12fd8897083e66b3fb6c40d13fb5b842c35b4767401afa50c41cd9edf7443e57 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

12fd8897083e66b3fb6c40d13fb5b842c35b4767401afa50c41cd9edf7443e57
Size

13.4MB
MD5

a8fa44f68605edfd0aa17f29fdf9ec5c
SHA1

cad53b7e2d9dada6c1585a50864fa66ff1956af7
SHA256

12fd8897083e66b3fb6c40d13fb5b842c35b4767401afa50c41cd9edf7443e57
SHA512

07689b2feabd1eb0947e04080e6f2217b5a2fe2f8bdc1254665389a512c80c0b5fd0784f6fabadc8277515068b78eb7af542f22c3f881b9e41bcdb3c1e075075
SSDEEP

393216:DqK6lS+U++DNcEFmyEfXGhLK6VzIBaq00Fpv3TQfiLJPYdB:DOle++DNcEUy5L1y+STQfiLIB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
12fd8897083e66b3fb6c40d13fb5b842c35b4767401afa50c41cd9edf7443e57

Files

12fd8897083e66b3fb6c40d13fb5b842c35b4767401afa50c41cd9edf7443e57
.exe windows x86

432fc55f13f2f44d1365d832cb8bcac4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

rasapi32

RasHangUpA

winmm

midiStreamRestart

ws2_32

select

user32

GetClipboardData

gdi32

ExtSelectClipRgn

winspool.drv

OpenPrinterA

advapi32

RegQueryValueA

shell32

SHGetSpecialFolderPathA

ole32

CoGetClassObject

oleaut32

SafeArrayAccessData

comctl32

ImageList_Create

oledlg

ord8

wininet

InternetCanonicalizeUrlA

comdlg32

ChooseColorA

Sections

.text
Size: 2.5MB - Virtual size: 8.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 207KB - Virtual size: 208KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE