16f14819e0342149bc47ddc08838e746d7278cc21ee5dbe5694a271385245693

Sharing

Copy URL Twitter E-mail

General

Target

16f14819e0342149bc47ddc08838e746d7278cc21ee5dbe5694a271385245693
Size

413KB
MD5

8826e458a9ebbb9674fb9c0ed0a4c653
SHA1

d5590030daeb8dbd0e95e72808614f4d44c44efd
SHA256

16f14819e0342149bc47ddc08838e746d7278cc21ee5dbe5694a271385245693
SHA512

f2be6e40c620e836362231682dab7e61051d1c9d2e7fe8bf177bb722b1f954489c14381e2d0f0989c3c59b54cf292be16c6fc42493c5f0a5fc25d1faa4edc79b
SSDEEP

12288:bmcpDKg4pntbIuvi3P7YxSWjSlI99mtFLYCB5J:6gcx5jSlI9SVYC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
16f14819e0342149bc47ddc08838e746d7278cc21ee5dbe5694a271385245693

Files

16f14819e0342149bc47ddc08838e746d7278cc21ee5dbe5694a271385245693
.exe windows:5 windows x86 arch:x86

34fed7256851431a653fbfba67a765bf

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ReadFileEx
TransmitCommChar
GetCommConfig
SetCommConfig
SetCommBreak
ClearCommBreak
ClearCommError
GetDefaultCommConfigW
SetDefaultCommConfigW
GetCommState
SetCommState
EscapeCommFunction
GetCommProperties
GetCommModemStatus
SetCommMask
GetCommMask
FlushFileBuffers
PurgeComm
SetupComm
WaitCommEvent
GetTickCount
CreateEventW
WideCharToMultiByte
WaitForSingleObject
ResetEvent
SetEvent
LocalFree
FormatMessageW
FindResourceExW
CreateFileA
SetEndOfFile
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
GetLocaleInfoA
WriteFileEx
SetStdHandle
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
GetConsoleMode
GetConsoleCP
SetFilePointer
InitializeCriticalSectionAndSpinCount
GetCurrentProcessId
QueryPerformanceCounter
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetStartupInfoA
GetFileType
SetHandleCount
GetModuleHandleA
GetModuleFileNameA
GetStdHandle
ExitProcess
Sleep
HeapCreate
GetOverlappedResult
WriteFile
ReadFile
CloseHandle
CreateFileW
GetCommTimeouts
SetCommTimeouts
LoadLibraryW
GetProcAddress
lstrcmpiW
LoadLibraryExW
FreeLibrary
InitializeCriticalSection
GetLastError
GetModuleHandleW
InterlockedIncrement
EnterCriticalSection
LeaveCriticalSection
InterlockedExchange
GetCurrentProcess
FlushInstructionCache
DeleteCriticalSection
GetCurrentThreadId
OutputDebugStringW
GetLocalTime
GetModuleFileNameW
CreateDirectoryW
FindResourceW
SizeofResource
RaiseException
LoadResource
LockResource
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalFree
MultiByteToWideChar
InterlockedDecrement
FindClose
lstrlenW
FindFirstFileW
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
GetStartupInfoW
RtlUnwind
VirtualQuery
GetSystemInfo
VirtualProtect
GetSystemTimeAsFileTime
lstrlenA
VirtualAlloc
VirtualFree
IsProcessorFeaturePresent
LoadLibraryA
InterlockedCompareExchange
GetProcessHeap
HeapSize
HeapReAlloc
GetFullPathNameW
SetLastError
HeapFree
HeapAlloc
HeapDestroy

user32

DrawTextW
EndDialog
CreateWindowExW
DestroyWindow
SetWindowLongW
MoveWindow
GetClientRect
SendMessageW
SetWindowPos
MapWindowPoints
GetMonitorInfoW
MonitorFromWindow
GetWindowLongW
GetWindowRect
GetWindow
GetParent
LoadImageW
GetDlgItem
GetClassInfoExW
LoadCursorW
RegisterClassExW
CharNextW
GetSysColor
DefWindowProcW
GetWindowTextW
GetWindowTextLengthW
InvalidateRect
SetWindowRgn
CopyRect
CallWindowProcW
GetIconInfo
SetWindowTextW
ScreenToClient
ShowWindow
EnableWindow
SetDlgItemTextW
LoadIconW
BeginPaint
EndPaint
IsWindowVisible
UnregisterClassA
PostMessageW
IsWindow
DrawFocusRect
GetSystemMetrics
GetActiveWindow
DialogBoxParamW
SetCursor
KillTimer
SetTimer

gdi32

CreatePen
GetDIBColorTable
CreateSolidBrush
CreateRoundRectRgn
TextOutW
StretchBlt
SetBkMode
DeleteObject
CreateCompatibleBitmap
SetViewportOrgEx
CreateCompatibleDC
SelectObject
SetDIBColorTable
CreateDIBSection
BitBlt
DeleteDC
CreateFontIndirectW
SetBkColor
ExtTextOutW
GetTextExtentPoint32W
RoundRect
Rectangle
Polyline
LineTo
MoveToEx
SetTextColor
RestoreDC
SaveDC
GetStockObject
GetObjectW
ExcludeClipRect

advapi32

RegEnumKeyExW
RegDeleteValueW
RegCloseKey
RegQueryInfoKeyW
RegSetValueExW
RegDeleteKeyW
RegOpenKeyExW
RegCreateKeyExW

ole32

OleRun
CoCreateInstance
CreateStreamOnHGlobal
CoInitialize
CoTaskMemFree
CoTaskMemAlloc
CoTaskMemRealloc
CoUninitialize

oleaut32

SysFreeString
SysAllocString
VariantCopy
VariantClear
GetErrorInfo
SysStringByteLen
VariantInit
VarUI4FromStr
VariantChangeType
SysAllocStringByteLen

comctl32

_TrackMouseEvent
InitCommonControlsEx

msimg32

TransparentBlt

gdiplus

GdipGetImagePalette
GdipGetImagePaletteSize
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipDrawImageI
GdiplusStartup
GdipDeleteGraphics
GdipGetImageGraphicsContext
GdipCreateBitmapFromStreamICM
GdipCreateBitmapFromStream
GdipAlloc
GdipCloneImage
GdipFree
GdipDisposeImage
GdiplusShutdown
GdipBitmapGetPixel
GdipDrawImageRectRect
GdipDrawImageRectI
GdipCreateFromHDC
GdipSetImageAttributesRemapTable
GdipDisposeImageAttributes
GdipCreateImageAttributes
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0

wininet

HttpOpenRequestW
InternetSetStatusCallbackW
InternetOpenW
InternetReadFileExW
InternetQueryDataAvailable
HttpQueryInfoW
InternetGetLastResponseInfoW
HttpSendRequestW
InternetSetOptionW
InternetConnectW
InternetQueryOptionW
InternetCanonicalizeUrlW
InternetCloseHandle

Sections

.text
Size: 159KB - Virtual size: 158KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 206KB - Virtual size: 206KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

34fed7256851431a653fbfba67a765bf

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

ole32

oleaut32

comctl32

msimg32

gdiplus

wininet

Sections

.text Size: 159KB - Virtual size: 158KB

.rdata Size: 28KB - Virtual size: 27KB

.data Size: 8KB - Virtual size: 15KB

.rsrc Size: 206KB - Virtual size: 206KB

.reloc Size: 11KB - Virtual size: 10KB

.text
Size: 159KB - Virtual size: 158KB

.rdata
Size: 28KB - Virtual size: 27KB

.data
Size: 8KB - Virtual size: 15KB

.rsrc
Size: 206KB - Virtual size: 206KB

.reloc
Size: 11KB - Virtual size: 10KB