16808eeea166406c6060b3ff43138e44

Sharing

Copy URL Twitter E-mail

General

Target

16808eeea166406c6060b3ff43138e44
Size

20KB
MD5

16808eeea166406c6060b3ff43138e44
SHA1

7748f82b3856702072f0f8561d9dd26c69480029
SHA256

082ee8cb335b303e6f4d2288ca77a3def22f68305b6a5f2134486d38d97aa746
SHA512

9fa4197d53318fa8dcfe722cce30dbb8a86aa8fb40a65ccc787b243733c08b3cab8fbb376d1b2eb1f0ac292ed78b1c93f1d6dd8b43bd4ec66498bb7011fa928a
SSDEEP

384:ygpgj6N8nzmtVHV6YSA0RIL70KKn1xarN13b8swUXbG:yeg68nEqI0KK1xar7xXbG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
16808eeea166406c6060b3ff43138e44

Files

16808eeea166406c6060b3ff43138e44
.dll windows:4 windows x86 arch:x86

65c272af2f6452ccdf295dc237645a59

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LocalFree
MapViewOfFile
CloseHandle
UnmapViewOfFile
GetCurrentProcess
GetVersionExA
CreateEventA
GetModuleFileNameA
SetSystemTime
FreeLibrary
GetSystemDirectoryA
DeviceIoControl
CreateFileA
WriteFile
LockResource
SizeofResource
LoadResource
FindResourceA
Sleep
OpenProcess
WaitForSingleObject
GetLastError
lstrcmpA
GetTickCount
lstrlenA
lstrcatA
GetTempPathA
CreateThread
LoadLibraryA
GetProcAddress
CreateToolhelp32Snapshot
Process32First
GetCurrentProcessId
Process32Next
lstrcmpiA
GetSystemTime
ExitProcess

user32

PostMessageA
GetWindowThreadProcessId
IsWindow
SetWindowsHookExA
SetWindowTextA
GetParent
CallNextHookEx
FindWindowExA
GetWindowTextA
wsprintfA

advapi32

OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
GetSecurityInfo
SetEntriesInAclA
SetSecurityInfo
RegCloseKey
RegSetValueExA
RegCreateKeyExA
RegOpenKeyExA
CloseServiceHandle
CreateServiceA
DeleteService
OpenServiceA
StartServiceA
ControlService
OpenSCManagerA
RegNotifyChangeKeyValue

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.Game
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

65c272af2f6452ccdf295dc237645a59

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

Sections

.text Size: 5KB - Virtual size: 4KB

.rdata Size: 5KB - Virtual size: 5KB

.data Size: 1024B - Virtual size: 1KB

.Game Size: 512B - Virtual size: 32B

.rsrc Size: 5KB - Virtual size: 5KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 5KB - Virtual size: 4KB

.rdata
Size: 5KB - Virtual size: 5KB

.data
Size: 1024B - Virtual size: 1KB

.Game
Size: 512B - Virtual size: 32B

.rsrc
Size: 5KB - Virtual size: 5KB

.reloc
Size: 1KB - Virtual size: 1KB