12734d3517071c575db4ef8b41a98e5c | Triage

Sharing

Copy URL Twitter E-mail

General

Target

12734d3517071c575db4ef8b41a98e5c
Size

206KB
MD5

12734d3517071c575db4ef8b41a98e5c
SHA1

32dcd9a701b3a3b0f0703bbb68a2d3cc8e52ffed
SHA256

e74273fae72ca602598e528b43ab128cd037b74e62d620879a19b3634197607c
SHA512

610e81745ea8596576f8606841a33306a55aa05c0ce8a741871d413ba550e3d7288780e766d5f287f27b0de67fdd28c63954895f77fd0991c31cb07855134a12
SSDEEP

3072:3o9qqCsyce46GNmBgzT88ubnhWUOT9wKPdDiEJGVY+:3YqTkU2mn8ubYUOt1DibY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
12734d3517071c575db4ef8b41a98e5c

Files

12734d3517071c575db4ef8b41a98e5c
.exe windows:4 windows x86 arch:x86

43a76d1b0a063e77765c809a2920ac70

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

MulDiv
GetProcessHeap
IsDebuggerPresent
SetCurrentDirectoryA
GetLastError
GetCommandLineW
GetOEMCP
GetDriveTypeA
GetUserDefaultLangID
lstrcmpiW
GetModuleHandleW
GetACP
GetConsoleOutputCP
lstrlenA
GetCurrentThread
lstrcmpA
lstrlenW
GetCommandLineA
SetLastError
CopyFileA
GetVersion
GetStartupInfoA
lstrcmpiA
Sleep
QueryPerformanceCounter
GetWindowsDirectoryA
GetThreadLocale
GetTickCount
RemoveDirectoryA
GlobalFindAtomA
GetModuleHandleA
DeleteFileA
GlobalFindAtomW
GetCurrentThreadId
GetCurrentProcess
GetCurrentProcessId
DeleteFileW
VirtualAlloc
LoadLibraryW

user32

GetDesktopWindow
GetSystemMetrics
CharNextA
GetDC

Sections

.text
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 45KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 114KB - Virtual size: 114KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 27KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE