16c8b9ddd84460d66e234f0a1f01c52e

Sharing

Copy URL Twitter E-mail

General

Target

16c8b9ddd84460d66e234f0a1f01c52e
Size

419KB
MD5

16c8b9ddd84460d66e234f0a1f01c52e
SHA1

f6c63f1c7ddb88ff5ee49c3f355248c84609cdea
SHA256

6ed4f8a394c508c20d58c92d07200cbd383b5e544ef870e29e358554613890eb
SHA512

494d04fea98203466b2eb108e62e2f6794e8c762b7497034fd6961384095fcb56799223a3314ca9cf06575fd6269fc9e8a7b900611f74ab7cd4c27797ed6e9ab
SSDEEP

12288:YHUKEhIHcGFS71wm5QH7HEh1qhzt5/BcAiJstIlPz1m:VwmCHjUixBiytKz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
16c8b9ddd84460d66e234f0a1f01c52e

Files

16c8b9ddd84460d66e234f0a1f01c52e
.exe windows:4 windows x86 arch:x86

85314473e363bcedbc1edb36e18abf58

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLocaleInfoA
GetStringTypeA
WriteFile
IsValidLocale
GetProcAddress
GetTimeZoneInformation
HeapReAlloc
LCMapStringW
EnumResourceTypesA
GetFileType
GetCurrentProcessId
MultiByteToWideChar
lstrcpy
FreeLibrary
SetConsoleCtrlHandler
Sleep
GetUserDefaultLCID
CreateMutexA
SetEnvironmentVariableA
TlsAlloc
GetCommandLineA
SetLastError
GetProcAddress
GetProcessHeap
HeapCreate
CreateEventA
GetEnvironmentStrings
GetShortPathNameA
WideCharToMultiByte
ExitProcess
GetTickCount
CreateMailslotA
LeaveCriticalSection
HeapFree
EnterCriticalSection
GetModuleFileNameA
GetLocaleInfoW
LoadLibraryA
QueryPerformanceCounter
DeleteCriticalSection
VirtualAlloc
LocalUnlock
WriteConsoleInputW
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetCurrentThreadId
TlsSetValue
EnumSystemLocalesA
GetACP
GetCurrentThread
InterlockedIncrement
SetHandleCount
GetStringTypeW
CompareStringA
GetSystemTimeAsFileTime
FreeEnvironmentStringsA
FileTimeToDosDateTime
GetOEMCP
FreeEnvironmentStringsW
GetCPInfo
VirtualAllocEx
IsValidCodePage
HeapDestroy
TlsGetValue
MoveFileExA
GetCommandLineW
IsDebuggerPresent
UnhandledExceptionFilter
GetStdHandle
LCMapStringA
GetDateFormatA
GetTempPathW
InterlockedExchange
GetLastError
TlsFree
CompareStringW
HeapSize
GetLogicalDriveStringsA
GlobalFix
GetVersionExA
GetStartupInfoW
HeapAlloc
InterlockedDecrement
OpenMutexA
lstrcmp
GetStartupInfoA
VirtualQuery
GetModuleHandleA
InitializeCriticalSection
GetEnvironmentStringsW
GetModuleFileNameW
RtlUnwind
SetConsoleTitleA
VirtualFree
SetConsoleCP
GetTimeFormatA

shell32

SHLoadInProc
InternalExtractIconListW
SHGetDataFromIDListW
SheChangeDirA
SheChangeDirExW
SHFileOperationA
ShellExecuteW
ExtractIconExW
ShellHookProc
ExtractIconExA
SheGetDirA

Sections

.text
Size: 137KB - Virtual size: 137KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 275KB - Virtual size: 301KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

85314473e363bcedbc1edb36e18abf58

Headers

File Characteristics

Imports

kernel32

shell32

Sections

.text Size: 137KB - Virtual size: 137KB

.data Size: 275KB - Virtual size: 301KB

.rsrc Size: 5KB - Virtual size: 4KB

.text
Size: 137KB - Virtual size: 137KB

.data
Size: 275KB - Virtual size: 301KB

.rsrc
Size: 5KB - Virtual size: 4KB