016f72574d7fe90f8251e67fff29d596

Sharing

Copy URL Twitter E-mail

General

Target

016f72574d7fe90f8251e67fff29d596
Size

230KB
MD5

016f72574d7fe90f8251e67fff29d596
SHA1

189efbf503519f67727572a44d7be1f58019a8bf
SHA256

3d041f03d521428cbd93040bec213d274a95c37ea1b2a5e20e26fbc4bb466df5
SHA512

fcf1f503585b6d40a9e683b83d98af8b13b31e22741e296586d474ff47232c3cd3dd24355b649a401c1dce182e3e79e0f3739cc31fd674f0076fe3b7f849d57f
SSDEEP

6144:oNJspSAnbPRB5xk35aQf707Cx93cH8lzqJi8jofEM:03AbpB5xk35jI7Cfys8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
016f72574d7fe90f8251e67fff29d596

Files

016f72574d7fe90f8251e67fff29d596
.exe windows:5 windows x86 arch:x86

1e34bdf4dc24134b2acb7ac23cb9113e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_controlfp
setvbuf
perror
wcstoul
strpbrk
putchar
__set_app_type
strtok
printf
__p__fmode
clock
system
__p__commode
_amsg_exit
vsprintf
gets
wcscoll
towupper
fputs
putc
rand
wcstol
toupper
_initterm
_ismbblead
_XcptFilter
swscanf
strtol
_exit
_cexit
vswprintf
free
__setusermatherr
isalnum
__getmainargs
getc

user32

ReplyMessage
AppendMenuA
IntersectRect
GetClassLongW
SystemParametersInfoW
GetForegroundWindow
GetDlgCtrlID
LockWindowUpdate
EnableMenuItem
DefFrameProcW
EndPaint
TrackPopupMenuEx
InflateRect
CreateIconFromResource
DrawTextA
GetClassLongA
RegisterClassExW
MapDialogRect
GetWindowTextW
MonitorFromPoint
CreateAcceleratorTableW
LookupIconIdFromDirectory
InvertRect
SendDlgItemMessageA
CharUpperA
GetClassNameW
LoadBitmapA
ChildWindowFromPoint
ScrollWindowEx
SetActiveWindow
IsCharAlphaA
DrawMenuBar
wsprintfW
GetActiveWindow
ToUnicodeEx
GetTopWindow
MessageBoxA
GetDlgItem
GetKeyboardLayout
CharToOemA
DrawAnimatedRects
DialogBoxParamW
GetDlgItemTextW
DestroyMenu
LoadIconW
FindWindowW
GetSysColor
GetClassInfoExW
LoadMenuW
EqualRect
GetWindowPlacement
RegisterHotKey
OpenInputDesktop
SendInput
IsWindow
IsDialogMessageW
RedrawWindow
GetSubMenu
SetWindowTextA
SetCursor
CreateDialogParamW
CharNextExA
CharPrevW
CharUpperW
AppendMenuW
GetWindowLongW
DrawIcon
EndDialog
GetSystemMetrics
LoadMenuA
GetDC
CheckDlgButton
GetPropW
CheckMenuItem
DrawTextExW
wvsprintfW
InsertMenuItemW
UnloadKeyboardLayout
VkKeyScanW
SetMenuItemBitmaps
CharNextA
WindowFromPoint
BeginDeferWindowPos
GetWindowTextA

comctl32

InitCommonControlsEx
ImageList_Draw
ImageList_Write
ImageList_Remove
CreateStatusWindowW
ImageList_Create

shlwapi

UrlIsOpaqueW
UrlGetLocationA

kernel32

FindNextChangeNotification
CopyFileW
GetCommandLineW
GetCommTimeouts
GetCommConfig
VirtualFree
SetSystemTime
GetThreadPriority
HeapReAlloc
CreateEventW
RemoveDirectoryW
GetLocaleInfoW
VerifyVersionInfoW
DeviceIoControl
LoadLibraryExW
lstrcmpiW
CompareFileTime
SetThreadAffinityMask
EnumSystemLocalesA
GetProcAddress
GetLocalTime
DeleteFileW
lstrcpyW
HeapLock
lstrcmpiA
SetCommState
HeapValidate
FileTimeToDosDateTime
FindCloseChangeNotification
GlobalSize
SetCommTimeouts
GetSystemDirectoryA
SetCurrentDirectoryW
GetModuleFileNameA
FileTimeToLocalFileTime
LockResource
FindResourceExW
OpenEventW
CompareStringA
DisconnectNamedPipe

Exports

Exports

?HistoryLoggingOn@@YGKDKPAX:O

Sections

.text
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdbg
Size: 512B - Virtual size: 100B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.iplan
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.eplan
Size: 512B - Virtual size: 91B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.run
Size: 1024B - Virtual size: 596B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.0dat
Size: 194KB - Virtual size: 194KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ram
Size: - Virtual size: 163KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1e34bdf4dc24134b2acb7ac23cb9113e

Headers

File Characteristics

Imports

msvcrt

user32

comctl32

shlwapi

kernel32

Exports

Exports

Sections

.text Size: 23KB - Virtual size: 23KB

.rdbg Size: 512B - Virtual size: 100B

.iplan Size: 4KB - Virtual size: 4KB

.eplan Size: 512B - Virtual size: 91B

.run Size: 1024B - Virtual size: 596B

.0dat Size: 194KB - Virtual size: 194KB

.data Size: 3KB - Virtual size: 2KB

.ram Size: - Virtual size: 163KB

.rsrc Size: 2KB - Virtual size: 1KB

.text
Size: 23KB - Virtual size: 23KB

.rdbg
Size: 512B - Virtual size: 100B

.iplan
Size: 4KB - Virtual size: 4KB

.eplan
Size: 512B - Virtual size: 91B

.run
Size: 1024B - Virtual size: 596B

.0dat
Size: 194KB - Virtual size: 194KB

.data
Size: 3KB - Virtual size: 2KB

.ram
Size: - Virtual size: 163KB

.rsrc
Size: 2KB - Virtual size: 1KB