12fdc78729c4bf448ebbfbb2ed008ef8

Sharing

Copy URL Twitter E-mail

General

Target

12fdc78729c4bf448ebbfbb2ed008ef8
Size

584KB
MD5

12fdc78729c4bf448ebbfbb2ed008ef8
SHA1

2e37481f50f950a85214400912cbb5ac92baf82d
SHA256

51fc8f7953cf5c31ee6216b04c5d7536dc43d31058b19600ede3708190a06022
SHA512

619167d6a4611427cf707d23bdafcd75532add8ae5b3ca79737426c55f5334467df26f4f0c1192d590a335da4649469e36a679fbe05431c5e39ac137b617c77e
SSDEEP

12288:h99Icql+1hVauuBSKRXy4LB5ZFoEm7SLOKVKcAW3e:b9Icc+kyKFlLHZmSTLe

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
12fdc78729c4bf448ebbfbb2ed008ef8

Files

12fdc78729c4bf448ebbfbb2ed008ef8
.exe windows:5 windows x86 arch:x86

5981cb1adc0ae85c1841079a1f89762d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapSize
GetCPInfo
GetCommandLineW
LockResource
GetCurrentProcessId
SizeofResource
CreateProcessW
lstrlenW
GlobalAlloc
GlobalUnlock
GetEnvironmentStringsW
LCMapStringA
FindResourceW
GetConsoleCP
GlobalFree
lstrlenA
UnmapViewOfFile
GetLastError
LeaveCriticalSection
ExitProcess
TlsSetValue
GetFileType
CreateEventA
CreateFileW
WaitForMultipleObjects
FindNextFileA
CreateFileMappingA
CompareStringA
FindFirstFileA
lstrcmpA
CompareStringW
GetProcessHeap
GetSystemInfo
GetProcAddress
DeleteFileW
GetStartupInfoW
GetEnvironmentVariableA
GetWindowsDirectoryA
GetModuleHandleW
LCMapStringW
GetFileSize
SetErrorMode
GetStartupInfoA
FreeLibrary
DeleteFileA
LoadLibraryA
FlushFileBuffers
TlsAlloc
GetTickCount
QueryPerformanceCounter
SetEvent
LoadLibraryW
SetHandleCount
EnterCriticalSection
HeapFree
WriteConsoleW
InterlockedIncrement
GetCurrentThreadId
GetLocaleInfoA
SetEndOfFile
VirtualQuery
GetVersion
WriteConsoleA
GetCommandLineA
GetSystemDirectoryA
SetUnhandledExceptionFilter
CreateThread
SetFilePointer
CreateMutexA
GetLocalTime
MultiByteToWideChar
UnhandledExceptionFilter
GetModuleFileNameA
GetVersionExA
HeapAlloc
IsDebuggerPresent
GetModuleFileNameW
TlsGetValue
SetLastError
GetCurrentThread
FormatMessageA
InterlockedDecrement
FindClose
LoadResource
InitializeCriticalSection
GetExitCodeProcess
FormatMessageW
LocalFree
GetOEMCP
GetFullPathNameA
GetStringTypeW
HeapReAlloc
GetSystemTimeAsFileTime
WriteFile
InterlockedExchange
GetStringTypeA
lstrcmpiA
WideCharToMultiByte
GetTempPathA
SetStdHandle
FreeEnvironmentStringsW
LoadLibraryExW
CreateFileA
LocalAlloc
GetConsoleMode
GetCurrentDirectoryA
GetCurrentProcess
DeleteCriticalSection
FreeEnvironmentStringsA
GetFileAttributesW
HeapDestroy
FindFirstFileW
WaitForSingleObject
GetFileAttributesA
FileTimeToSystemTime
ReleaseMutex
GetConsoleOutputCP
GetStdHandle
RtlUnwind
InterlockedCompareExchange
RaiseException
MapViewOfFile
TlsFree
GetModuleHandleA
ReadFile
CloseHandle
GetACP
GlobalLock
GetEnvironmentStrings
CreateProcessA
IsValidCodePage
HeapCreate
VirtualFree
Sleep
VirtualAlloc
TerminateProcess
ResetEvent

user32

GetWindowRect
GetSystemMetrics
DefWindowProcA
KillTimer
BeginPaint
MapWindowPoints
DispatchMessageA
FillRect
CreateWindowExA
GetSubMenu
EnableMenuItem
LoadStringA
GetWindow
IsWindowEnabled
TranslateMessage
PeekMessageA
SetWindowLongA
ShowWindow
UpdateWindow
GetParent
GetMessageA
DestroyWindow
GetCursorPos
GetDC
ReleaseCapture
IsWindow
SetWindowPos
LoadBitmapA
PostQuitMessage
SetFocus
SetWindowTextA
GetWindowLongA
SetTimer
GetDlgItem
LoadCursorA
LoadIconA
GetDesktopWindow
SetForegroundWindow
ReleaseDC
EndDialog
MessageBoxA
GetSysColor
GetKeyState
SystemParametersInfoA
IsWindowVisible
DrawTextA
InvalidateRect
SendMessageA
GetClientRect
CallWindowProcA
EnableWindow
SetCursor
EndPaint
ScreenToClient

ole32

CoCreateInstance
CoTaskMemAlloc
CoUninitialize

gdi32

SetBkColor
CreateFontIndirectA
SetBkMode
GetDeviceCaps
DeleteObject
DeleteDC
GetStockObject
BitBlt
CreateSolidBrush
SelectObject

advapi32

RegOpenKeyExA
RegQueryValueExA
RegDeleteValueA
RegDeleteKeyA
RegSetValueExA
RegCloseKey

oleaut32

SysStringLen
SysFreeString
VariantInit
SysAllocString
VariantClear

Sections

.text
Size: 464KB - Virtual size: 461KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 84KB - Virtual size: 82KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5981cb1adc0ae85c1841079a1f89762d

Headers

File Characteristics

Imports

kernel32

user32

ole32

gdi32

advapi32

oleaut32

Sections

.text Size: 464KB - Virtual size: 461KB

.rdata Size: 84KB - Virtual size: 82KB

.data Size: 28KB - Virtual size: 31KB

.rsrc Size: 4KB - Virtual size: 1KB

.text
Size: 464KB - Virtual size: 461KB

.rdata
Size: 84KB - Virtual size: 82KB

.data
Size: 28KB - Virtual size: 31KB

.rsrc
Size: 4KB - Virtual size: 1KB