716c1661cb0ce84b2237f47d4513f70d

Sharing

Copy URL

Twitter E-mail

General

Target

716c1661cb0ce84b2237f47d4513f70d
Size

169KB
MD5

716c1661cb0ce84b2237f47d4513f70d
SHA1

44e0e5a85352b35daa41032a90df2cdc2fa458a0
SHA256

97e84b99983c8408d3d0c52b89ea8dd49b920f45f769388b7455d3dee9a9befd
SHA512

857ed75f5e11bb89665866b6a05dc3a5bcff377fde63e7d55d007fbc8f1a6fd35599ab6e1d636d79f582cb6254ffbccda18dd3502584d1f743468f63d062336d
SSDEEP

3072:sy+oLJ2cqS+M+DJXyoCAB17lDGdcljKotljy8kMiX/9jfpqKIsciU:s6LJ2cqS3YJXybABtlK2lVQ9jIKFciU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
716c1661cb0ce84b2237f47d4513f70d

Files

716c1661cb0ce84b2237f47d4513f70d
.exe windows:4 windows x86 arch:x86

41e8a6cfc5efd1d16a97a6a21bb291d2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

setupapi

SetupDiEnumDeviceInfo
SetupDiGetDeviceRegistryPropertyA
SetupDiGetClassDevsA

kernel32

LocalAlloc
GetShortPathNameW
CreateFileW
GetTickCount
Sleep
LocalFree
WriteFile
GetProcessAffinityMask
UnmapViewOfFile
DisableThreadLibraryCalls
EnumResourceTypesW
MapViewOfFile
CreateFileA
GlobalAlloc
GetFileAttributesA
GlobalFree
WideCharToMultiByte
ReadFile
SetFilePointer
CreateFileMappingA
GlobalSize
GetFileSize
CloseHandle

gdiplus

GdipCreateBitmapFromFileICM
GdipCreateBitmapFromFile
GdipFree
GdipAlloc
GdipGetImagePixelFormat
GdipDisposeImage
GdipCloneImage

winmm

timeGetTime
timeSetEvent

ole32

CreateItemMoniker
OleInitialize
OleUninitialize
CreateBindCtx
StgCreateDocfile
CoTaskMemAlloc
CoTaskMemFree
OleLockRunning
CoSetProxyBlanket
StgIsStorageFile
CLSIDFromProgID
CoGetClassObject
StgOpenStorage
CoTaskMemRealloc
StringFromGUID2
CoInitialize
CreateStreamOnHGlobal
BindMoniker
GetRunningObjectTable
CoUninitialize
CoInitializeSecurity
CoCreateInstance
CLSIDFromString

user32

SetFocus
GetParent
GetDesktopWindow
RegisterClassExA
InvalidateRgn
CreateWindowExA
CreateDialogParamA
GetDlgItem
LoadCursorA
SetRect
CopyRect
GetClientRect
FillRect
SetWindowTextA
GetQueueStatus
GetDC
EnumDisplayDevicesA
UnregisterClassA
DispatchMessageA
GetSysColor
wsprintfA
MoveWindow
SendNotifyMessageA
RedrawWindow
FindWindowA
SendMessageA
SendMessageTimeoutA
EqualRect
DefWindowProcA
DrawTextA
PeekMessageA
SetCapture
RegisterWindowMessageA
CallWindowProcA
GetWindowLongA
SetWindowLongA
DestroyWindow
PostMessageA
PostThreadMessageA
DestroyAcceleratorTable
CreateAcceleratorTableA
SetTimer
GetClassInfoExA
BeginPaint
GetWindowRect
IsWindow
SetParent
GetClassNameA
GetActiveWindow
MsgWaitForMultipleObjects
GetWindowTextLengthA
IsChild
CharNextA
GetWindowTextA
GetWindow
GetFocus
EndPaint
KillTimer
ReleaseCapture
ShowWindow
wvsprintfA
ReleaseDC
InvalidateRect
SetWindowPos

wininet

InternetReadFile
InternetOpenUrlA
InternetOpenA
InternetCloseHandle

shlwapi

PathFileExistsW
PathCombineW

version

VerQueryValueW
GetFileVersionInfoSizeA
GetFileVersionInfoW
GetFileVersionInfoA
GetFileVersionInfoSizeW
VerQueryValueA

advapi32

CryptGetHashParam
RegQueryInfoKeyA
CryptHashData
CryptAcquireContextA
CryptDestroyHash
RegCreateKeyExA
CryptDestroyKey
RegDeleteValueA
RegEnumValueA
RegCloseKey
CryptImportKey
RegSetValueExA
RegEnumKeyExA
CryptEncrypt
CryptCreateHash
RegQueryValueExA
RegOpenKeyExA
CryptReleaseContext
RegDeleteKeyA

gdi32

ExtEscape
BitBlt
StretchDIBits
CreateSolidBrush
DeleteObject
RealizePalette
SetStretchBltMode
GetDIBits
CreateDIBSection
CreateFontA
GetObjectA
CreateCompatibleDC
DeleteDC
CreateCompatibleBitmap
GetDeviceCaps
GetStockObject
SelectObject
CreateDIBitmap
SelectPalette
SetBkMode

shell32

SHGetSpecialFolderPathA
SHGetSpecialFolderPathW

Sections

.text
Size: 97KB - Virtual size: 96KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 65KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 1024B - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

41e8a6cfc5efd1d16a97a6a21bb291d2

Headers

File Characteristics

Imports

setupapi

kernel32

gdiplus

winmm

ole32

user32

wininet

shlwapi

version

advapi32

gdi32

shell32

Sections

.text Size: 97KB - Virtual size: 96KB

.rdata Size: 5KB - Virtual size: 4KB

.bss Size: 65KB - Virtual size: 64KB

.tls Size: 1024B - Virtual size: 96KB

.text
Size: 97KB - Virtual size: 96KB

.rdata
Size: 5KB - Virtual size: 4KB

.bss
Size: 65KB - Virtual size: 64KB

.tls
Size: 1024B - Virtual size: 96KB