12708121c084d51bbd38f828da633994

General

Target

12708121c084d51bbd38f828da633994
Size

56KB
MD5

12708121c084d51bbd38f828da633994
SHA1

21ce8be9c916e0bcb3d3aa1e90c65b99ca91ff60
SHA256

0bd75ab283983f9dad606a13515c010172f7f490385b7dc2f8502ce71c29aa9a
SHA512

83196acf88f964736ddaa5a01831b0897dc403c9d023dfca05a16aa87798cda14579e85abb0d9d7d20d91dd3d31a5577299c69190c03b874bdf3dce664f38a6b
SSDEEP

1536:PT6UmhibLWnoWrutP9SMt1JR5/v9yM5LwW2AZIaBfzorcP:76UR11HDX/vQiLrLZIgzoYP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
12708121c084d51bbd38f828da633994

Files

12708121c084d51bbd38f828da633994
.exe .ps1 windows:4 windows x86 arch:x86 polyglot

5b6c41091d79aafd2ed3e43177e73197

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

AreFileApisANSI
CallNamedPipeA
CloseProfileUserMapping
CreateProcessW
DebugActiveProcess
EndUpdateResourceA
EnumTimeFormatsW
ExitProcess
FindResourceW
FoldStringW
FreeLibrary
GetConsoleMode
GetConsoleOutputCP
GetPrivateProfileStructW
GetProcessHeaps
GetQueuedCompletionStatus
GetStringTypeA
HeapFree
LCMapStringA
LocalReAlloc
MoveFileA
PurgeComm
ReadConsoleInputA
SetCalendarInfoA
SetCommTimeouts
SignalObjectAndWait
UnmapViewOfFile
WriteFileEx
lstrcmpW

user32

BroadcastSystemMessageW
DdeDisconnect
DdeInitializeW
DefDlgProcW
DefWindowProcA
DrawMenuBarTemp
FindWindowExA
GetClipboardData
GetKeyboardLayout
GetMenuInfo
GetMonitorInfoA
IMPSetIMEW
InSendMessage
IsRectEmpty
LoadKeyboardLayoutW
OpenClipboard
OpenDesktopW
PeekMessageA
RealGetWindowClass
RegisterClassA
SetCapture
SetInternalWindowPos
SetMessageExtraInfo
TileWindows
UnregisterHotKey
WaitMessage
WindowFromPoint

gdi32

AngleArc
CreateDCW
CreateICW
CreatePen
CreatePolyPolygonRgn
GdiComment
GdiFlush
GetBoundsRect
GetEnhMetaFilePaletteEntries
GetFontData
GetLayout
GetMetaRgn
GetMiterLimit
GetROP2
GetTextCharsetInfo
OffsetClipRgn
PathToRegion
Polygon
RestoreDC
SetICMProfileA
SetMagicColors
SetStretchBltMode
SetWindowOrgEx

Sections

.text
Size: 512B - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5b6c41091d79aafd2ed3e43177e73197

Headers

File Characteristics

Imports

kernel32

user32

gdi32

Sections

.text Size: 512B - Virtual size: 8KB

.data Size: 8KB - Virtual size: 12KB

.idata Size: - Virtual size: 8KB

.rsrc Size: 1024B - Virtual size: 8KB

.text
Size: 512B - Virtual size: 8KB

.data
Size: 8KB - Virtual size: 12KB

.idata
Size: - Virtual size: 8KB

.rsrc
Size: 1024B - Virtual size: 8KB