c16aaf6ca044668907a7b20d7922070f

Sharing

Copy URL Twitter E-mail

General

Target

c16aaf6ca044668907a7b20d7922070f
Size

458KB
MD5

c16aaf6ca044668907a7b20d7922070f
SHA1

9c850548557d0ff0cfb809bb06b4139930f0dc42
SHA256

9669b19c59e0ff9d9a0df4773b639fed6d635cca6fcf5b7bb0bd77945f976d2e
SHA512

99a82bc09684854074f6599122255020de3db123ed0f49c4fa66ad88aa41643250f04252dc44b0df025a817a4046ee940edb2c4841746db5b6ed07e1f2440db9
SSDEEP

6144:0aCC/CVb6h7iEIlAOivFl/vShq8xrAd+Dd9H+BTEusi+0VZNjSDvwRUA5Q3cuLZE:DKVb6V0la1IzJ9eBB+0IDWUA5Q3JNz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c16aaf6ca044668907a7b20d7922070f

Files

c16aaf6ca044668907a7b20d7922070f
.exe windows:5 windows x86 arch:x86

ecf3b92edf841ce48743750fe64ac3bc

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LocalSize
LocalUnlock
SizeofResource
LoadResource
FindResourceExW
FindResourceExA
GetModuleHandleW
DisableThreadLibraryCalls
GetCurrentThreadId
IsDBCSLeadByteEx
SearchPathW
ExpandEnvironmentStringsW
LoadLibraryExW
GlobalAddAtomW
GetSystemDirectoryW
GetComputerNameW
GetCurrentProcess
GetCurrentThread
ExitThread
GetExitCodeThread
CreateThread
HeapReAlloc
GlobalHandle
FoldStringW
Sleep
GetStringTypeW
GetStringTypeA
GetCPInfo
HeapSize
CloseHandle
UnmapViewOfFile
MapViewOfFile
CreateFileMappingW
GetFileSize
ReadFile
SetFileTime
GetFileTime
GetSystemWindowsDirectoryW
CopyFileW
MoveFileW
DeleteFileW
CreateProcessW
AddAtomA
AddAtomW
GetAtomNameW
GetAtomNameA
IsValidLocale
ConvertDefaultLocale
CompareStringW
GetCurrentDirectoryW
SetCurrentDirectoryW
lstrlenW
GetLogicalDrives
FindClose
FindNextFileW
FindFirstFileW
GetThreadLocale
VirtualFree
ProcessIdToSessionId
GetCurrentProcessId
InterlockedCompareExchange
IsDBCSLeadByte
LCMapStringW
QueryPerformanceCounter
QueryPerformanceFrequency
GetTickCount
lstrlenA
GlobalFindAtomA
GetModuleFileNameA
GetModuleHandleA
GlobalAddAtomA
DelayLoadFailureHook
LoadLibraryA
GetSystemTimeAsFileTime
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
LocalLock
LocalReAlloc
GetACP
GetOEMCP
InterlockedIncrement
InterlockedDecrement
SetLastError
GlobalFindAtomW
GlobalAlloc
MultiByteToWideChar
GlobalReAlloc
GetLastError
GetProcAddress
LoadLibraryW
FreeLibrary
lstrcpynW
CreateFileW
WritePrivateProfileStringW
lstrcmpiW
SetEvent
WaitForMultipleObjectsEx
WideCharToMultiByte
GlobalFlags
GetLocaleInfoW
GlobalFree
GetModuleFileNameW
GlobalGetAtomNameW
GlobalGetAtomNameA
InterlockedExchange
DeleteAtom
LocalAlloc
GlobalDeleteAtom
LocalFree
GlobalSize
GlobalLock
GlobalUnlock
GetUserDefaultLCID
HeapAlloc
HeapFree
lstrcpyW
lstrcatW
GetPrivateProfileStringW
RegisterWaitForInputIdle

gdi32

GetClipRgn
ExtSelectClipRgn
GetHFONT
GetMapMode
SetGraphicsMode
GetClipBox
CreateRectRgn
CreateRectRgnIndirect
SetLayout
GetBoundsRect
ExcludeClipRect
PlayEnhMetaFile
CreatePen
Ellipse
CreateEllipticRgn
GdiFixUpHandle
GetTextCharacterExtra
SetTextCharacterExtra
GetCurrentObject
GetViewportOrgEx
SetViewportOrgEx
PolyPatBlt
CreateBrushIndirect
SetBoundsRect
CopyEnhMetaFileW
CopyMetaFileW
GetPaletteEntries
CreatePalette
SetPaletteEntries
bInitSystemAndFontsDirectoriesW
bMakePathNameW
cGetTTFFromFOT
GetPixel
ExtTextOutA
GetTextCharsetInfo
QueryFontAssocStatus
GetCharWidthInfo
GetCharWidthA
GetTextFaceW
GetCharABCWidthsA
GetCharABCWidthsW
SetBrushOrgEx
CreateFontIndirectW
EnumFontsW
GetTextFaceAliasW
GetTextMetricsW
GetTextColor
GetBkMode
GetViewportExtEx
GetWindowExtEx
GdiGetCharDimensions
GdiGetCodePage
GetTextCharset
GdiPrinterThunk
GdiAddFontResourceW
TranslateCharsetInfo
SaveDC
OffsetWindowOrgEx
RestoreDC
ExtTextOutW
GetObjectType
GetDIBits
CreateDIBSection
SetStretchBltMode
SelectPalette
RealizePalette
SetDIBits
CreateDCW
CreateDIBitmap
CreateCompatibleBitmap
SetBitmapBits
DeleteDC
GdiValidateHandle
GdiProcessSetup
CreateSolidBrush
GetStockObject
CreateCompatibleDC
GdiConvertBitmapV5
GdiCreateLocalEnhMetaFile
GdiCreateLocalMetaFilePict
GetRgnBox
CombineRgn
OffsetRgn
MirrorRgn
EnableEUDC
GdiConvertToDevmodeW
GetTextExtentPointA
GetTextExtentPointW
CreateBitmap
SetLayoutWidth
PatBlt
TextOutA
TextOutW
BitBlt
GdiConvertAndCheckDC
StretchBlt
SetRectRgn
GdiReleaseDC
GdiConvertEnhMetaFile
GdiConvertMetaFilePict
DeleteEnhMetaFile
DeleteMetaFile
DeleteObject
GetDIBColorTable
GetDeviceCaps
StretchDIBits
GetLayout
SetBkColor
SetTextColor
GetObjectW
GetBkColor
SetBkMode
SelectObject
IntersectClipRect
GetTextAlign
SetTextAlign
GdiDllInitialize

Sections

.text
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 812B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 2KB - Virtual size: 13B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aadata
Size: 2KB - Virtual size: 483B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.o99pa
Size: 2KB - Virtual size: 115B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.o9code
Size: 2KB - Virtual size: 242B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aao
Size: 128KB - Virtual size: 127KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.iq
Size: 2KB - Virtual size: 60B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.oooa
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.obb
Size: 2KB - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.obb2
Size: 2KB - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.obb3
Size: 2KB - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.obb4
Size: 2KB - Virtual size: 256B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.obb5
Size: 2KB - Virtual size: 6B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.obb6
Size: 2KB - Virtual size: 200B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.obb7
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.obb9
Size: 2KB - Virtual size: 30B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.oaps
Size: 2KB - Virtual size: 300B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.sef
Size: 2KB - Virtual size: 110B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.sef0
Size: 128KB - Virtual size: 127KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.sef3
Size: 2KB - Virtual size: 110B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.sef4
Size: 128KB - Virtual size: 127KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.CRT
Size: 2KB - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 364B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ecf3b92edf841ce48743750fe64ac3bc

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

gdi32

Sections

.text Size: 8KB - Virtual size: 7KB

.rdata Size: 10KB - Virtual size: 8KB

.data Size: 2KB - Virtual size: 812B

.tls Size: 2KB - Virtual size: 13B

.aadata Size: 2KB - Virtual size: 483B

.o99pa Size: 2KB - Virtual size: 115B

.o9code Size: 2KB - Virtual size: 242B

.aao Size: 128KB - Virtual size: 127KB

.iq Size: 2KB - Virtual size: 60B

.oooa Size: 4KB - Virtual size: 2KB

.obb Size: 2KB - Virtual size: 512B

.obb2 Size: 2KB - Virtual size: 512B

.obb3 Size: 2KB - Virtual size: 512B

.obb4 Size: 2KB - Virtual size: 256B

.obb5 Size: 2KB - Virtual size: 6B

.obb6 Size: 2KB - Virtual size: 200B

.obb7 Size: 2KB - Virtual size: 1KB

.obb9 Size: 2KB - Virtual size: 30B

.oaps Size: 2KB - Virtual size: 300B

.sef Size: 2KB - Virtual size: 110B

.sef0 Size: 128KB - Virtual size: 127KB

.sef3 Size: 2KB - Virtual size: 110B

.sef4 Size: 128KB - Virtual size: 127KB

.CRT Size: 2KB - Virtual size: 8B

.rsrc Size: 12KB - Virtual size: 10KB

.reloc Size: 2KB - Virtual size: 364B

.text
Size: 8KB - Virtual size: 7KB

.rdata
Size: 10KB - Virtual size: 8KB

.data
Size: 2KB - Virtual size: 812B

.tls
Size: 2KB - Virtual size: 13B

.aadata
Size: 2KB - Virtual size: 483B

.o99pa
Size: 2KB - Virtual size: 115B

.o9code
Size: 2KB - Virtual size: 242B

.aao
Size: 128KB - Virtual size: 127KB

.iq
Size: 2KB - Virtual size: 60B

.oooa
Size: 4KB - Virtual size: 2KB

.obb
Size: 2KB - Virtual size: 512B

.obb2
Size: 2KB - Virtual size: 512B

.obb3
Size: 2KB - Virtual size: 512B

.obb4
Size: 2KB - Virtual size: 256B

.obb5
Size: 2KB - Virtual size: 6B

.obb6
Size: 2KB - Virtual size: 200B

.obb7
Size: 2KB - Virtual size: 1KB

.obb9
Size: 2KB - Virtual size: 30B

.oaps
Size: 2KB - Virtual size: 300B

.sef
Size: 2KB - Virtual size: 110B

.sef0
Size: 128KB - Virtual size: 127KB

.sef3
Size: 2KB - Virtual size: 110B

.sef4
Size: 128KB - Virtual size: 127KB

.CRT
Size: 2KB - Virtual size: 8B

.rsrc
Size: 12KB - Virtual size: 10KB

.reloc
Size: 2KB - Virtual size: 364B