12a1f312c80aac0761006acfae2d13ed | Triage

Sharing

Copy URL Twitter E-mail

General

Target

12a1f312c80aac0761006acfae2d13ed
Size

348KB
MD5

12a1f312c80aac0761006acfae2d13ed
SHA1

b7e62734d661f3ccc0185ce066f394576f75dbee
SHA256

0f09eb2b93fe169bdd75f2f58811ec6f546580af2234ea84fd1a4780a3040d67
SHA512

834aa27680a8530f7ad1331642fdb84a04c3c09eee99a20e2e782927d5b42493b6efbce914de5798f5aaf0f25e6559db10606ec70edc4b622dd1d45b98be0c53
SSDEEP

6144:0YC27xFL+fPVnAMyzdJg724T6NJmHdMiNDP7A+hCdBTDG+HUcbh:jhFL+x3yz3g7wLmHddPpCW+HUcb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
12a1f312c80aac0761006acfae2d13ed

Files

12a1f312c80aac0761006acfae2d13ed
.exe windows:4 windows x86 arch:x86

5f444ddeaa21d6b1051a4696b39dfd8b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_controlfp
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_stricmp
__getmainargs
_acmdln
exit
_XcptFilter
_exit
_onexit
__dllonexit
?terminate@@YAXXZ
_except_handler3
_makepath
_wmakepath
wcscmp
wcscpy

kernel32

GetCurrentThreadId
HeapAlloc
GetProcessHeap
CompareStringA
HeapReAlloc
HeapFree
WaitForMultipleObjects
ProcessIdToSessionId
GetSystemDirectoryW
LCMapStringW
LoadLibraryExW
VirtualUnlock
VirtualLock
GetSystemInfo
ReleaseMutex
CreateMutexW
ResetEvent
SetEvent
CreateEventW
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter

oleaut32

SafeArrayDestroyDescriptor
SafeArrayDestroyDescriptor
VarFormatDateTime
CreateErrorInfo
OleLoadPictureEx
GetErrorInfo
SetErrorInfo
GetActiveObject
VariantInit
SysFreeString

msimg32

TransparentBlt

Sections

.text
Size: 224KB - Virtual size: 276KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 121KB - Virtual size: 121KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE