12f883193961a9b689969902d8502a49 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

12f883193961a9b689969902d8502a49
Size

229KB
MD5

12f883193961a9b689969902d8502a49
SHA1

5cec4b110d8071bd32e05a458b91bc7ff32ca971
SHA256

47e020bf0366556a1c41565034a2f15ffad9c4a044d7cca2b015002a2df392a9
SHA512

d882abb1ed4c7ab777a1666da1305e2c408f9d44a39260158f1e77861f8a2eedaa04fccaab7655484311199bda563b4aebf6ad23d4482086baa9f83590348114
SSDEEP

3072:ENd8pQmfoF68y1nE0lQkGXQioY4BzVRMDHFtBp4VCMq6FuSow6/1Zf/y1h7Ea7S8:EUrZnE3F/nyzVRXVzq6F3/W3fth8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
12f883193961a9b689969902d8502a49

Files

12f883193961a9b689969902d8502a49
.dll windows:4 windows x86 arch:x86

3b6e3b0f276cd8981b021d6bbced6749

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

user32

MessageBoxA

kernel32

ExitProcess
GetSystemTimeAsFileTime
CloseHandle
GetStartupInfoA
GetModuleHandleA

advapi32

RegQueryValueA
RegCloseKey
RegOpenKeyExA

Sections

.text
Size: 76KB - Virtual size: 76KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.itext
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 151KB - Virtual size: 580KB

IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ