12d390e0a38385faaaccc28f11dc536b | Triage

Sharing

General

Target

12d390e0a38385faaaccc28f11dc536b
Size

40KB
MD5

12d390e0a38385faaaccc28f11dc536b
SHA1

72a769d6779de775a90aee5d09fb0dac551dd76f
SHA256

4a5599c6ecdb75e7d6b8bac0b671a647543787e22c069ec752634e9f5e5c0c89
SHA512

0d6f9b551472cc6ec35f68241168ecd2a2882e92c08069fd634a9e329af5e6923dc111e454d13ee7479f5019570082f5ba43334954a348b1bbe4701807a0e4e0
SSDEEP

768:XfU4MsyZ31FIgVDtXAbHsi7SggNZSQJ1kvXFX0WTKIp1KxIg/Xrgh:Xs4MsyZ3XIgfn0S3l1kPFk2cTfr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
12d390e0a38385faaaccc28f11dc536b

Files

12d390e0a38385faaaccc28f11dc536b
.exe windows:4 windows x86 arch:x86

8db1704f466d8cf05560b935be1045c3

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateFileMappingA
EnumSystemCodePagesW
EnumTimeFormatsW
ExitProcess
HeapSize
ReadConsoleOutputA
Sleep
WideCharToMultiByte

advapi32

ControlService
CryptSetProvParam
CryptSetProviderExW
EnumDependentServicesA
GetAccessPermissionsForObjectA
GetMultipleTrusteeA
GetSecurityDescriptorDacl
GetTokenInformation
QueryServiceStatus
RegDeleteKeyW
RegEnumValueW

user32

CallNextHookEx
DestroyMenu
FindWindowA
GetScrollInfo
IsCharAlphaNumericW
IsDialogMessageW
SetMessageExtraInfo
ValidateRgn

shell32

DllGetClassObject
DoEnvironmentSubstW
DragFinish
ExtractAssociatedIconExW
ExtractIconExW
ExtractIconResInfoA
SHBrowseForFolderW
SheGetDirW
SheRemoveQuotesA
ShellAboutW
ShellExecuteW

gdi32

Arc
CloseMetaFile
CopyMetaFileA
CopyMetaFileW
CreateICW
CreateMetaFileW
CreatePolygonRgn
EndPath
EnumICMProfilesW
EnumObjects
GetNearestPaletteIndex
GetStretchBltMode
SetDIBits
StartPage

Sections

.text
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 36KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE