12b12cb0d33f1c31f2f5b35fde01b348 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

12b12cb0d33f1c31f2f5b35fde01b348
Size

36KB
MD5

12b12cb0d33f1c31f2f5b35fde01b348
SHA1

cfe4493ab7459ea200263473eb12c6d5898d0d9f
SHA256

444fa744071a5fbc51a10c659dbf608b928ace1626e2fae0e2516f04c48cbd9f
SHA512

6bf78318c4d7d4adb7709bf4bc924829d89f950c7d4f2edbdaa7e3f829977cbfe938be439948c68c30571df1bccfe23a9a5e018705c09da07b8d0a7f39650c2c
SSDEEP

768:JOwu7iJJhM9uBEWp8cwgzU3mzCDk57KK9GC9pvXAZ2ezQNpHQ:JNumP8cwMU3mzC457KK9GCfv0kPQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
12b12cb0d33f1c31f2f5b35fde01b348

Files

12b12cb0d33f1c31f2f5b35fde01b348
.exe windows:4 windows x86 arch:x86

3bb8da74a61b8643c9a0eeab766a935e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpynA
lstrlenA
GetSystemDefaultLangID
CopyFileA
GetModuleFileNameA
CloseHandle
WriteFile
CreateFileA
SetCurrentDirectoryA
Sleep
FreeLibrary
GetProcAddress
LoadLibraryA
FindNextFileA
GetFileSize
FindFirstFileA
ReadFile
CreateThread
GetTickCount
MapViewOfFile
CreateFileMappingA
DeleteFileA
ExitProcess
GetLastError
CreateMutexA
GlobalFree
GlobalUnlock
SetFilePointer
GlobalLock
GlobalAlloc
Process32Next
TerminateProcess
OpenProcess
Process32First
CreateToolhelp32Snapshot
lstrcpyA
GetWindowsDirectoryA
lstrcatA
CreateDirectoryA
WinExec
lstrcmpA

user32

CharLowerBuffA
SendMessageA
FindWindowA
wsprintfA

advapi32

RegCloseKey
RegQueryValueExA
RegOpenKeyExA
RegEnumValueA
RegSetValueExA

ws2_32

socket
htons
closesocket
send
listen
accept
recv
connect
WSAStartup
gethostname
gethostbyname
WSACleanup
bind

wininet

InternetReadFile
InternetCheckConnectionA
InternetOpenA
InternetOpenUrlA
InternetCloseHandle

msvcrt

srand
time
strstr
rand

Sections

.data
Size: 31KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ