016a98584dcd7d32cabb8009df6067ad

Sharing

Copy URL

Twitter E-mail

General

Target

016a98584dcd7d32cabb8009df6067ad
Size

608KB
MD5

016a98584dcd7d32cabb8009df6067ad
SHA1

2e97ea7235e1a58e3fc2ab1c78aaacee32254815
SHA256

99759c6a59da2f576f7229a501644c6361b19ecf8157570f3ed6d233caa690d2
SHA512

54c2084a473985980c942d3d4bff636549fd2a1d2c6b0779c5a2ba6bc8f4b47b7e50a676786fed670732d1b06d9c17de4ad94d60f4f6587e992a788a7da87222
SSDEEP

12288:tYVENZ/EqFBT9RhkqG7Qy2EB0NxDIBuOFe7/uTF:tYOZTXjhk1Qy2DtIoOFdTF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
016a98584dcd7d32cabb8009df6067ad

Files

016a98584dcd7d32cabb8009df6067ad
.exe windows:4 windows x86 arch:x86

c16bc7048951312a81922ce0e5fc1fea

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CopyFileA
WaitForSingleObject
GetFileAttributesA
DeleteFileA
SetFileAttributesA
CreateDirectoryA
CreateEventA
CreateThread
GetCommandLineA
GetModuleHandleA
GetCurrentProcess
GetLastError
WritePrivateProfileStringA
GetPrivateProfileStringA
GetPrivateProfileIntA
GetModuleFileNameA
GetShortPathNameA
GetCurrentDirectoryA
CreateToolhelp32Snapshot
Process32First
OpenProcess
Process32Next
CloseHandle
GetTempPathA
WinExec
lstrlenA
CreateProcessA
Sleep
TerminateProcess
MultiByteToWideChar
GetVersionExA
GetSystemDirectoryA
LoadLibraryA
GetProcAddress
FreeLibrary
InterlockedIncrement
InterlockedDecrement
WideCharToMultiByte
LocalFree
FormatMessageA
FindClose
SetLastError
FindFirstFileA
lstrcpyA
FindNextFileA
GetCurrentThreadId
GetCurrentThread
lstrcmpiA
lstrcmpA
GlobalDeleteAtom
GlobalAlloc
GlobalLock
DuplicateHandle
CreateFileA
ReadFile
WriteFile
SetFilePointer
FlushFileBuffers
LockFile
UnlockFile
SetEndOfFile
GetVolumeInformationA
lstrcpynA
GetFullPathNameA
FileTimeToSystemTime
FileTimeToLocalFileTime
SetErrorMode
lstrcatA
EnterCriticalSection
LocalAlloc
InitializeCriticalSection
DeleteCriticalSection
LeaveCriticalSection
TlsAlloc
GlobalFree
GlobalUnlock
GlobalHandle
GlobalReAlloc
TlsSetValue
LocalReAlloc
TlsGetValue
GlobalFlags
GetFileSize
GetFileTime
GetVersion
GlobalFindAtomA
GlobalAddAtomA
GlobalGetAtomNameA
GetProcessVersion
GetCPInfo
GetOEMCP
RtlUnwind
GetTimeZoneInformation
GetSystemTime
GetLocalTime
ExitProcess
HeapAlloc
HeapFree
GetACP
SetStdHandle
GetFileType
RaiseException
HeapReAlloc
HeapSize
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetStartupInfoA
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
LCMapStringA
LCMapStringW
VirtualAlloc
IsBadWritePtr
GetStringTypeA
GetStringTypeW
GetDriveTypeA
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
CompareStringA
CompareStringW
SetEnvironmentVariableA
InterlockedExchange

user32

ValidateRect
CallNextHookEx
GetKeyState
GetActiveWindow
TranslateMessage
SetCursor
GetNextDlgTabItem
GetParent
GetFocus
EnableMenuItem
CheckMenuItem
SetMenuItemBitmaps
ModifyMenuA
GetMenuState
LoadBitmapA
GetMenuCheckMarkDimensions
GetClassNameA
GetWindowLongA
PtInRect
GetWindowRect
GetDlgCtrlID
GetWindow
ClientToScreen
SetWindowTextA
GetWindowTextA
EnableWindow
MessageBoxA
IsWindowEnabled
GetLastActivePopup
UnhookWindowsHookEx
GetMenuItemCount
GetDC
ReleaseDC
TabbedTextOutA
DrawTextA
GrayStringA
GetWindowPlacement
IsIconic
SystemParametersInfoA
RegisterWindowMessageA
SetWindowPos
SetWindowLongA
SetForegroundWindow
GetForegroundWindow
GetMessagePos
GetMessageTime
IsWindowVisible
RemovePropA
CallWindowProcA
GetPropA
SetPropA
GetCursorPos
CreateWindowExA
DestroyWindow
GetDlgItem
GetMenuItemID
GetSubMenu
GetMenu
RegisterClassA
GetClassInfoA
WinHelpA
GetCapture
GetTopWindow
CopyRect
GetClientRect
AdjustWindowRectEx
SetFocus
GetSysColor
MapWindowPoints
LoadIconA
ShowWindow
LoadCursorA
GetSysColorBrush
DestroyMenu
DefWindowProcA
PeekMessageA
SetWindowsHookExA
LoadStringA
KillTimer
wsprintfA
DispatchMessageA
GetMessageA
SetTimer
FindWindowA
GetSystemMetrics
SendMessageA
CharUpperA
PostMessageA
PostQuitMessage
GetClassLongA

advapi32

RegCloseKey
RegDeleteValueA
AllocateAndInitializeSid
RegDeleteKeyA
InitializeAcl
LookupAccountNameA
AddAccessAllowedAce
SetNamedSecurityInfoA
GetUserNameA
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
RegCreateKeyExA
RegSetValueExA
RegEnumKeyExA
RegOpenKeyExA
RegQueryValueExA

shell32

SHChangeNotify
ShellExecuteA
SHFileOperationA

ole32

CoUninitialize
CoCreateInstance
CoInitialize

version

VerQueryValueA
GetFileVersionInfoA
GetFileVersionInfoSizeA

comctl32

ord17

urlmon

URLDownloadToFileA

wininet

InternetQueryDataAvailable
InternetReadFile
InternetWriteFile
InternetSetFilePointer
InternetSetStatusCallback
InternetOpenUrlA
InternetCloseHandle
InternetOpenA
InternetQueryOptionA
InternetCanonicalizeUrlA
InternetCrackUrlA
InternetGetConnectedState
InternetGetLastResponseInfoA

netapi32

Netbios

gdi32

GetClipBox
GetObjectA
ScaleWindowExtEx
ExtTextOutA
TextOutA
RectVisible
PtVisible
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SetMapMode
SetTextColor
SetBkColor
GetStockObject
SelectObject
RestoreDC
CreateBitmap
SaveDC
DeleteDC
GetDeviceCaps
DeleteObject
Escape

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

comdlg32

GetFileTitleA

Sections

.text
Size: 164KB - Virtual size: 163KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 136KB - Virtual size: 134KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tc
Size: 244KB - Virtual size: 244KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

c16bc7048951312a81922ce0e5fc1fea

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

ole32

version

comctl32

urlmon

wininet

netapi32

gdi32

winspool.drv

comdlg32

Sections

.text Size: 164KB - Virtual size: 163KB

.rdata Size: 32KB - Virtual size: 31KB

.data Size: 28KB - Virtual size: 39KB

.rsrc Size: 136KB - Virtual size: 134KB

.tc Size: 244KB - Virtual size: 244KB

.text
Size: 164KB - Virtual size: 163KB

.rdata
Size: 32KB - Virtual size: 31KB

.data
Size: 28KB - Virtual size: 39KB

.rsrc
Size: 136KB - Virtual size: 134KB

.tc
Size: 244KB - Virtual size: 244KB