c12e396553288651cc3a306b946d9018

Sharing

Copy URL Twitter E-mail

General

Target

c12e396553288651cc3a306b946d9018
Size

13KB
MD5

c12e396553288651cc3a306b946d9018
SHA1

5be956cd4f88d87a42e3a8f8fc1aa05f7127a308
SHA256

a69fce8a66637afe25b21a89ae11a1a262e83cc21c51a899f62885a4375898e3
SHA512

3f39e631e3d6a82db8b76ae1dc4330c216208bd660ab7188b67bd751d933de4cfb19d0ec657aaf0c418b45fb9411ae41ab482f2a9a73ad8f9936595b364cfd6d
SSDEEP

384:7y+vKD9a2jsNihSZbqCQ00FWN4vVjc4ugRx:O2KD9IfqC0MWvm4nz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c12e396553288651cc3a306b946d9018

Files

c12e396553288651cc3a306b946d9018
.exe windows:4 windows x86 arch:x86

bd4a0c1e895e00307fcb54fd7ab0db52

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLastError
GetCommandLineA
FreeLibrary
VirtualFreeEx
GetExitCodeThread
WaitForSingleObject
CreateRemoteThread
GetVersion
GetModuleHandleA
OpenProcess
CloseHandle
GetProcAddress
LoadLibraryA
VirtualFree
GetCurrentDirectoryA
GetFileAttributesA
VirtualAlloc
WideCharToMultiByte
VirtualAllocEx
WriteProcessMemory
GetCurrentProcess

advapi32

OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
OpenSCManagerA
CloseServiceHandle

mfc42

ord815
ord353
ord823
ord268
ord561
ord1567
ord800
ord532
ord540
ord1575
ord825

msvcrt

memcpy
strncpy
_CxxThrowException
??1type_info@@UAE@XZ
__dllonexit
_onexit
_exit
_XcptFilter
exit
printf
__CxxFrameHandler
sprintf
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
memcmp
sscanf
memset
strncmp
_lrotl
__getmainargs
__p___initenv
_initterm
_unlink
_stricmp
_strnicmp

msvcp60

??1_Winit@std@@QAE@XZ
??0_Winit@std@@QAE@XZ
??1Init@ios_base@std@@QAE@XZ
??0Init@ios_base@std@@QAE@XZ
?cerr@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
??6std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@PBD@Z
?endl@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@1@AAV21@@Z

Sections

.text
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 404KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.WWP32
Size: 1024B - Virtual size: 712B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

bd4a0c1e895e00307fcb54fd7ab0db52

Headers

File Characteristics

Imports

kernel32

advapi32

mfc42

msvcrt

msvcp60

Sections

.text Size: 5KB - Virtual size: 8KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 2KB - Virtual size: 404KB

.rsrc Size: 512B - Virtual size: 16B

.WWP32 Size: 1024B - Virtual size: 712B

.text
Size: 5KB - Virtual size: 8KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 2KB - Virtual size: 404KB

.rsrc
Size: 512B - Virtual size: 16B

.WWP32
Size: 1024B - Virtual size: 712B