16f30d40b67a941403e58d84db09cc7e | Triage

Sharing

Copy URL Twitter E-mail

General

Target

16f30d40b67a941403e58d84db09cc7e
Size

20KB
MD5

16f30d40b67a941403e58d84db09cc7e
SHA1

2ed45a26674fe83d641073ff9c9bd31c55aa8cb2
SHA256

d8cb6435c4d7ba52006d6cf9b67105396ea60ccacfbec85a6a4a49078fbc2b51
SHA512

e8fd09c4440ce4bf399965fe027ebf78bf554da1fb11b1b53d5ab52877d7549f255d99b500e6887812753057ecd81e705e2d627b881ce950a81f98b66d4b120e
SSDEEP

192:oJO4UDSZY87ox/ohus+NiuKRlD4J2KyINljnlS+KnNKWOjjcOsHj9wi/1XAOl0Ga:Ad0vsBRKJnKMjjcL9wKtAOl0szto

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
16f30d40b67a941403e58d84db09cc7e

Files

16f30d40b67a941403e58d84db09cc7e
.exe windows:4 windows x86 arch:x86

263865f9ab980f8ba5bf74939c310ef3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
GetProcessHeap
GetFileAttributesA
GetTempPathA
CloseHandle
WaitForSingleObject
GetProcAddress
SetFilePointer
CreateFileA
lstrlenA
GetModuleFileNameA
SetEvent
LoadLibraryA
lstrcpyA
CreateEventA
RtlUnwind
ExitProcess
CreateThread
GetVersionExA
WriteFile
ExitThread
lstrcatA

user32

wsprintfA
DestroyWindow
MsgWaitForMultipleObjects
DispatchMessageA
TranslateMessage
PeekMessageA
ShowWindow
CreateWindowExA
SetThreadDesktop
CreateDesktopA
CharToOemA
BeginPaint
IsWindow
GetTopWindow

Sections

.text
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ