12556f72f0ac4a9a00aa5c6389daccbc | Triage

Sharing

Copy URL Twitter E-mail

General

Target

12556f72f0ac4a9a00aa5c6389daccbc
Size

146KB
MD5

12556f72f0ac4a9a00aa5c6389daccbc
SHA1

ba2caa857337f1499fd5114c0dbff232c83d2d6a
SHA256

491baabb173aa8471a9f0fbd84deaf1f82e89c7330581c041f93d90724c6695d
SHA512

6e41805eb67b786f9a85dff3f5a9de95b0817271290c226ed9b58acefa93cc7c939cc6e02456fcdf6289ed03354359f78ff2e0d7331fd120a465de6a7d31c56e
SSDEEP

3072:NhV86q4rOberL1lTzSUm0IvpQQEnxRd4fvrGeJUkMTxh:DS6X19zSp0Iv2QgCvZdM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
12556f72f0ac4a9a00aa5c6389daccbc

Files

12556f72f0ac4a9a00aa5c6389daccbc
.exe windows:1 windows x86 arch:x86

f2509fd50de8e34d7e52f2cb95c5fbcb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

UpdateResourceA
SetConsoleInputExeNameA
WriteConsoleOutputA
MulDiv
GetNamedPipeHandleStateA
CloseHandle
LocalShrink
VirtualAllocEx
GlobalFindAtomA
GetPrivateProfileSectionNamesA
ExitProcess
SetConsoleOutputCP
lstrlenA
MultiByteToWideChar
ReadConsoleOutputAttribute
FindResourceExA
GetConsoleTitleA
SetHandleInformation
GetStdHandle
GetFileAttributesExA
MulDiv
ChangeTimerQueueTimer
GlobalMemoryStatusEx

winspool.drv

EnumPortsA

user32

CreateDialogIndirectParamA
CreateCaret
GetKeyboardLayoutNameA
GetUpdateRgn
GetUpdateRect
ReleaseCapture
DlgDirSelectExA
GetRawInputData
GetWindowTextA
SetClassLongA

Sections

.text
Size: 50KB - Virtual size: 50KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 88KB - Virtual size: 109KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ