16b20ba0118802645e0b580e24352cc1

Sharing

Copy URL Twitter E-mail

General

Target

16b20ba0118802645e0b580e24352cc1
Size

644KB
MD5

16b20ba0118802645e0b580e24352cc1
SHA1

35debc1cd6521ef0c2daf86a31b6d9205b5d082f
SHA256

56fa839966bd9595336279e977c1a637ad1d773768a8254ac4d9f33efe144e0f
SHA512

617e523e8fcb7cdfe9e1030b2cd75b59b6b797eed94ae9b02b4babdd5148a3eb0922c1258b0e9b4dcaf875974eda7ac61c343a4e5ca548b917fa530d4cb6f262
SSDEEP

12288:qg588kooZGwb/iqUahKPC97+VpkI0otKOyUTKzN3pk0cvymW:qg53kooJmWKK5mpuoRyU+dpk1vymW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
16b20ba0118802645e0b580e24352cc1

Files

16b20ba0118802645e0b580e24352cc1
.exe windows:5 windows x86 arch:x86

64b64692d8b817c5dd3f733e09a725a9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetOEMCP
VirtualAlloc
VirtualFree
HeapCreate
CreateProcessA
SizeofResource
InterlockedExchange
GetVersion
GetModuleHandleW
GetACP
CloseHandle
ReadFile
SetFilePointer
TlsFree
MapViewOfFile
RaiseException
GetCurrentThread
InterlockedCompareExchange
GetCommandLineA
HeapSize
WideCharToMultiByte
GetCommandLineW
LockResource
GetCurrentProcessId
GetEnvironmentStrings
lstrlenW
GetEnvironmentStringsW
GetThreadLocale
LCMapStringA
GetConsoleCP
GlobalFree
lstrlenA
GetSystemInfo
UnmapViewOfFile
LCMapStringW
GetLastError
InterlockedIncrement
HeapAlloc
CreateFileA
TlsSetValue
GetFileType
CreateEventA
CreateFileW
Sleep
GetTimeZoneInformation
GetProcAddress
FindFirstFileW
CreateFileMappingA
lstrcmpA
GetProcessHeap
WaitForMultipleObjects
DeleteFileW
DeleteFileA
GetFileSize
GetStartupInfoA
LoadLibraryA
GetVersionExA
GetTickCount
QueryPerformanceCounter
FreeLibrary
lstrcmpiA
SetHandleCount
EnterCriticalSection
HeapFree
GetCurrentThreadId
GetLocaleInfoA
SetEndOfFile
GlobalAlloc
SetUnhandledExceptionFilter
TerminateProcess
SetEnvironmentVariableA
MulDiv
CreateThread
GetModuleHandleA
CreateMutexA
GetLocalTime
MultiByteToWideChar
LoadLibraryExW
UnhandledExceptionFilter
GetModuleFileNameA
FlushFileBuffers
ExitProcess
IsDebuggerPresent
GetModuleFileNameW
InitializeCriticalSection
SetLastError
FormatMessageA
TlsGetValue
FindClose
LoadResource
GetEnvironmentVariableA
FormatMessageW
LocalFree
SetEvent
GetStringTypeW
HeapReAlloc
GetSystemTimeAsFileTime
WriteFile
GetStringTypeA
LoadLibraryW
GetCPInfo
SetStdHandle
FreeEnvironmentStringsW
ExpandEnvironmentStringsA
LocalAlloc
GetConsoleMode
GetCurrentProcess
DeleteCriticalSection
FreeEnvironmentStringsA
HeapDestroy
WaitForSingleObject
GetFileAttributesA
GetStdHandle
TlsAlloc
RtlUnwind
LeaveCriticalSection
InterlockedDecrement

user32

SetCursor
GetFocus
GetClientRect
InvalidateRect
IsWindowVisible
SystemParametersInfoA
GetSysColor
MessageBoxA
GetDesktopWindow
TrackPopupMenu
LoadIconA
LoadCursorA
ClientToScreen
GetDlgItem
SetTimer
GetWindowLongA
SetWindowTextA
SetWindowLongA
PostMessageA
GetWindowRect
GetSystemMetrics
DefWindowProcA
BeginPaint
CreateWindowExA
GetSubMenu
SetForegroundWindow
TranslateMessage
ShowWindow
GetParent
DestroyWindow
SendMessageA
GetCursorPos
GetDC
EndPaint
IsWindow
SetWindowPos
ReleaseDC
PostQuitMessage

Sections

.text
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 602KB - Virtual size: 602KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 15KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

64b64692d8b817c5dd3f733e09a725a9

Headers

File Characteristics

Imports

kernel32

user32

Sections

.text Size: 21KB - Virtual size: 20KB

.rdata Size: 602KB - Virtual size: 602KB

.data Size: 15KB - Virtual size: 18KB

.rsrc Size: 4KB - Virtual size: 4KB

.text
Size: 21KB - Virtual size: 20KB

.rdata
Size: 602KB - Virtual size: 602KB

.data
Size: 15KB - Virtual size: 18KB

.rsrc
Size: 4KB - Virtual size: 4KB