12b9213c564602e4fe7deda551fce57b

Sharing

Copy URL

Twitter E-mail

General

Target

12b9213c564602e4fe7deda551fce57b
Size

136KB
MD5

12b9213c564602e4fe7deda551fce57b
SHA1

613933bc1e603fc6e77662f58420b12f92c4863f
SHA256

d14cb683a6f9faefc64a8d193eb1a382f94114fd12c73a06923add539f0ea8d9
SHA512

4b8c6acd1559c1b84bd553b07912c17f685f5b0c5877f19e94573303be02a3ea6ed223ad1264f7dcc96a4129ef4087c454f92b6e945370aadf10f63cccf25ceb
SSDEEP

3072:50gj8rS6VxDQ3SwrOIYVTFJUygzAHsUVvQERkvxvcutt3mBxvxpL:UrSeWSwSIYPJUyg8HsMXRkvxLmBxzL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
12b9213c564602e4fe7deda551fce57b

Files

12b9213c564602e4fe7deda551fce57b
.exe windows:5 windows x86 arch:x86

1edbbcd7b5e0da99d11d3126b5101984

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

CreateStatusWindowW
ImageList_Read
CreateToolbarEx
PropertySheetW
ImageList_GetIcon

shlwapi

UrlGetLocationA

kernel32

FindResourceW
ReleaseMutex
CompareStringW
GetThreadTimes
GlobalFindAtomW
GetWindowsDirectoryA
LoadLibraryW
GetLastError
GetStartupInfoW
SetNamedPipeHandleState
SetThreadContext
HeapFree
MoveFileExW
LocalReAlloc
TlsGetValue
SetTimerQueueTimer
GetComputerNameW
GetTempPathA
FindCloseChangeNotification
CopyFileA
lstrcmpW
CompareStringA
GetModuleHandleW
GlobalGetAtomNameW
GetACP
IsDBCSLeadByte
IsBadWritePtr
IsValidLanguageGroup
CreateSemaphoreW
GetLocaleInfoW
GetSystemTimeAsFileTime
EnumResourceNamesW
WaitForSingleObjectEx
TlsFree
LeaveCriticalSection
GetModuleFileNameA
GetFileAttributesExW

comdlg32

CommDlgExtendedError
FindTextW
ReplaceTextW
PrintDlgExW

user32

MessageBoxExW
SetPropW
GetWindowPlacement
GetClassInfoExA
DrawFrameControl
wvsprintfW
LoadMenuA
SendInput
InsertMenuItemW
CheckMenuRadioItem
BeginPaint
ClipCursor
GetMonitorInfoW
GetScrollPos
IsIconic
ShowCursor
OffsetRect
RegisterClassW
CharToOemA
IsCharUpperA
TabbedTextOutW
IsCharAlphaW
RemovePropW
GetSubMenu
GetForegroundWindow
RegisterWindowMessageA
IsCharAlphaA
AdjustWindowRectEx
GetKeyboardLayout
GetDoubleClickTime
InSendMessageEx
GetMenuItemCount
wvsprintfA
wsprintfW
ShowCaret
SetScrollRange
IntersectRect
CopyAcceleratorTableW
GetWindowTextW
WindowFromPoint
CreateCursor
GetCursorPos
DestroyMenu
GetClassLongW
SetTimer
CheckDlgButton
DialogBoxParamA
OemToCharBuffA
MessageBoxW
GetMenuItemID
EnumThreadWindows
CharToOemBuffA
GetKeyboardType
RegisterClassA
ArrangeIconicWindows
SetParent
IsChild
LoadCursorW
IsZoomed
CopyImage
SetScrollPos
GetIconInfo
DialogBoxIndirectParamW
EnableScrollBar
SetActiveWindow
GetMessageExtraInfo
GetWindowRect
DrawAnimatedRects
SetClassLongW
GetLastActivePopup
DrawTextA
CreateDialogIndirectParamW
PostMessageA
GetShellWindow
AdjustWindowRect
MonitorFromPoint
SendNotifyMessageW
SendMessageTimeoutA
GetClassNameW
GetUpdateRect
DefWindowProcA
GetDialogBaseUnits

msvcrt

isdigit
wcscspn
wcscpy
_controlfp
iswdigit
strcoll
getc
wcstoul
__set_app_type
wcstok
memset
putc
ungetc
atol
__p__fmode
__p__commode
_amsg_exit
fread
wcsrchr
iswprint
_initterm
_ismbblead
fputs
fclose
bsearch
sscanf
isupper
swprintf
_XcptFilter
strchr
_exit
_cexit
__setusermatherr
realloc
__getmainargs
gets
remove

Exports

Exports

?HistoryLoggingOn@@YGKDKPAX:O

Sections

.text
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.eplan
Size: 512B - Virtual size: 91B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ainit
Size: 1024B - Virtual size: 856B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdbg
Size: 512B - Virtual size: 91B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.iplan
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.run
Size: 512B - Virtual size: 476B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.0dat
Size: 100KB - Virtual size: 99KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1edbbcd7b5e0da99d11d3126b5101984

Headers

File Characteristics

Imports

comctl32

shlwapi

kernel32

comdlg32

user32

msvcrt

Exports

Exports

Sections

.text Size: 24KB - Virtual size: 23KB

.eplan Size: 512B - Virtual size: 91B

.ainit Size: 1024B - Virtual size: 856B

.rdbg Size: 512B - Virtual size: 91B

.data Size: 2KB - Virtual size: 56KB

.iplan Size: 4KB - Virtual size: 4KB

.run Size: 512B - Virtual size: 476B

.0dat Size: 100KB - Virtual size: 99KB

.rsrc Size: 2KB - Virtual size: 1KB

.text
Size: 24KB - Virtual size: 23KB

.eplan
Size: 512B - Virtual size: 91B

.ainit
Size: 1024B - Virtual size: 856B

.rdbg
Size: 512B - Virtual size: 91B

.data
Size: 2KB - Virtual size: 56KB

.iplan
Size: 4KB - Virtual size: 4KB

.run
Size: 512B - Virtual size: 476B

.0dat
Size: 100KB - Virtual size: 99KB

.rsrc
Size: 2KB - Virtual size: 1KB