e12987c89e1ddedd3834c6950e49b2c2 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

e12987c89e1ddedd3834c6950e49b2c2
Size

83KB
MD5

e12987c89e1ddedd3834c6950e49b2c2
SHA1

ca3b67f688d93a58a247bf7870c1e622a63d0294
SHA256

a44643f28ad91d85d555f020ac4bdfbc1f7bf708e095f2d7a2e9ceb1e1f8422c
SHA512

3febd5d2217f82bc9a9b840149938a0c1002ffee4d610b7ca1451b7d13de4f381bcda3402571ca71160ad233f38a30f9ddedacdf23448d48385916f7fd8118fd
SSDEEP

1536:OoZ35DHFb1WFGW3C05q/CUWriAkNLvOlUUvlqsRU74de4hrNzFf7nNY4swVPhGLI:5MTPwJF/Aq3aPzxrb3Hs2quciu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e12987c89e1ddedd3834c6950e49b2c2

Files

e12987c89e1ddedd3834c6950e49b2c2
.exe windows:4 windows x86 arch:x86

03f36689f8af30036e3dda7b8eae85c5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleExA
GetTempPathW
GetLocalTime
GetTapePosition
SetConsoleScreenBufferSize
OpenFile
IsBadHugeWritePtr
CreateFileA
SetCurrentDirectoryW
BaseCleanupAppcompatCacheSupport
IsSystemResumeAutomatic

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.brdata
Size: 27KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE