12bfa77b7af7778ecdbd38dbe9311960 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

12bfa77b7af7778ecdbd38dbe9311960
Size

22KB
MD5

12bfa77b7af7778ecdbd38dbe9311960
SHA1

4250c95c2320a8a997e8c504a935c3f24dc053ce
SHA256

70f6f97a4ce8ffd4407767f19456101a4155266c6be069093c0001fbf4e136e4
SHA512

e07df5cf8d0fa1db4eea41cb3336c4a8947f2c44e0036a981cdb95b99ee99296f0a03ba3b367ed680ae42207fe885a8ae5dbc3790042f42866e83f0ad9158c6b
SSDEEP

384:RWhXTgRHe7Wul+K2IMpL0bbRTZqBzcXcVbZUSJW276F0PnURZwU2MPvc:OBP2bwbbeBcuUd8nU9VP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
12bfa77b7af7778ecdbd38dbe9311960

Files

12bfa77b7af7778ecdbd38dbe9311960
.exe windows:6 windows x64 arch:x64

ced2d68b5b04decf5eab2626d76b168a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

CreateFileA
CloseHandle
HeapAlloc
GetProcessHeap
GetSystemTime
lstrcmpA
WriteFile
ExitProcess
GlobalAlloc
GetTimeFormatA
GetCommandLineA
HeapFree
VirtualAlloc
VirtualProtect

user32

MessageBoxA
SetCursor
GetCursor
OpenClipboard

Sections

.text
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 256B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1024B - Virtual size: 612B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.CRT
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ