12d0499541c9c47e697e84736d405656

Sharing

Copy URL

Twitter E-mail

General

Target

12d0499541c9c47e697e84736d405656
Size

860KB
MD5

12d0499541c9c47e697e84736d405656
SHA1

29fbfc315d0c4fb173ca95d9c5778f83453e541c
SHA256

66a89df77ab5ff8f5c6c030b85f7ec84c99fe77bfc14d51d622ae064d3f7d9eb
SHA512

43698b816113762a4ea525f215bdd12262342219c77088661699366f2680a17264eca76f2e28bd172932832078232af3c902f8e8e2a161771b26a79fcc53b2b0
SSDEEP

24576:z9fkLaTOtOURGeQFK9GoB3s3TFSs2CF6wh9Od3GOl:z5kLWOthNQFRdTFW/Mw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
12d0499541c9c47e697e84736d405656

Files

12d0499541c9c47e697e84736d405656
.exe windows:5 windows x86 arch:x86

7533d45c9333b34098c1bc2dd2e8bdb2

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ReleaseSemaphore
IsProcessorFeaturePresent
GetTickCount
CreateSemaphoreW
SetThreadPriority
DeleteCriticalSection
GetDriveTypeA
GlobalReAlloc
GetLocalTime
ExpandEnvironmentStringsA
CreateFileA
RtlUnwind
OutputDebugStringW
FreeEnvironmentStringsA
IsDBCSLeadByte
GetPrivateProfileStringW
lstrcmpiW
HeapReAlloc
LocalReAlloc
CreateEventA
GetVolumeInformationW
VirtualAlloc
SetConsoleCtrlHandler
GetSystemTimeAsFileTime
SetThreadLocale
HeapCreate
EnterCriticalSection
LeaveCriticalSection
FindFirstFileW
GetFileAttributesW
WritePrivateProfileStringA
HeapSize
MapViewOfFile
DeleteFileA
LocalFileTimeToFileTime
GetLocaleInfoA
GetCurrentProcess
GetCurrentThreadId
LoadResource
GetStartupInfoA
GlobalFree
MulDiv
GetStartupInfoW
LoadLibraryA
GetModuleHandleA
HeapAlloc
GetWindowsDirectoryA

msvcrt

fprintf
_wcsnicmp
wcsstr
??0exception@@QAE@ABV0@@Z
__set_app_type
__p__commode
__dllonexit
exit
_fileno
??1type_info@@UAE@XZ
_CxxThrowException
__getmainargs
_vsnwprintf

user32

wsprintfA
LoadIconA
DestroyWindow
IsWindowVisible
LoadBitmapW
GetSubMenu
CreateWindowExA
BringWindowToTop
WindowFromPoint
GetWindowDC
UpdateWindow
IsChild
EqualRect
FindWindowW
DrawTextW
LoadCursorW
SetWindowTextA
SetScrollInfo
DeleteMenu
CallWindowProcA
EnumChildWindows
IsIconic
GetWindowLongA
GetClassNameA
EndPaint
OpenClipboard
RegisterClassW
DialogBoxParamW
GetCapture
AdjustWindowRectEx
CharNextW
CallNextHookEx
GetMenu

advapi32

RegOpenKeyW
RegDeleteValueW
RegQueryInfoKeyA
RegOpenKeyA

Sections

.text
Size: 128KB - Virtual size: 128KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 249KB - Virtual size: 249KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 477KB - Virtual size: 1.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7533d45c9333b34098c1bc2dd2e8bdb2

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

msvcrt

user32

advapi32

Sections

.text Size: 128KB - Virtual size: 128KB

.rdata Size: 249KB - Virtual size: 249KB

.data Size: 477KB - Virtual size: 1.9MB

.rsrc Size: 3KB - Virtual size: 3KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 128KB - Virtual size: 128KB

.rdata
Size: 249KB - Virtual size: 249KB

.data
Size: 477KB - Virtual size: 1.9MB

.rsrc
Size: 3KB - Virtual size: 3KB

.reloc
Size: 1KB - Virtual size: 1KB