16c06281aed25f3dd1d2a1383e1a0a9c

Sharing

Copy URL Twitter E-mail

General

Target

16c06281aed25f3dd1d2a1383e1a0a9c
Size

23KB
MD5

16c06281aed25f3dd1d2a1383e1a0a9c
SHA1

0e43005e32c8202663d07963907d8f044e62f9a8
SHA256

4579d5141f6134c3a2021145c0b232a8f02edf908163f39f6229b86c40291b0c
SHA512

992cbc85f2123c1144e16f899952ccde0984629c66ad0fceeb7e8ce9ae9c333ccb501ea8c917face55686648b1e4708b8bda94c66b3666677bebcdc0d4de6903
SSDEEP

384:nJKe96TXSM+Kq1IKE8DybJ4S3kZjO0TfQ+IIfmRrg21lQG+ulPAKNC7mZJOnt0cd:V9675+Kq6KFEx3qyD6ORtT+OP7C7mZo/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
16c06281aed25f3dd1d2a1383e1a0a9c

Files

16c06281aed25f3dd1d2a1383e1a0a9c
.exe windows:4 windows x86 arch:x86

7a0b59abac14d993ab402d8515019d3f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

CloseHandle
CreateFileA
CreateProcessA
DeleteFileA
ExitProcess
FindClose
FindFirstFileA
FindNextFileA
FlushFileBuffers
FreeEnvironmentStringsA
GetCommandLineA
GetEnvironmentStringsA
GetFileSize
GetFileType
GetLastError
GetModuleHandleA
GetProcAddress
GetStartupInfoA
GetSystemInfo
GetVersionExA
GlobalAlloc
GlobalFree
MultiByteToWideChar
ReadFile
SetEndOfFile
SetErrorMode
SetFilePointer
SetLastError
Sleep
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
WaitForSingleObject
WideCharToMultiByte
WriteFile
GetModuleFileNameA
GetSystemDirectoryA
RtlMoveMemory
GetCurrentProcessId
RegisterServiceProcess

advapi32

RegOpenKeyExA
RegCloseKey
RegCreateKeyExA
RegQueryValueExA
RegSetValueExA

gdi32

MoveToEx

ole32

CoInitialize
CoUninitialize

oleaut32

SafeArrayCreate
SysAllocStringByteLen
SysFreeString
SysStringByteLen
VariantClear
VariantCopy

urlmon

URLDownloadToFileA

user32

CreateDialogIndirectParamA
CreateDialogParamA
CreateWindowExA
DialogBoxIndirectParamA
DialogBoxParamA
GetWindow

Exports

Exports

GETSYSTEMDIR
ISWIN95

Sections

.text
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.link
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rloc
Size: 1024B - Virtual size: 552B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rebld_i
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

7a0b59abac14d993ab402d8515019d3f

Headers

File Characteristics

Imports

kernel32

advapi32

gdi32

ole32

oleaut32

urlmon

user32

Exports

Exports

Sections

.text Size: 17KB - Virtual size: 16KB

.data Size: 1024B - Virtual size: 1KB

.link Size: 2KB - Virtual size: 1KB

.rloc Size: 1024B - Virtual size: 552B

.rebld_i Size: 1KB - Virtual size: 1KB

.text
Size: 17KB - Virtual size: 16KB

.data
Size: 1024B - Virtual size: 1KB

.link
Size: 2KB - Virtual size: 1KB

.rloc
Size: 1024B - Virtual size: 552B

.rebld_i
Size: 1KB - Virtual size: 1KB