCD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
16d3c8f75d0ba82bace61afc8df9be1c60735a45a1699a5f06e6c0687b9936a7

Files

16d3c8f75d0ba82bace61afc8df9be1c60735a45a1699a5f06e6c0687b9936a7
.dll windows:4 windows x86 arch:x86

287e0713c679df596550df57403b823a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GlobalFlags
InterlockedIncrement
GetVersionExA
GlobalFindAtomW
GetThreadLocale
ReadFile
FlushFileBuffers
SetEndOfFile
CreateFileW
RtlUnwind
RaiseException
HeapFree
WritePrivateProfileStringW
GetCommandLineA
GetProcessHeap
ExitProcess
HeapReAlloc
HeapSize
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
Sleep
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
LCMapStringA
LCMapStringW
HeapDestroy
HeapCreate
GetStdHandle
GetModuleFileNameA
SetHandleCount
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetSystemTimeAsFileTime
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
SetStdHandle
GetConsoleCP
GetConsoleMode
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA
SetErrorMode
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
GlobalHandle
GlobalReAlloc
TlsGetValue
LocalAlloc
InterlockedDecrement
GlobalFree
GlobalUnlock
FormatMessageW
LocalFree
lstrlenW
GetCurrentProcessId
GlobalAddAtomW
GlobalDeleteAtom
ConvertDefaultLocale
GetVersion
EnumResourceLanguagesW
GetLocaleInfoW
WideCharToMultiByte
InterlockedExchange
GlobalLock
lstrcmpW
GlobalAlloc
VirtualAlloc
VirtualProtect
LoadLibraryA
CloseHandle
SetFilePointer
WriteFile
SetLastError
SuspendThread
GetThreadContext
SetThreadContext
FlushInstructionCache
GetCurrentThreadId
InterlockedCompareExchange
VirtualFree
VirtualQuery
ResumeThread
GetLastError
GetModuleHandleW
GetCurrentThread
MultiByteToWideChar
FreeLibrary
InitializeCriticalSection
GetModuleHandleA
GetProcAddress
GetCurrentProcess
EnterCriticalSection
LeaveCriticalSection
FindResourceW
LoadResource
LockResource
SizeofResource
GetModuleFileNameW
HeapAlloc
LoadLibraryW

shlwapi

PathFindFileNameW
PathFindExtensionW

oleacc

LresultFromObject
CreateStdAccessibleObject

user32

UnregisterClassA
ShowWindow
RegisterWindowMessageW
LoadIconW
WinHelpW
GetCapture
GetClassLongW
SetPropW
GetPropW
RemovePropW
IsWindow
GetForegroundWindow
GetDlgItem
GetTopWindow
DestroyWindow
GetMessageTime
GetMessagePos
MapWindowPoints
SetForegroundWindow
GetClientRect
LoadCursorW
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
AdjustWindowRectEx
CopyRect
DefWindowProcW
CallWindowProcW
SetWindowLongW
SetWindowPos
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetSystemMetrics
GetWindow
GetDlgCtrlID
GetClassNameW
PtInRect
GetWindowTextW
SetWindowTextW
GetSysColor
ReleaseDC
GetDC
ClientToScreen
GrayStringW
DrawTextExW
DestroyMenu
DrawTextW
TabbedTextOutW
UnregisterClassW
UnhookWindowsHookEx
GetMenuItemID
GetMenuItemCount
GetSubMenu
GetSysColorBrush
GetMenu
PostQuitMessage
PostMessageW
CheckMenuItem
EnableMenuItem
GetMenuState
ModifyMenuW
SendMessageW
GetParent
GetFocus
LoadBitmapW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
ValidateRect
GetCursorPos
PeekMessageW
GetKeyState
IsWindowVisible
GetActiveWindow
GetWindowThreadProcessId
GetWindowLongW
GetLastActivePopup
IsWindowEnabled
EnableWindow
MessageBoxW
SetCursor
SetWindowsHookExW
CallNextHookEx
GetMessageW
TranslateMessage
DispatchMessageW
GetWindowRect

gdi32

DeleteDC
GetStockObject
ExtTextOutW
ScaleWindowExtEx
SetWindowExtEx
GetDeviceCaps
SaveDC
RestoreDC
SetBkColor
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
CreateBitmap
TextOutW
RectVisible
PtVisible
DeleteObject
GetClipBox
SetMapMode
SetTextColor
Escape

winspool.drv

DocumentPropertiesW
OpenPrinterW
ClosePrinter

advapi32

RegSetValueExW
RegCreateKeyExW
RegQueryValueW
RegOpenKeyW
RegEnumKeyW
RegDeleteKeyW
RegOpenKeyExW
RegQueryValueExW
RegCloseKey

oleaut32

VariantClear
VariantChangeType
VariantInit

Exports

Exports

HJmRnh
NqKT

Sections

.text
Size: 164KB - Virtual size: 161KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 40KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

287e0713c679df596550df57403b823a

Headers

File Characteristics

Imports

kernel32

shlwapi

oleacc

user32

gdi32

winspool.drv

advapi32

oleaut32

Exports

Exports

Sections

.text Size: 164KB - Virtual size: 161KB

.rdata Size: 40KB - Virtual size: 36KB

.data Size: 12KB - Virtual size: 26KB

.rsrc Size: 12KB - Virtual size: 10KB

.reloc Size: 24KB - Virtual size: 20KB

.text
Size: 164KB - Virtual size: 161KB

.rdata
Size: 40KB - Virtual size: 36KB

.data
Size: 12KB - Virtual size: 26KB

.rsrc
Size: 12KB - Virtual size: 10KB

.reloc
Size: 24KB - Virtual size: 20KB