16024b312b16e577d4ac87e79ccb79e1

Sharing

Copy URL

Twitter E-mail

General

Target

16024b312b16e577d4ac87e79ccb79e1
Size

87KB
MD5

16024b312b16e577d4ac87e79ccb79e1
SHA1

4e92cdfd6c00b76e85632bf5a5f4cd644c3ff0d4
SHA256

9b3f388243b794921858cc4407791cefbc5f963e67bb09d9a0ccdba0d91fa7e8
SHA512

efa3f0f31757c89607bcc95cf7fc5d7963670803d743294a53eac622c0f092eaf5f4802066cdd9a4211732d15ea7377f6f2746dd4521ea7267c6db9a1c43fae3
SSDEEP

1536:nIOZAW+AfPoKR2m7QXwa0ihfkL9+HMCLSJ3NvXIvNapmsfRHzzOQGfi6z7j2nkUY:Iy+s77kf5Mfvw1a4sZPVGfnz/2T8XF6O

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
16024b312b16e577d4ac87e79ccb79e1

Files

16024b312b16e577d4ac87e79ccb79e1
.exe windows:4 windows x86 arch:x86

2227ec3a9d96de63aa5d60057e713762

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetProcessAffinityMask
FillConsoleOutputAttribute
GetSystemDefaultLangID
GetSystemPowerStatus
FileTimeToDosDateTime
GetFileInformationByHandle
SetSystemPowerState
CancelIo
FindNextFileA
LockFile
VirtualFree
GetStringTypeExA
GetPrivateProfileIntA
SetConsoleActiveScreenBuffer
LocalHandle
RemoveDirectoryW
Toolhelp32ReadProcessMemory
HeapDestroy
OpenSemaphoreW
WriteFileGather
GetBinaryTypeW
FillConsoleOutputCharacterA
GetHandleInformation
EnumCalendarInfoW
CreateFileMappingW
SwitchToThread
GetEnvironmentStringsA
FileTimeToLocalFileTime
ReadDirectoryChangesW
FindFirstFileExA
GetAtomNameW
VirtualAlloc
BackupRead
SetLocalTime
SetPriorityClass
CallNamedPipeW
RemoveDirectoryA
EnumTimeFormatsW
GetUserDefaultLangID
GetCommTimeouts
GlobalDeleteAtom
GetModuleFileNameW
GetPrivateProfileStringW
FindCloseChangeNotification
VirtualFreeEx
LoadLibraryA
SetConsoleCP
SetProcessShutdownParameters
ReadConsoleA
SetConsoleCursorPosition
SetConsoleWindowInfo
GetLocalTime
SetCommConfig
GetTempPathA
GetTapeParameters
SetProcessWorkingSetSize
GetPrivateProfileStructW
WritePrivateProfileStringA
VirtualProtect
GetTempFileNameW
UnmapViewOfFile
IsDebuggerPresent
WriteProfileStringA
FillConsoleOutputCharacterW
ScrollConsoleScreenBufferW
MoveFileW
GetFileTime
GetProfileSectionA
SetFilePointer
GetModuleFileNameA
HeapCreate

shlwapi

SHOpenRegStream2A
SHRegOpenUSKeyA
StrRetToBufA
SHQueryValueExW
SHSetValueW
UrlIsNoHistoryW
PathStripPathW
UrlCreateFromPathW
PathRemoveExtensionW
StrToIntW
StrRChrIA
UrlCompareW
PathGetCharTypeW
StrCatBuffA
PathRemoveFileSpecW
StrCmpNIA
PathIsDirectoryW
PathRemoveArgsA
PathMakeSystemFolderA
PathAddExtensionW
PathIsNetworkPathA
UrlCompareA
HashData
PathCanonicalizeA
PathRemoveBackslashA
PathRelativePathToA
SHRegWriteUSValueA
ChrCmpIW
UrlIsA
SHRegOpenUSKeyW
PathRemoveExtensionA
SHCopyKeyW
PathCommonPrefixA
SHDeleteEmptyKeyW
StrRetToBufW
SHRegDeleteEmptyUSKeyA
SHRegQueryInfoUSKeyW
PathSetDlgItemPathW
StrToIntA
StrCmpNA
SHRegGetBoolUSValueW
ColorAdjustLuma
SHRegCreateUSKeyA
AssocQueryStringByKeyW
PathSearchAndQualifyA
SHRegQueryInfoUSKeyA
StrIsIntlEqualA
SHRegGetUSValueA
SHEnumValueW
UrlApplySchemeW
PathFindExtensionW
SHCreateStreamOnFileA
SHQueryValueExA
PathStripPathA
StrIsIntlEqualW
PathFileExistsW
PathCommonPrefixW
PathUnmakeSystemFolderA
PathIsRootW
PathUnquoteSpacesA
ChrCmpIA
StrRChrA
StrDupA
PathFileExistsA
SHDeleteValueW
StrChrW
PathRemoveArgsW
wvnsprintfA
PathFindExtensionA
PathBuildRootW
PathCompactPathExW
SHGetThreadRef
SHRegDuplicateHKey
PathCompactPathW
SHSetThreadRef

ole32

CreateBindCtx
CoQueryAuthenticationServices
CreateFileMoniker
OleSetContainedObject
GetHookInterface
OleCreateFromFileEx
SetConvertStg
OleGetIconOfFile
StringFromCLSID
ReadOleStg
CreateOleAdviseHolder
OleCreateLink
EnableHookObject
GetDocumentBitStg
GetRunningObjectTable
OleSetClipboard
CoQueryReleaseObject
IsAccelerator
DllDebugObjectRPCHook
CoGetCallContext
CoRevokeClassObject
OleGetClipboard
OleCreateLinkEx
ReleaseStgMedium
OleRegGetMiscStatus
CoReleaseServerProcess
OleCreate
OleCreateFromData
OleLoad
OleIsCurrentClipboard
IsEqualGUID
CoMarshalInterface
CoGetCurrentLogicalThreadId
OleRegEnumFormatEtc
ReadStringStream
CreateItemMoniker
CoCreateInstance
PropVariantCopy
CoCreateFreeThreadedMarshaler
RevokeDragDrop
GetConvertStg
CoLockObjectExternal
OleDestroyMenuDescriptor
OleNoteObjectVisible
StringFromIID
OleCreateStaticFromData
CoGetMalloc
PropVariantClear
OleCreateLinkToFile
OleCreateEx
OleLockRunning
CoTaskMemFree
OleCreateDefaultHandler
CLSIDFromProgID
MonikerCommonPrefixWith
SetDocumentBitStg
OleConvertOLESTREAMToIStorageEx
CoRegisterChannelHook
CoResumeClassObjects
CoUnmarshalHresult
OleTranslateAccelerator
CoTreatAsClass
CoGetStandardMarshal
CoQueryClientBlanket
WriteClassStg

advapi32

AddAccessDeniedAce
IsTextUnicode
RegQueryValueExA
RegCreateKeyA
SetEntriesInAclW
ReportEventA
RegCreateKeyW
LookupPrivilegeDisplayNameA
SetEntriesInAclA
DeregisterEventSource
LookupSecurityDescriptorPartsA
RegisterEventSourceA
CryptDecrypt
ClearEventLogA
ObjectPrivilegeAuditAlarmA
ControlService
SetThreadToken
GetExplicitEntriesFromAclA
RegUnLoadKeyA
GetAuditedPermissionsFromAclW
SetNamedSecurityInfoA
DuplicateToken
GetAccessPermissionsForObjectA
BuildTrusteeWithNameA
GetExplicitEntriesFromAclW
SetServiceBits
GetServiceKeyNameA
CryptAcquireContextW
CancelOverlappedAccess
ChangeServiceConfigA
ObjectOpenAuditAlarmW
RegOpenKeyW
CryptGetHashParam
RegisterServiceCtrlHandlerW
ObjectDeleteAuditAlarmW
OpenEventLogW
GetOldestEventLogRecord
SetTokenInformation
BackupEventLogW
SetSecurityInfoExA
GetOverlappedAccessResults
RegSetKeySecurity
RegQueryInfoKeyW
SetSecurityDescriptorGroup
RegEnumKeyExW
RegReplaceKeyA
SetEntriesInAccessListA
AllocateAndInitializeSid
RegConnectRegistryW
StartServiceCtrlDispatcherW
BuildSecurityDescriptorW
GetMultipleTrusteeW
ReadEventLogA
CryptReleaseContext
GetNamedSecurityInfoA
CryptGetDefaultProviderW
GetTrusteeTypeW
BuildImpersonateTrusteeW
GetSidLengthRequired
RevertToSelf
RegQueryValueExW
QueryServiceObjectSecurity
AddAccessAllowedAce
RegSetValueExA
CryptGenRandom
BuildSecurityDescriptorA
GetSecurityInfoExA
EnumDependentServicesA
CryptGetKeyParam
CryptDestroyHash
TrusteeAccessToObjectA
QueryServiceStatus
LookupPrivilegeValueW
CryptGetUserKey
ObjectOpenAuditAlarmA
RegEnumKeyW
AccessCheck
InitializeSecurityDescriptor
RegCreateKeyExW
GetAuditedPermissionsFromAclA
CreateProcessAsUserW
SetEntriesInAuditListA
StartServiceA
CloseEventLog
CryptEncrypt

user32

SetRect
EnableScrollBar
IsCharLowerA
SetMenuItemBitmaps
ToAscii
SetProcessDefaultLayout
GetForegroundWindow
DrawEdge
GetDlgCtrlID
SetPropA
FindWindowExW
ReplyMessage
EqualRect
IsWindowUnicode
GetCaretPos
TabbedTextOutA
GetFocus
GetMonitorInfoW
UnregisterDeviceNotification
SetFocus
SetTimer
InvalidateRgn
IsIconic
BroadcastSystemMessage
DdeFreeStringHandle
PackDDElParam
DdeSetUserHandle
SetMenuInfo
GetWindowTextLengthW
SendMessageTimeoutW
CloseDesktop
GetWindowTextW
CharLowerA
UpdateWindow
SetWindowRgn
CreateIconFromResource
ToUnicode
GetMessageTime
SystemParametersInfoW
EnumDisplaySettingsExA
SetClassLongW
BroadcastSystemMessageA
SetWindowsHookW
LoadAcceleratorsW
DdeAbandonTransaction
CreateMDIWindowW
ModifyMenuW
EnumDisplaySettingsExW
GetWindow
CharUpperBuffW
GetActiveWindow
SetWindowLongW
DrawTextExW
DrawIcon
SetClipboardData
ReuseDDElParam
IsDialogMessage
GetMessageExtraInfo
RegisterWindowMessageW
RemovePropA
DeferWindowPos
GetClassInfoExW
DlgDirListComboBoxA
RegisterHotKey
AnyPopup
IsCharAlphaNumericW
GetWindowTextLengthA
GrayStringA
EnumDisplayMonitors
GetSysColor
AppendMenuA
GrayStringW
CallWindowProcA
GetCursorInfo
ChangeDisplaySettingsExA
WindowFromDC
MessageBoxIndirectW
GetKeyState
CreateIconIndirect
CheckRadioButton
LoadKeyboardLayoutA
DdeCreateStringHandleW
DragDetect
LoadCursorW
DdePostAdvise
OemToCharW
GetGUIThreadInfo

Sections

.text
Size: 75KB - Virtual size: 75KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

2227ec3a9d96de63aa5d60057e713762

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

shlwapi

ole32

advapi32

user32

Sections

.text Size: 75KB - Virtual size: 75KB

.rdata Size: 11KB - Virtual size: 10KB

.data Size: - Virtual size: 16KB

.text
Size: 75KB - Virtual size: 75KB

.rdata
Size: 11KB - Virtual size: 10KB

.data
Size: - Virtual size: 16KB