16d0c8c481b00d3915fbaac2345c2ce8

Sharing

Copy URL Twitter E-mail

General

Target

16d0c8c481b00d3915fbaac2345c2ce8
Size

76KB
MD5

16d0c8c481b00d3915fbaac2345c2ce8
SHA1

dc8af9e0ea9c39bbcf266c9b3be03ef14638705b
SHA256

5f52ece706e74152017396d8bea18b73a3be90a3c1caed55269511ccd187400a
SHA512

0eb2f442ede26af6f5244a28e9c6aadd25d5fa99f0415a1fbce9a809229a35b6bc3d7e6957c48e9dcc246a5d79c3188090761ac4780b3cb6cbbb6e6622009bf1
SSDEEP

1536:d99SHqMcH2kHb/q5S+UqqKW+sfBWemZwcn1jXER32li:jkcTb/qFUqqKWjfBfmXY2i

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
16d0c8c481b00d3915fbaac2345c2ce8

Files

16d0c8c481b00d3915fbaac2345c2ce8
.exe windows:4 windows x86 arch:x86

46e3f9ba8d76e6e9f84227750a498a8b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

crtdll

memset
memcpy
strcpy
strlen
strcat
strncpy
fopen
malloc
free
fclose
exit
fprintf
sprintf
fwrite
fflush
ferror
getenv
sscanf
fseek
strncmp
floor
_iob
_setjmp
_isnan
_lseek
_close
_fstat
_open
_read
_write

user32

wsprintfA
GetKeyState
keybd_event
GetAsyncKeyState
GetCursorPos
GetMessageExtraInfo
GetSystemMetrics
mouse_event
GetDesktopWindow
GetDC
SetCursorPos
SwapMouseButton
wvsprintfA
MessageBoxA
GetWindowThreadProcessId
IsWindowVisible
IsWindowEnabled
GetForegroundWindow
EnableWindow
EnumWindows
DestroyIcon
FillRect
GetWindowLongA
CallWindowProcA
DefWindowProcA
SetWindowLongA
GetWindowTextA
SetWindowTextA
DestroyWindow
SendMessageA
GetParent
CreateWindowExA
PostMessageA
LoadCursorA
LoadIconA
RegisterClassA
GetSysColor
AdjustWindowRect
GetActiveWindow
GetWindowRect
ShowWindow
GetWindow
SetActiveWindow
SetWindowPos
PeekMessageA
TranslateAcceleratorA
TranslateMessage
DispatchMessageA
GetClassNameA
SetFocus
UnregisterClassA
DestroyAcceleratorTable
GetFocus
IsChild
EnumChildWindows
CreateAcceleratorTableA
LoadImageA
SetCursor
SystemParametersInfoA
SetCapture
MapWindowPoints
ReleaseCapture
MoveWindow
EnumDisplaySettingsA
OpenClipboard
EmptyClipboard
CloseClipboard
GetClipboardData
SetClipboardData
ReleaseDC

gdi32

BitBlt
GetObjectType
DeleteObject
CreateDCA
CreateCompatibleBitmap
GetObjectA
GetStockObject
DeleteDC
CreateCompatibleDC
SelectObject
GetDIBits
CreateBrushIndirect
GetDeviceCaps
CreateSolidBrush
CreatePen
SetTextAlign
SetTextColor
SetPixelV
Rectangle
SetROP2
SetBkMode

advapi32

GetUserNameA
RegCreateKeyExA
RegConnectRegistryA
RegCloseKey
RegOpenKeyExA
RegSetValueExA
RegDeleteKeyA

wsock32

closesocket
WSACleanup
WSAStartup
send
socket
gethostbyname
htons
connect
ioctlsocket
recv
WSAGetLastError

comctl32

InitCommonControls

kernel32

GetModuleHandleA
GetCommandLineA
ExitProcess
HeapCreate
OpenProcess
TerminateProcess
CloseHandle
GetModuleFileNameA
Sleep
GlobalAlloc
GlobalFree
GetComputerNameA
CreateFileA
DeviceIoControl
Beep
GetDriveTypeA
HeapDestroy
HeapReAlloc
FreeLibrary
GetProcAddress
HeapAlloc
LoadLibraryA
IsBadReadPtr
HeapFree
CreateThread
GetCurrentThreadId
GetCurrentProcessId
WriteFile
GetFileSize
ReadFile
WaitForSingleObject
GetTickCount
CopyFileA
FindFirstFileA
FindClose
FindNextFileA
DeleteFileA
MoveFileA
SetFilePointer
GlobalLock
GlobalUnlock

shell32

SHGetSpecialFolderLocation
SHGetPathFromIDListA
ShellExecuteExA

Sections

.text
Size: 59KB - Virtual size: 58KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.flat
Size: 1024B - Virtual size: 910B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

46e3f9ba8d76e6e9f84227750a498a8b

Headers

File Characteristics

Imports

crtdll

user32

gdi32

advapi32

wsock32

comctl32

kernel32

shell32

Sections

.text Size: 59KB - Virtual size: 58KB

.data Size: 12KB - Virtual size: 16KB

.flat Size: 1024B - Virtual size: 910B

.text
Size: 59KB - Virtual size: 58KB

.data
Size: 12KB - Virtual size: 16KB

.flat
Size: 1024B - Virtual size: 910B