16f1ec1142d5acbce003e22fe0f0d9bc10ffc3ead91c9bd18e5b90eaf6264a04

Sharing

Copy URL Twitter E-mail

General

Target

16f1ec1142d5acbce003e22fe0f0d9bc10ffc3ead91c9bd18e5b90eaf6264a04
Size

60KB
MD5

ea878f6dda57c498977113778e381966
SHA1

6aab483fdf5d8619e049fe6c6dd898f371148690
SHA256

16f1ec1142d5acbce003e22fe0f0d9bc10ffc3ead91c9bd18e5b90eaf6264a04
SHA512

ab53e6362ee91c322cbd47ce36c30a6ce093359e4621c2d2462c88a39bfd681a79d9d7e296d2dadcd9479f91c1fd5e4c43d86977fb6c1bf76ff3d5472c639e38
SSDEEP

768:hnIbKjg2l1NYj3zid3pv72T5SW1+ibPD7P1oXkaij8/LpOktQH8rHm:VnljaM2T5SWbPD7P1oXX1/NftQcrH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
16f1ec1142d5acbce003e22fe0f0d9bc10ffc3ead91c9bd18e5b90eaf6264a04

Files

16f1ec1142d5acbce003e22fe0f0d9bc10ffc3ead91c9bd18e5b90eaf6264a04
.dll windows:4 windows x86 arch:x86

8eb54b64b0446f2461f7650caffee7e3

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetLastError
CreateFileA
CloseHandle
DeviceIoControl
GetVersionExA
GetVersion
lstrcatA
lstrcpyA
GetDriveTypeA
lstrlenA
GetLogicalDriveStringsA
Sleep
FlushFileBuffers
WriteFile
ReadFile
InitializeCriticalSection
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
SetFilePointer
SetStdHandle
LoadLibraryA
GetProcAddress
GetOEMCP
GetACP
GetStringTypeW
GetStringTypeA
HeapFree
HeapAlloc
InterlockedDecrement
InterlockedIncrement
GetCommandLineA
GetModuleHandleA
GetModuleFileNameA
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
ExitProcess
RtlUnwind
WideCharToMultiByte
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
TerminateProcess
GetCurrentProcess
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
GetCPInfo

shlwapi

PathFileExistsA

setupapi

SetupDiDestroyDeviceInfoList
SetupDiGetDeviceInterfaceDetailA
SetupDiEnumDeviceInterfaces
SetupDiGetClassDevsA

winscard

SCardConnectA
SCardDisconnect
SCardListReadersA
SCardTransmit
g_rgSCardT0Pci
SCardGetAttrib
SCardEstablishContext

Exports

Exports

HD_Prtcl_Connect
HD_Prtcl_DisConnect
HD_Prtcl_EumDevice
HD_Prtcl_Reset
HD_Prtcl_SendCmd

Sections

.text
Size: 32KB - Virtual size: 30KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8eb54b64b0446f2461f7650caffee7e3

Headers

File Characteristics

Imports

kernel32

shlwapi

setupapi

winscard

Exports

Exports

Sections

.text Size: 32KB - Virtual size: 30KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 12KB - Virtual size: 17KB

.rsrc Size: 4KB - Virtual size: 1KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 32KB - Virtual size: 30KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 12KB - Virtual size: 17KB

.rsrc
Size: 4KB - Virtual size: 1KB

.reloc
Size: 4KB - Virtual size: 3KB