16f0c6ae69c7d56de6260a0967cb9f34 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

16f0c6ae69c7d56de6260a0967cb9f34
Size

180KB
MD5

16f0c6ae69c7d56de6260a0967cb9f34
SHA1

57aa4212e42dd4ed24f831cc6b7287f1971b3768
SHA256

36f626328f511fea112173a9da89198c257b1cdf573e155963883323071344c6
SHA512

6b1e7a9cc8a477d79eeec8b0ff73f8104fce4e0584f749aa24ed701bc34320d932a9a59da1174284823ec04e543630efd42e18f0930f036d24d8c1bd555e4cd3
SSDEEP

3072:fw3Ty571HJbV6mjiivKnNUw+EHE/XrC4m5Kynkz79xWgPMi2avRY/yo:43TgNH6mjQ8EHE/Xr/k67rWd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
16f0c6ae69c7d56de6260a0967cb9f34

Files

16f0c6ae69c7d56de6260a0967cb9f34
.exe windows:4 windows x86 arch:x86

116f2289c7f8865cb4a9586061e592da

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

timeEndPeriod

newdev

UpdateDriverForPlugAndPlayDevicesW

shlwapi

PathCombineW
PathAppendW
SHGetValueW
PathRemoveFileSpecW
PathFileExistsW

rpcrt4

NdrByteCountPointerFree
UuidCreate

kernel32

WriteProcessMemory
GetThreadContext
FlushInstructionCache
GlobalFree
GetLastError
GlobalAlloc
DuplicateHandle
GetVersionExW
GetCurrentThreadId
ExitProcess
CreateFileW
GlobalLock
SetLocaleInfoW
VirtualProtectEx
WaitForSingleObject
GetCurrentProcess
GlobalUnlock
TlsSetValue
SetLastError
GetTempPathW

Sections

.text
Size: 110KB - Virtual size: 109KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 976B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 67KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ