12121e7da500f3202079e479ef8b42d3 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

12121e7da500f3202079e479ef8b42d3
Size

211KB
MD5

12121e7da500f3202079e479ef8b42d3
SHA1

0839a68206147462ed42e0c5dcfbed4fd703e7cb
SHA256

6d910e3b11dd262cb144e41295ef88bd6e8ddeaded3f927f1ca362e89d03d981
SHA512

fa2bde76e817e06d0ba9c8c3bfa48af0830b48b38066d6684e389d7e70df7aa45e18c22019ea925e0c9332175b18ac9e6c5bf0b0da1d6693dc94ffb8dd5e04d0
SSDEEP

3072:dIodrRkhU4c01vOBaXR06ll7Pb/N0GHpaEUydR81xNtFs0MFBTzr5xm:dZrRkXrj/7T/lHpZUym1x/MHzFxm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
12121e7da500f3202079e479ef8b42d3

Files

12121e7da500f3202079e479ef8b42d3
.exe windows:1 windows x86 arch:x86

efb3507f8c0a0cf05a6b06fb67d6f9e3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_wasctime
_adjust_fdiv
_XcptFilter
__p__fmode
_ismbbalpha
_wmktemp
_acmdln
_except_handler3
memcpy
__getmainargs
_mbschr
_controlfp
__set_app_type
_exit
__p__commode
_execle
exit
__setusermatherr
_initterm

kernel32

ExpandEnvironmentStringsA
GlobalAddAtomA
GetSystemInfo
FreeEnvironmentStringsA
FindFirstFileA
GlobalReAlloc
GetStartupInfoA
lstrcmpA
HeapCreate
SetThreadAffinityMask
InterlockedIncrement
GetModuleHandleA
ExitThread
CreateEventA
SetUnhandledExceptionFilter

gdi32

GetBkColor

Sections

.text
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 199KB - Virtual size: 199KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 111B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ