12b066c1445d60adfbb47a7ccc7b91a7

Sharing

Copy URL Twitter E-mail

General

Target

12b066c1445d60adfbb47a7ccc7b91a7
Size

9.8MB
MD5

12b066c1445d60adfbb47a7ccc7b91a7
SHA1

9ea015029db6b3f6ce4b301c2a228d125e118060
SHA256

13f42e2374ba1e13efcc58c4102d6af4c3d4753a12dd38aa351082c0e9734608
SHA512

892961a1c66d2707cab27be79b7906836b1765547a986c6b11ff5753c9d562feb31e1d855571e81149454235cbfa89695709228fe31f35df72f0198e08972b1f
SSDEEP

196608:FFj8/91YHteozD9k/D6QX/b40ckIhCgOAn10XGu:FYpED2/WQX/jckA7G2u

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
12b066c1445d60adfbb47a7ccc7b91a7

Files

12b066c1445d60adfbb47a7ccc7b91a7
.exe windows:4 windows x86 arch:x86

3e362b4b2812098def9965d21b5641a3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

memset
wcsncmp
memmove
wcsncpy
wcslen
wcscpy
wcscat
wcscmp
strlen
memcpy
strcmp
_wcsdup
free
_wcsicmp
tolower
strncpy
localtime
mktime
_wcsnicmp
_itow
gmtime
malloc
realloc
calloc
__p__iob
fwrite
fread
strchr
strstr
isxdigit
strncmp
isalpha
strtol
sscanf
strrchr
strpbrk
strtoul
qsort
fclose
fopen
fgets
fputs
fseek
ftell
atoi
isspace
memchr
isdigit
_stricmp
_strnicmp
fflush
_read
_write
fputc
sprintf
getenv
isalnum
_errno
isupper
_stati64
time
_ftime

kernel32

GetModuleHandleW
HeapCreate
HeapDestroy
ExitProcess
CloseHandle
GetLastError
CreateToolhelp32Snapshot
Process32FirstW
Process32NextW
OpenProcess
TerminateProcess
GetNativeSystemInfo
InitializeCriticalSection
GetCurrentProcess
DuplicateHandle
CreatePipe
GetStdHandle
HeapAlloc
CreateProcessW
WaitForSingleObject
EnterCriticalSection
LeaveCriticalSection
HeapFree
GetModuleFileNameW
CreateFileW
GetFileSize
ReadFile
WriteFile
DeleteFileW
SetFilePointer
HeapReAlloc
FreeLibrary
LoadLibraryW
WideCharToMultiByte
GetProcAddress
CreateThread
HeapSize
MultiByteToWideChar
Sleep
CreateDirectoryW
SetFileAttributesW
GetDriveTypeW
FindFirstFileW
FindClose
GetFileAttributesW
MoveFileW
CopyFileW
DeleteCriticalSection
InterlockedCompareExchange
InterlockedExchange
GetLocalTime
VerSetConditionMask
VerifyVersionInfoA
SleepEx
LoadLibraryA
GetTickCount
ExpandEnvironmentStringsA
SetLastError
FormatMessageA

user32

CharUpperW

advapi32

OpenProcessToken
LookupPrivilegeValueW
AdjustTokenPrivileges
OpenSCManagerW
OpenServiceW
ControlService
DeleteService
CloseServiceHandle
QueryServiceStatus
StartServiceW
CreateServiceW
CryptAcquireContextA
CryptGenRandom
CryptReleaseContext
CryptCreateHash
CryptHashData
CryptGetHashParam
CryptDestroyHash

shell32

ShellExecuteExW

ws2_32

WSAIoctl
getaddrinfo
freeaddrinfo

wsock32

closesocket
WSACleanup
WSAStartup
recv
WSAGetLastError
send
WSASetLastError
getsockopt
setsockopt
socket
getpeername
getsockname
htons
bind
ntohs
connect
select
__WSAFDIsSet
ioctlsocket
gethostname
ntohl
htonl

winmm

timeBeginPeriod

shlwapi

PathFileExistsW

urlmon

URLDownloadToFileW

wininet

DeleteUrlCacheEntryW

Sections

.code
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text
Size: 167KB - Virtual size: 166KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 27KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9.6MB - Virtual size: 9.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3e362b4b2812098def9965d21b5641a3

Headers

File Characteristics

Imports

msvcrt

kernel32

user32

advapi32

shell32

ws2_32

wsock32

winmm

shlwapi

urlmon

wininet

Sections

.code Size: 11KB - Virtual size: 10KB

.text Size: 167KB - Virtual size: 166KB

.rdata Size: 27KB - Virtual size: 26KB

.data Size: 9.6MB - Virtual size: 9.6MB

.rsrc Size: 1KB - Virtual size: 1KB

.code
Size: 11KB - Virtual size: 10KB

.text
Size: 167KB - Virtual size: 166KB

.rdata
Size: 27KB - Virtual size: 26KB

.data
Size: 9.6MB - Virtual size: 9.6MB

.rsrc
Size: 1KB - Virtual size: 1KB