12e1ab122f39462c2e53caa617276105

Sharing

Copy URL Twitter E-mail

General

Target

12e1ab122f39462c2e53caa617276105
Size

282KB
MD5

12e1ab122f39462c2e53caa617276105
SHA1

f3e93697cbc1858fae58e48fb542c79c6b1bcaa7
SHA256

b81b12c142cbc0f0c427ac3dc6dc0c31b7fa6e27c42a83f5ad1ad799c226c22a
SHA512

50686aee1837880f9959c20d5758dafbfcd432751f19a0bda42aef9f448b9e8e3698015cf66b7ee432fb0bb1c0b6139ac57b17afadda68d8e8db290c9fcb3f83
SSDEEP

6144:lYeMTEF/p/uwONct43j92U5AMhpFrwrPQtnnGBSZXzn5/:lY1w9pGHNu4B2U5AMhpdgKnlt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
12e1ab122f39462c2e53caa617276105

Files

12e1ab122f39462c2e53caa617276105
.exe windows:6 windows x86 arch:x86

e3f20809770433376d55cf81111daa41

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mfc140u

ord7653
ord995
ord1472
ord7997
ord2205
ord1511
ord952
ord13442
ord7313
ord13911
ord1105
ord6860
ord9209
ord10250
ord5763
ord12928
ord12219
ord12251
ord10433
ord8217
ord4589
ord12247
ord12239
ord5918
ord3852
ord6349
ord14668
ord6350
ord14669
ord6348
ord14667
ord8000
ord12531
ord14466
ord11983
ord11982
ord2034
ord7941
ord12947
ord4090
ord4152
ord9398
ord14595
ord7922
ord14589
ord12542
ord12541
ord2486
ord5357
ord8324
ord12865
ord8386
ord8470
ord2389
ord2385
ord5315
ord3162
ord4974
ord13756
ord2761
ord12220
ord9256
ord6129
ord6526
ord1002
ord286
ord1525
ord8464
ord2215
ord2246
ord3697
ord3816
ord4885
ord4477
ord3833
ord890
ord1391
ord11038
ord545
ord5646
ord3849
ord518
ord1154
ord4716
ord4736
ord8177
ord10379
ord3009
ord5921
ord3302
ord14507
ord14137
ord5586
ord7657
ord501
ord1143
ord4093
ord6316
ord498
ord1142
ord346
ord1060
ord4797
ord2378
ord4616
ord14057
ord6533
ord4664
ord12763
ord12884
ord12921
ord8360
ord2409
ord4912
ord4927
ord4988
ord4502
ord9693
ord4494
ord3055
ord14590
ord7923
ord14596
ord6877
ord11717
ord13703
ord5935
ord2682
ord12124
ord3941
ord3372
ord3371
ord3265
ord12168
ord5249
ord5549
ord5760
ord9350
ord5525
ord5790
ord5252
ord5411
ord5228
ord7722
ord7723
ord7712
ord5409
ord8219
ord10255
ord9210
ord9040
ord11015
ord8757
ord1526
ord11985
ord1692
ord1689
ord2990
ord5422
ord7820
ord7495
ord1113
ord6489
ord6566
ord3882
ord4815
ord2304
ord1111
ord462
ord7109
ord13417
ord1523
ord296
ord5074
ord290
ord5583
ord14405
ord1663
ord280
ord1045
ord266
ord265
ord8210
ord2760
ord12131
ord11396
ord10472
ord4092
ord3404
ord14785
ord10285
ord3403
ord3164
ord6218
ord10287
ord10286
ord13752
ord10284
ord10288
ord5652
ord11725
ord11726
ord9139
ord12089
ord3838
ord11936
ord14588
ord8965
ord12173
ord6978
ord11002
ord9235
ord3266
ord13878
ord12262
ord12258
ord1722
ord1744
ord1770
ord1756
ord1777
ord4936
ord5003
ord4948
ord4966
ord4960
ord4954
ord1653
ord5013
ord4997
ord3305
ord4942
ord285
ord5019
ord6220
ord1513

kernel32

GetLastError
InitializeCriticalSectionEx
OutputDebugStringW
DeleteCriticalSection
CreateFileW
DeviceIoControl
CloseHandle
WideCharToMultiByte
LoadLibraryA
GetProcAddress
InitializeCriticalSectionAndSpinCount
GetStartupInfoW
IsDebuggerPresent
InitializeSListHead
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
CreateEventW
GetModuleHandleW

user32

AppendMenuW
SendMessageW
IsIconic
LoadIconW
GetClientRect
DrawIcon
EnableWindow
GetSystemMenu
wsprintfW
GetSystemMetrics

comctl32

InitCommonControlsEx

shlwapi

PathFileExistsW

vcruntime140

memset
_except_handler4_common
__CxxFrameHandler3
memcpy

api-ms-win-crt-heap-l1-1-0

free
_set_new_mode

api-ms-win-crt-string-l1-1-0

strnlen
isspace
isprint
isalnum
tolower

api-ms-win-crt-runtime-l1-1-0

_initialize_onexit_table
_register_onexit_function
terminate
_controlfp_s
_crt_atexit
_c_exit
_cexit
exit
_exit
_initterm_e
_initterm
_get_wide_winmain_command_line
_initialize_wide_environment
_configure_wide_argv
_register_thread_local_exe_atexit_callback
_set_app_type
_seh_filter_exe

api-ms-win-crt-convert-l1-1-0

_wtoi
atoi
strtol

api-ms-win-crt-time-l1-1-0

_time64
_mktime64
_localtime64_s
wcsftime

api-ms-win-crt-math-l1-1-0

__setusermatherr

api-ms-win-crt-stdio-l1-1-0

__p__commode
_set_fmode

api-ms-win-crt-locale-l1-1-0

_configthreadlocale

Sections

.text
Size: 60KB - Virtual size: 59KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 69KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rmnet
Size: 128KB - Virtual size: 128KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

e3f20809770433376d55cf81111daa41

Headers

DLL Characteristics

File Characteristics

Imports

mfc140u

kernel32

user32

comctl32

shlwapi

vcruntime140

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-convert-l1-1-0

api-ms-win-crt-time-l1-1-0

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-locale-l1-1-0

Sections

.text Size: 60KB - Virtual size: 59KB

.rdata Size: 14KB - Virtual size: 13KB

.data Size: 4KB - Virtual size: 15KB

.rsrc Size: 69KB - Virtual size: 69KB

.reloc Size: 5KB - Virtual size: 5KB

.rmnet Size: 128KB - Virtual size: 128KB

.text
Size: 60KB - Virtual size: 59KB

.rdata
Size: 14KB - Virtual size: 13KB

.data
Size: 4KB - Virtual size: 15KB

.rsrc
Size: 69KB - Virtual size: 69KB

.reloc
Size: 5KB - Virtual size: 5KB

.rmnet
Size: 128KB - Virtual size: 128KB