12cd99f241a39d16fdd4169e5d073822

Sharing

Copy URL Twitter E-mail

General

Target

12cd99f241a39d16fdd4169e5d073822
Size

152KB
MD5

12cd99f241a39d16fdd4169e5d073822
SHA1

01f1c5c1f2f0bd9d9cd1c99d0f2d5cab65edaa62
SHA256

67387252f62c09a1a45f37c093f6f56a1716ce13d3a076f95bd293ee605685bd
SHA512

cb4ad4e87d9f6ddb48e7da0ecaeb060a4f5afb51b88f97af8bc87fdec6766a44928aa78587210a727192d77369447d0da6ac960ef385438c98e7b1f5efb3b4fe
SSDEEP

3072:hhw0wf1DxBE0rsdjOiQs/8/tT6eqnC916FgFFX59jlko5c82:jylOJJ5Vq1WD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
12cd99f241a39d16fdd4169e5d073822

Files

12cd99f241a39d16fdd4169e5d073822
.dll windows:4 windows x86 arch:x86

f5a6a29c5adb2088bbb064fb8e36ceb3

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

FindFirstFileW
SetErrorMode
FindClose
CreateFileW
LocalReAlloc
FormatMessageW
Sleep
GetSystemTimeAsFileTime
InterlockedExchange
InterlockedCompareExchange
LocalAlloc
LocalFree
RaiseException
GetVersion
GetModuleHandleW
CompareFileTime
GetModuleHandleA
LoadLibraryA
ExpandEnvironmentStringsA
GetCurrentThread
GetLocalTime
CreateMutexA
WaitForSingleObject
ReleaseMutex
GetTickCount
GetPrivateProfileIntA
CreateFileA
GetWindowsDirectoryA
CreateEventA
SuspendThread
SetEvent
CreateProcessA
CreateThread
WideCharToMultiByte
GetLocaleInfoA
GetCurrentProcessId
GetCurrentThreadId
QueryPerformanceCounter
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
HeapSize
HeapReAlloc
VirtualAlloc
GetCPInfo
GetOEMCP
GetACP
HeapAlloc
GetSystemInfo
GetEnvironmentStringsW
GetLastError
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
HeapFree
VirtualFree
HeapCreate
HeapDestroy
GetModuleFileNameA
GetStartupInfoA
GetFileType
GetStdHandle
SetHandleCount
MultiByteToWideChar
GetFileAttributesW
FindResourceW
LoadResource
LockResource
EnumResourceNamesW
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
DeleteFileW
FreeLibrary
SizeofResource
ReadFile
GetEnvironmentVariableW
GetProcAddress
LoadLibraryW
GetCurrentProcess
CloseHandle
LoadLibraryExW
VirtualProtect
CreateDirectoryA
GetCommandLineA
RtlUnwind
GetVersionExA
VirtualQuery
ExitProcess

user32

RegisterClassExA
wsprintfA
wvsprintfA
MessageBoxA
LoadStringA
DefWindowProcA
SendMessageA
PostMessageA
TrackPopupMenu
SetForegroundWindow
GetCursorPos
GetSystemMenu
KillTimer
FindWindowA
UpdateWindow
ShowWindow
CreateWindowExA
PostQuitMessage
RegisterClassA
LoadCursorA
LoadIconA
DispatchMessageA
TranslateMessage
GetMessageA
RegisterWindowMessageA
GetDesktopWindow
LoadStringW
CharLowerA
wsprintfW
CharLowerW
SetTimer

advapi32

RegQueryValueExA
EqualSid
ConvertStringSidToSidA
IsValidSid
OpenProcessToken
OpenThreadToken
FreeSid
AllocateAndInitializeSid
RegOpenKeyExA
RegisterEventSourceW
StartServiceCtrlDispatcherA
ConvertStringSecurityDescriptorToSecurityDescriptorA
RegCloseKey
RegOpenCurrentUser
RegOpenKeyExW
RegCreateKeyExW
DeregisterEventSource
ReportEventW
GetTokenInformation

gdi32

GetStockObject

Sections

.text
Size: 80KB - Virtual size: 77KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 44KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f5a6a29c5adb2088bbb064fb8e36ceb3

Headers

File Characteristics

Imports

kernel32

user32

advapi32

gdi32

Sections

.text Size: 80KB - Virtual size: 77KB

.rdata Size: 44KB - Virtual size: 40KB

.data Size: 4KB - Virtual size: 37KB

.rsrc Size: 12KB - Virtual size: 8KB

.reloc Size: 8KB - Virtual size: 4KB

.text
Size: 80KB - Virtual size: 77KB

.rdata
Size: 44KB - Virtual size: 40KB

.data
Size: 4KB - Virtual size: 37KB

.rsrc
Size: 12KB - Virtual size: 8KB

.reloc
Size: 8KB - Virtual size: 4KB