16d9ce3d7918b035438737966608524d

Sharing

Copy URL Twitter E-mail

General

Target

16d9ce3d7918b035438737966608524d
Size

72KB
MD5

16d9ce3d7918b035438737966608524d
SHA1

ae80c28c3327d15065c5e309f94b7fd7eaf1bc1c
SHA256

63a89fdce146e66e433bc2f05b3a0381c0fa175d555600799ab53208618aab95
SHA512

9e12f8cd3a52bd49933a0c75bd02a41bdcd693de5ccf084aa993f5c7f2c7afeb7adefa4c8350b66a1da5b7248bbb14d485c88f0736de45814b6678b1dc724bf2
SSDEEP

1536:O27v7PQPoRstMkmyvpQzChMFnyN8/+iR:lPPbEMV+Hvi

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
16d9ce3d7918b035438737966608524d

Files

16d9ce3d7918b035438737966608524d
.dll windows:4 windows x86 arch:x86

29eae684e99b6b140f2e9eb4a5af5a42

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

SetHandleCount
CreateToolhelp32Snapshot
GlobalMemoryStatus
GetStringTypeExA
AddAtomW
FillConsoleOutputCharacterW
DeleteCriticalSection
IsBadStringPtrA
QueueUserAPC
GetStdHandle
WriteConsoleA
GlobalHandle
SetErrorMode
HeapSize
SetEvent
GetDriveTypeA
lstrcpyA
EscapeCommFunction
GetModuleHandleExW
UnlockFile
OpenMutexW
GetFullPathNameW
WaitNamedPipeW
FindResourceExW
lstrcmpiW
EnumResourceNamesW
GetFileType
GetFileSizeEx
GetSystemDefaultLangID
GetFileSize
GetCommandLineA
TryEnterCriticalSection
IsBadStringPtrW
HeapSetInformation
WriteConsoleInputA
GetComputerNameW
ClearCommError
GlobalFindAtomA
DeleteTimerQueueEx
GetFileTime
ReadFile
GetUserDefaultUILanguage
MoveFileW
HeapFree
CreateProcessA
ReleaseMutex
lstrlenA
lstrcatW
CloseHandle
CreateDirectoryA
GetSystemTimeAsFileTime
InterlockedExchange
CreateThread
VirtualQuery
CreateFileMappingA
GetComputerNameA
GetProcAddress
CreateMutexA
CopyFileA
GetLastError
GetModuleFileNameA
VirtualProtect
LoadLibraryA
UnmapViewOfFile
LeaveCriticalSection
MapViewOfFile
InitializeCriticalSection
HeapAlloc
IsBadHugeReadPtr

ole32

CoImpersonateClient
CoFileTimeNow
CoCreateFreeThreadedMarshaler
OleQueryCreateFromData
MkParseDisplayName
CreateItemMoniker
CoQueryProxyBlanket
CoAllowSetForegroundWindow
CoGetMarshalSizeMax
OleIsRunning
CoUninitialize
CoTaskMemFree
CoInitialize
CoTaskMemAlloc

user32

IsChild
SetDlgItemInt
SetDlgItemTextW
GetClassInfoW
InvalidateRgn
CheckRadioButton
GetWindowTextLengthA
UpdateLayeredWindow
SetCaretPos
FindWindowW
EnumDesktopsW
PostQuitMessage
SetScrollInfo
OpenDesktopA
LoadAcceleratorsW
GetPropW
GetMenuItemRect
DeleteMenu
GetCursor
GetUpdateRgn
OemToCharBuffA
IsWindowEnabled
SystemParametersInfoW
TranslateMDISysAccel
GetSystemMenu
MonitorFromRect
IsDialogMessageW
GetWindowLongA
CreateIcon
GetWindowLongW
DialogBoxParamA
ModifyMenuW
GetDoubleClickTime
GetUserObjectInformationW
PackDDElParam
GetWindowTextLengthW
VkKeyScanW
DrawTextA
EndDialog
SetClassLongW
GetClassLongA
SetTimer
KillTimer
DispatchMessageA
CallNextHookEx
GetMessageA
UnhookWindowsHookEx

advapi32

RegDeleteValueA
RegCloseKey
GetUserNameA
RegQueryValueExA
RegSetValueExA
RegOpenKeyExA
RegConnectRegistryW
QueryServiceStatusEx
EnumServicesStatusW
NotifyBootConfigStatus
ControlService
EnumDependentServicesW
ReadEventLogA
RegCreateKeyExW
StartServiceW
QueryServiceConfigW

gdi32

DeleteObject
OffsetViewportOrgEx
GetWinMetaFileBits
ExtFloodFill
DeleteEnhMetaFile
GetCharWidthA
DeleteDC
PtInRegion
OffsetRgn
GetOutlineTextMetricsA
GetMetaFileBitsEx
CreateEllipticRgnIndirect
GetBkColor
GetCurrentObject
LineTo
CreateFontW
CreateMetaFileA
GetBitmapDimensionEx
StretchBlt

Exports

Exports

DllInit
DllInstall

Sections

.text
Size: 52KB - Virtual size: 49KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 996B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

29eae684e99b6b140f2e9eb4a5af5a42

Headers

File Characteristics

Imports

kernel32

ole32

user32

advapi32

gdi32

Exports

Exports

Sections

.text Size: 52KB - Virtual size: 49KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 4KB - Virtual size: 996B

.reloc Size: 4KB - Virtual size: 1KB

.text
Size: 52KB - Virtual size: 49KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 4KB - Virtual size: 996B

.reloc
Size: 4KB - Virtual size: 1KB