12d5a840f943f4050cd3192f1570be53 | Triage

Sharing

General

Target

12d5a840f943f4050cd3192f1570be53
Size

2KB
MD5

12d5a840f943f4050cd3192f1570be53
SHA1

63e0726a75bdf0276a6b35e58ed472ed9e9df7b6
SHA256

71f8f2dcdb9d9f63d9cf3bfef1066e1f80f10bc5093cfc61c575919071a0dd65
SHA512

b709cce2b4e786dd75e633af42d597228bd88056d4668cc37ea7f206bf891ff1bbd7f7594ae8837dcd4e87e5cfe18bc6dd2b411b1d98a0edc5a73583b542d817

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
12d5a840f943f4050cd3192f1570be53

Files

12d5a840f943f4050cd3192f1570be53
.exe windows:4 windows x86 arch:x86

63fae2c5965325c699631b7027a5ce1e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetWindowThreadProcessId
FindWindowA

kernel32

GetModuleHandleA
WriteProcessMemory
VirtualAllocEx
TerminateProcess
CloseHandle
CreateProcessA
CreateRemoteThread
ExitProcess
GetProcAddress
GetStartupInfoA
OpenProcess
Sleep

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE