16afc75bf94b9c7f19c91c7508e62d7f

Sharing

Copy URL Twitter E-mail

General

Target

16afc75bf94b9c7f19c91c7508e62d7f
Size

264KB
MD5

16afc75bf94b9c7f19c91c7508e62d7f
SHA1

f651895989b861574cd785fb980f200b41909be0
SHA256

3c27cd53c23339e96c0ad247683297d4dafb169f5da8dc36a90f8aa20285aba3
SHA512

b21a83663c8b0b44b5c73989db6459145ae59692b3ac5b975c296bc3dfa84900493f30e0664126577ef7a29bbbefc5f003071250a70d33254e8f1f1d5f9494ab
SSDEEP

3072:cC27Ffzl3PQN6Tz0XJsDa5L4VVEhBJYihyLto2OweuPxeBCEX9N8ofQbtIHGoyd:cC27BR3PQ+0XJs8SVWBfwnxex8tIHGt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
16afc75bf94b9c7f19c91c7508e62d7f

Files

16afc75bf94b9c7f19c91c7508e62d7f
.exe windows:4 windows x86 arch:x86

2744eb8fa9f9469b0cdccece4c5dc32b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

RtlUnwind
ExitProcess
HeapFree
TerminateProcess
GetStartupInfoA
GetCommandLineA
RaiseException
HeapAlloc
GetTickCount
GetACP
GetTimeZoneInformation
SetStdHandle
GetFileType
HeapSize
HeapReAlloc
GetLocalTime
HeapCreate
WritePrivateProfileStringA
SetErrorMode
GetSystemTime
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
FindFirstFileA
HeapDestroy
FindClose
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
CompareStringA
CompareStringW
SetEnvironmentVariableA
SizeofResource
GetProcessVersion
GetOEMCP
GetCPInfo
LocalReAlloc
GlobalFlags
TlsGetValue
GlobalReAlloc
TlsSetValue
EnterCriticalSection
GlobalHandle
LeaveCriticalSection
TlsFree
InitializeCriticalSection
DeleteCriticalSection
TlsAlloc
SetFileTime
LocalAlloc
SetFileAttributesA
GetFileTime
SystemTimeToFileTime
LocalFileTimeToFileTime
GetFileSize
GetFileAttributesA
GetFullPathNameA
GetThreadLocale
VirtualFree
VirtualAlloc
lstrcpynA
GlobalDeleteAtom
GetModuleHandleA
GetVersionExA
GetProcAddress
GetCurrentProcessId
OpenMutexA
CreateMutexA
GetModuleFileNameA
CloseHandle
lstrcatA
lstrlenA
WinExec
lstrcpyA
GetWindowsDirectoryA
LoadLibraryA
GetVolumeInformationA
SetHandleCount
DeleteFileA
GetProfileStringA
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
CreateFileA
GetCurrentProcess
DuplicateHandle
GetLastError
GlobalAlloc
GetCurrentThread
lstrcmpA
FileTimeToLocalFileTime
FileTimeToSystemTime
FormatMessageA
LocalFree
MulDiv
SetLastError
MultiByteToWideChar
WideCharToMultiByte
InterlockedDecrement
InterlockedIncrement
GlobalLock
GlobalUnlock
GlobalFree
FindResourceA
LoadResource
LockResource
GetVersion
GetCurrentThreadId
GlobalGetAtomNameA
lstrcmpiA
GlobalAddAtomA
GlobalFindAtomA
GetStdHandle
SetUnhandledExceptionFilter
IsBadWritePtr
UnhandledExceptionFilter
FreeLibrary

user32

GetSysColorBrush
GetDesktopWindow
CharNextA
CopyAcceleratorTableA
SetRect
GetNextDlgGroupItem
RegisterClipboardFormatA
PostThreadMessageA
GetMessageA
TranslateMessage
ValidateRect
GetCursorPos
WindowFromPoint
GrayStringA
DrawTextA
TabbedTextOutA
EndPaint
BeginPaint
GetWindowDC
ClientToScreen
LoadStringA
wvsprintfA
EndDialog
GetActiveWindow
GetMenuCheckMarkDimensions
LoadBitmapA
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetNextDlgTabItem
IsWindowEnabled
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
KillTimer
GetClassNameA
UpdateWindow
SendDlgItemMessageA
MapWindowPoints
PeekMessageA
DispatchMessageA
SetActiveWindow
SetFocus
AdjustWindowRectEx
ScreenToClient
CopyRect
IsWindowVisible
SetWindowContextHelpId
GetTopWindow
MessageBoxA
IsChild
GetCapture
WinHelpA
wsprintfA
GetClassInfoA
RegisterClassA
GetMenu
GetMenuItemCount
GetSubMenu
GetMenuItemID
GetDlgItem
GetWindowTextLengthA
GetWindowTextA
GetDlgCtrlID
GetKeyState
DefWindowProcA
DestroyWindow
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
SetPropA
UnhookWindowsHookEx
GetPropA
CallWindowProcA
RemovePropA
GetMessageTime
GetMessagePos
GetLastActivePopup
GetForegroundWindow
SetForegroundWindow
GetWindowLongA
SetWindowPos
RegisterWindowMessageA
OffsetRect
IntersectRect
DestroyMenu
MapDialogRect
WaitMessage
CharUpperA
SystemParametersInfoA
GetWindowPlacement
FindWindowA
GetWindow
GetFocus
PostMessageA
IsIconic
GetSystemMetrics
DrawIcon
SetTimer
GetSystemMenu
AppendMenuA
LoadIconA
LoadCursorA
CopyIcon
GetWindowRect
GetParent
GetDC
ReleaseDC
InflateRect
InvalidateRect
IsWindow
SetWindowLongA
SetCursor
GetClientRect
PtInRect
ReleaseCapture
RedrawWindow
SetCapture
MessageBeep
SendMessageA
GetSysColor
PostQuitMessage
BringWindowToTop
EnableWindow
CreateDialogIndirectParamA
UnregisterClassA
HideCaret
ShowCaret
ExcludeUpdateRgn
DrawFocusRect
DefDlgProcA
IsWindowUnicode

gdi32

DeleteObject
GetDeviceCaps
GetViewportExtEx
GetWindowExtEx
CreateSolidBrush
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
GetTextColor
GetBkColor
DPtoLP
LPtoDP
GetMapMode
PatBlt
CreateDIBitmap
CreateCompatibleDC
BitBlt
GetTextExtentPointA
IntersectClipRect
SetWindowExtEx
ScaleWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
SetViewportOrgEx
SetMapMode
OffsetViewportOrgEx
SelectObject
SetBkMode
SaveDC
RestoreDC
CreateBitmap
SetBkColor
DeleteDC
GetClipBox
SetTextColor
GetObjectA
CreateFontIndirectA
GetTextExtentPoint32A
GetStockObject

comdlg32

GetFileTitleA

winspool.drv

DocumentPropertiesA
ClosePrinter
OpenPrinterA

advapi32

RegCloseKey
RegQueryValueA
RegOpenKeyExA
RegSetValueExA
RegCreateKeyExA

shell32

ShellExecuteA

comctl32

ord17

oledlg

ord8

ole32

CLSIDFromProgID
CLSIDFromString
CoGetClassObject
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
CoTaskMemFree
CoTaskMemAlloc
OleInitialize
OleUninitialize
CoFreeUnusedLibraries
CoRegisterMessageFilter
CoRevokeClassObject
OleFlushClipboard
OleIsCurrentClipboard

olepro32

ord253

oleaut32

SysStringLen
SysFreeString
SysAllocStringByteLen
SysAllocString
VariantChangeType
VariantCopy
VariantTimeToSystemTime
VariantClear
SysAllocStringLen

wsock32

WSAStartup
WSAGetLastError
WSASetLastError
htonl
connect
sendto
recvfrom
socket
inet_ntoa
WSAAsyncSelect
send
recv
closesocket
gethostbyname
htons
bind
ioctlsocket
accept
WSACleanup
gethostname

Sections

.text
Size: 180KB - Virtual size: 178KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 44KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2744eb8fa9f9469b0cdccece4c5dc32b

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

oledlg

ole32

olepro32

oleaut32

wsock32

Sections

.text Size: 180KB - Virtual size: 178KB

.rdata Size: 44KB - Virtual size: 42KB

.data Size: 12KB - Virtual size: 28KB

.rsrc Size: 24KB - Virtual size: 21KB

.text
Size: 180KB - Virtual size: 178KB

.rdata
Size: 44KB - Virtual size: 42KB

.data
Size: 12KB - Virtual size: 28KB

.rsrc
Size: 24KB - Virtual size: 21KB