12d324a0e8849ab7be84731a99857b52

General

Target

12d324a0e8849ab7be84731a99857b52
Size

309KB
MD5

12d324a0e8849ab7be84731a99857b52
SHA1

543a75fa8ffd0628d3909b440c35d3154c9577e8
SHA256

5cfcfae2222e3ee99d9e32e2f2878b076eed86432936c69c89ca299cdec1e868
SHA512

ac1a85ce35d43bfcd390359df21365d0245eba491552a8b57c737e73671a0f8c10206dad311992fdf8c6b65a9e8c210a6dc0d23f1a1eb46254cee0b702adb494
SSDEEP

6144:Pppu2ZORbgxGxymg8AWWv9hx/WsleAOY+7ALDRtd+8JfTYIl6V6TvYo2:xo2ZOuc3+35leA6sLd+SwQTvYo2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
12d324a0e8849ab7be84731a99857b52

Files

12d324a0e8849ab7be84731a99857b52
.dll windows:4 windows x86 arch:x86

770adec82fe0747cab1f4fca9ecaee90

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvcrt

wcsrchr
wcslen
wcscpy
wcscmp
wcscat
vsprintf
strrchr
strlen
strcpy
strcmp
strcat
sprintf
memset
memcpy
malloc
log10
fwrite
fseek
fread
fopen
floor
fflush
fclose
ceil
_wstati64
_wfindnext64
_stati64
_stat
_errno
_beginthreadex
__dllonexit

winmm

mciDriverYield
midiOutShortMsg

kernel32

WaitForSingleObject
VirtualAlloc
Sleep
SetThreadPriority
SetThreadAffinityMask
SetEvent
ResetEvent
QueryPerformanceCounter
LoadLibraryA
LeaveCriticalSection
InitializeCriticalSection
GetTickCount
GetThreadPriority
GetSystemTimeAsFileTime
GetSystemInfo
GetProcessPriorityBoost
GetProcessAffinityMask
GetProcAddress
GetModuleHandleA
GetModuleFileNameA
GetLastError
GetCurrentThreadId
GetCurrentThread
GetCurrentProcessId
GetCurrentProcess
FreeLibrary
ExitProcess
EnterCriticalSection
DeleteCriticalSection
CreateEventA
CloseHandle

Exports

Exports

CloseDevice
GetIntegerv
GetProcAddress
PreprocessShaderFromFileW
ReadServerSupportsIsADControl

Sections

.text
Size: 49KB - Virtual size: 49KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 139KB - Virtual size: 138KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 67KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 49KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

770adec82fe0747cab1f4fca9ecaee90

Headers

File Characteristics

Imports

msvcrt

winmm

kernel32

Exports

Exports

Sections

.text Size: 49KB - Virtual size: 49KB

.rdata Size: 139KB - Virtual size: 138KB

.data Size: 67KB - Virtual size: 67KB

.rsrc Size: 49KB - Virtual size: 49KB

.reloc Size: 3KB - Virtual size: 2KB

.text
Size: 49KB - Virtual size: 49KB

.rdata
Size: 139KB - Virtual size: 138KB

.data
Size: 67KB - Virtual size: 67KB

.rsrc
Size: 49KB - Virtual size: 49KB

.reloc
Size: 3KB - Virtual size: 2KB