12e1bf1fee2b2809f139415da22bf8d3 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

12e1bf1fee2b2809f139415da22bf8d3
Size

11KB
MD5

12e1bf1fee2b2809f139415da22bf8d3
SHA1

8959f9a12cb68f9cfed66ceef06cdd559abdeb71
SHA256

83f358f48d36e4ebcd45d8414f2a06db01bb09e77281c24068baa3021eda8adf
SHA512

263d32e2560e03428a20e61a22a045283d3222044ee1db926d8697a6e7383253f67ea7f30cc854240474a17527687beedad0a778f0c5e6c2c1f53a66b0a9102b
SSDEEP

192:Yaeob5eDP9k5VdfbmAZ2j9Bg1uV28IdWRlWhvLVOH8:Yad9eDPC5VdfbRy9m1y2DdyMhvLK8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
12e1bf1fee2b2809f139415da22bf8d3

Files

12e1bf1fee2b2809f139415da22bf8d3
.exe windows:4 windows x86 arch:x86

1ca80b649890fb6029d7d774756b18a0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrlenA
GetLastError
CreateEventA
lstrcatW
GlobalAlloc
lstrlenW
GetCommandLineW
LoadLibraryA
CloseHandle
WriteFile
GetSystemDirectoryA
CreateFileA
LockResource
LoadResource
GetModuleHandleA
FindResourceA
WaitForSingleObject
OpenProcess
Sleep
GetProcAddress
GetModuleFileNameA
lstrcpyA
lstrcmpiA
lstrcatA
SizeofResource
CopyFileA

user32

IsWindow
GetWindowThreadProcessId
FindWindowExA

advapi32

RegFlushKey
RegSetValueExA
RegQueryValueExA
RegOpenKeyExA
RegCreateKeyExA

shell32

CommandLineToArgvW
ShellExecuteW
ShellExecuteA

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ