12d9b43a9bd7b8f6839853b21e4cd5a7

Sharing

Copy URL Twitter E-mail

General

Target

12d9b43a9bd7b8f6839853b21e4cd5a7
Size

411KB
MD5

12d9b43a9bd7b8f6839853b21e4cd5a7
SHA1

39e0d5cb67945f4104e5b52258329b51cdeb0880
SHA256

e682c5bcc786c90df3c90017e84e77bca94d18af9be0b0f2083a57dfc07add1d
SHA512

8f545c5d1430dbdd888ab176603bab6127d4e6179dbb753793afe08a68c9ec329834f4a54160a3a0a035ee25b473df3cec94fbf62f5d9be4d3454874c93a6f04
SSDEEP

6144:4eCNvJPOk/rGUYzVJIK43jQplQFmQeeaQeeBQeesQeebnQeehQeeS56w+PKfQd88:1CNBrrGUYzVJJoWU6wbIQ2kg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
12d9b43a9bd7b8f6839853b21e4cd5a7

Files

12d9b43a9bd7b8f6839853b21e4cd5a7
.dll windows:5 windows x86 arch:x86

a1fcb44ef541e44647b30c07b1a8e292

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CreateThread
Sleep
GetModuleHandleA
VirtualAlloc
VirtualProtect
HeapFree
GetProcessHeap
HeapAlloc
UnmapViewOfFile
CloseHandle
CreateFileW
CreateFileA
CreateFileMappingA
GetFileSize
MapViewOfFile
GetLastError
OutputDebugStringA
GetProcAddress
LoadLibraryA
WideCharToMultiByte
MultiByteToWideChar
IsProcessorFeaturePresent
GetSystemInfo
GetVersionExA
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
InterlockedExchange
InterlockedCompareExchange
TerminateProcess

user32

ShowWindow
CreateWindowExA
GetSystemMetrics
GetAsyncKeyState
SetRect
DestroyWindow

gdi32

GetTextMetricsW
SetBkMode
GetCharacterPlacementW
GetCharacterPlacementA
GetGlyphOutlineA
ExtTextOutW
MoveToEx
CreateFontIndirectW
CreateFontIndirectA
GetTextMetricsA
DeleteDC
DeleteObject
ExtTextOutA
GetObjectA
SetBkColor
SetTextColor
SelectObject
SetMapMode
CreateDIBSection
CreateCompatibleDC
GetObjectW
GetFontLanguageInfo
SetTextAlign

advapi32

RegCloseKey
RegQueryValueExA
RegOpenKeyA

msvcr90

tmpfile
__clean_type_info_names_internal
_except_handler4_common
_crt_debugger_hook
__CppXcptFilter
_adjust_fdiv
_amsg_exit
_initterm_e
_initterm
_encoded_null
_malloc_crt
_decode_pointer
_onexit
_lock
_encode_pointer
__dllonexit
_unlock
sprintf
vsprintf_s
??2@YAPAXI@Z
malloc
memset
memcpy
free
fwrite
fseek
fclose
fread
_CIacos
_finite
_ftol
??3@YAXPAX@Z
_CIpow
strncpy
__CxxFrameHandler
iswpunct
iswdigit
iswalpha
iswspace
longjmp
_setjmp3
isdigit
isspace
sscanf
ldexp
_strdup
setlocale
floor
exit

msvcp90

??_D?$basic_ofstream@DU?$char_traits@D@std@@@std@@QAEXXZ
??0?$basic_ofstream@DU?$char_traits@D@std@@@std@@QAE@XZ

d3d9

Direct3DCreate9

Sections

_TEXT
Size: 512B - Virtual size: 431B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text
Size: 275KB - Virtual size: 275KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 70KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 41KB - Virtual size: 53KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 688B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a1fcb44ef541e44647b30c07b1a8e292

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

msvcr90

msvcp90

d3d9

Sections

_TEXT Size: 512B - Virtual size: 431B

.text Size: 275KB - Virtual size: 275KB

.rdata Size: 70KB - Virtual size: 70KB

.data Size: 41KB - Virtual size: 53KB

.rsrc Size: 1024B - Virtual size: 688B

.reloc Size: 22KB - Virtual size: 21KB

_TEXT
Size: 512B - Virtual size: 431B

.text
Size: 275KB - Virtual size: 275KB

.rdata
Size: 70KB - Virtual size: 70KB

.data
Size: 41KB - Virtual size: 53KB

.rsrc
Size: 1024B - Virtual size: 688B

.reloc
Size: 22KB - Virtual size: 21KB