12e1dc4db670697f92719ccc698a787b20b6912ee4a79df72e794ef43c841d6bN[.]exe

General

Target

12e1dc4db670697f92719ccc698a787b20b6912ee4a79df72e794ef43c841d6bN.exe
Size

136KB
MD5

17a1ee02fc2cff0201adeba2756b3970
SHA1

5aa5efc5cf0c7a8a8133e81b23c00f3e04bcd6a0
SHA256

12e1dc4db670697f92719ccc698a787b20b6912ee4a79df72e794ef43c841d6b
SHA512

fcd9b06e591835ba9be3927522355351ab615f49a97def78c9e953f2978c09b5ff9e9de47f7ce781dc9e929c4ab0f723c85ba656d544b1f45f230cbf284955d0
SSDEEP

1536:1gmf5TfxYPfpoT/7ivK6Fr/E0odbbb2inHetkc5cqvnMg/WpRh70qQ4SDMTTtFVh:1rEnpofGTuXHHetkqcqvnhzdu7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
12e1dc4db670697f92719ccc698a787b20b6912ee4a79df72e794ef43c841d6bN.exe

Files

12e1dc4db670697f92719ccc698a787b20b6912ee4a79df72e794ef43c841d6bN.exe
.dll windows:4 windows x86 arch:x86

ed4f82ad2950705130fc63f35c08b2c6

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetStdHandle
EscapeCommFunction
FlushFileBuffers
lstrcmpA
ReadFile
ClearCommError
GetTickCount
WriteFile
SetCommState
BuildCommDCBA
GetCommState
CreateFileA
lstrcatA
lstrcpyA
lstrlenA
GetEnvironmentStrings
GetEnvironmentStringsW
GetStringTypeW
GetCommandLineA
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
TlsGetValue
SetHandleCount
CloseHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetStringTypeA
RtlUnwind
HeapDestroy
HeapCreate
VirtualFree
HeapFree
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
HeapAlloc
GetCPInfo
GetACP
GetOEMCP
VirtualAlloc
HeapReAlloc
GetProcAddress
LoadLibraryA
MultiByteToWideChar
LCMapStringA
LCMapStringW

user32

GetAsyncKeyState
CharUpperA

Exports

Exports

Rcard
Wcard

Sections

.text
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.text
Size: 108KB - Virtual size: 108KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

ed4f82ad2950705130fc63f35c08b2c6

Headers

File Characteristics

Imports

kernel32

user32

Exports

Exports

Sections

.text Size: 12KB - Virtual size: 11KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 4KB - Virtual size: 2KB

.reloc Size: 4KB - Virtual size: 1KB

.text Size: 108KB - Virtual size: 108KB

.text
Size: 12KB - Virtual size: 11KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 4KB - Virtual size: 2KB

.reloc
Size: 4KB - Virtual size: 1KB

.text
Size: 108KB - Virtual size: 108KB