12e9824ce324feb6e6eb4eecf0c169e8 | Triage

Sharing

General

Target

12e9824ce324feb6e6eb4eecf0c169e8
Size

28KB
MD5

12e9824ce324feb6e6eb4eecf0c169e8
SHA1

03a5ed62a4e3ce2905ba9b6f1e705c26979ca3f7
SHA256

19701b6172156b7b18a7fe801d1eac74ca4659a0d3831e202fbc70838ef7d63b
SHA512

c0add20bc1f0ec7d3590aa7f043c1efe5a83d0c6ed93b327a69c56b54497a43beb8d4935073902581949a8245f9b92a2162357c1ec9db3a3381daa7048aa9d7a
SSDEEP

384:2CaEepgsGOCmOoQPBZQUQ5yOEP/iHIeekK6XulD8ahHxTbvnHqpM2EJaUWVpr/FN:AOOvQP0iiolrGuJhHlbnOM2HVplIA39

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
12e9824ce324feb6e6eb4eecf0c169e8

Files

12e9824ce324feb6e6eb4eecf0c169e8
.dll windows:4 windows x86 arch:x86

caec7db394d0caf92b6d043ae87f43d9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CopyFileExW
DnsHostnameToComputerNameA
MoveFileExW
lstrcpynW
ReleaseSemaphore
GetProcessTimes
HeapUnlock
GetCommandLineA
ExitProcess
GetStartupInfoA

Sections

.text
Size: 5KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 19KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE