06970130baa02778cc1b8114ff9a4712

Sharing

Copy URL

Twitter E-mail

General

Target

06970130baa02778cc1b8114ff9a4712
Size

46KB
MD5

06970130baa02778cc1b8114ff9a4712
SHA1

16bc1bb09ba9ea34d04ea5494c7acd4879aaaec8
SHA256

7d9a076af34b3777d7e737dea37feee074d50ce4514611b08f18b2ad62ccb194
SHA512

98eff0ffb8e6e2334739f901a12f6ef058cb911a5c44957b36452b7f76e8bdc74d6cfb8ee824d0dd02aff579c8b24ea771dd39e42edfc3955723524ae0bde23b
SSDEEP

768:hSeA2c591a2kyhfPbVsuSEF98khUeHquV+s45mLJqOrSFrNMcdZI:hb/zyZblhzHtV745arSFrNMsZI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
06970130baa02778cc1b8114ff9a4712

Files

06970130baa02778cc1b8114ff9a4712
.exe windows:5 windows x86 arch:x86

c244fce5528f653a385f81f23d0d2c61

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msi

MsiGetPatchInfoW
MsiGetFeatureStateW
MsiEnumFeaturesW
MsiAdvertiseProductW
MsiAdvertiseProductA
MsiIsProductElevatedW
MsiGetProductCodeFromPackageCodeW
MsiDatabaseCommit
MsiEnableUIPreview
MsiProvideComponentA
MsiGetComponentPathW
MsiEnumClientsA
MsiProvideQualifiedComponentExA
Migrate10CachedPackagesW
MsiDatabaseGetPrimaryKeysW
MsiGetFileHashW
MsiVerifyPackageA
MsiViewGetColumnInfo
MsiAdvertiseScriptW
MsiProcessAdvertiseScriptA
MsiGetSummaryInformationA
MsiRecordSetStreamA
MsiDatabaseGenerateTransformW

imagehlp

UnmapDebugInformation
SymRegisterFunctionEntryCallback64
SymGetModuleInfo
SymLoadModule
SymGetSymPrev64
ImagehlpApiVersion
SplitSymbols
ImageRvaToVa
UpdateDebugInfoFile
ImageNtHeader
ImageGetCertificateHeader
SymEnumSym
BindImageEx
SymGetTypeInfo
RemoveRelocations
ImageDirectoryEntryToData
GetImageUnusedHeaderBytes
SymEnumerateSymbols
SymGetLineNext64
MapFileAndCheckSumA
SymLoadModule64
SymGetOptions

advapi32

RegSetValueExW
LsaDeleteTrustedDomain
WmiEnumerateGuids
StartServiceA
BuildTrusteeWithObjectsAndNameA
CredpEncodeCredential
BuildTrusteeWithObjectsAndSidA
ConvertSecurityDescriptorToStringSecurityDescriptorA
CryptGetDefaultProviderA
MapGenericMask
CloseEncryptedFileRaw
RegQueryMultipleValuesW
LockServiceDatabase
GetNamedSecurityInfoExW
ConvertStringSDToSDRootDomainW
CancelOverlappedAccess
CryptSetProvParam

kernel32

SetSystemTime
IsDebuggerPresent
CreateWaitableTimerA
CopyFileExW
VirtualAlloc
SetLastError
GetCommConfig
GetExitCodeThread
lstrcatA
PurgeComm
LoadLibraryA
OutputDebugStringA
GetConsoleCursorInfo
SetFileTime
InitializeCriticalSection
ExitProcess
ReplaceFileW
CreatePipe
IsValidLocale
EnumResourceNamesA
EnumerateLocalComputerNamesW
GetEnvironmentStringsW
FreeLibraryAndExitThread
WritePrivateProfileStringW
GetStartupInfoA
QueryPerformanceFrequency
GetSystemTimeAsFileTime

rpcns4

RpcNsBindingLookupDone
RpcNsEntryObjectInqBeginW
RpcNsMgmtBindingUnexportW
RpcNsBindingExportA
I_RpcNsRaiseException
RpcNsGroupDeleteA
RpcNsProfileEltAddW
RpcNsGroupMbrRemoveA
RpcNsGroupDeleteW
RpcNsEntryObjectInqBeginA
I_RpcNsSendReceive
RpcNsGroupMbrInqNextW
RpcNsProfileEltRemoveW
RpcNsBindingImportBeginW
RpcNsBindingUnexportPnPW
RpcIfIdVectorFree
RpcNsProfileEltInqBeginW
RpcNsBindingSelect
RpcNsBindingUnexportA
RpcNsProfileEltRemoveA

scarddlg

GetOpenCardNameW
SCardUIDlgSelectCardW
SCardUIDlgSelectCardA
GetOpenCardNameA
SCardDlgExtendedError

Sections

.text
Size: 37KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 29KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

pgzetko
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

c244fce5528f653a385f81f23d0d2c61

Headers

DLL Characteristics

File Characteristics

Imports

msi

imagehlp

advapi32

kernel32

rpcns4

scarddlg

Sections

.text Size: 37KB - Virtual size: 36KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 2KB - Virtual size: 2KB

.rsrc Size: 1KB - Virtual size: 29KB

pgzetko Size: - Virtual size: 4KB

.text
Size: 37KB - Virtual size: 36KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 1KB - Virtual size: 29KB

pgzetko
Size: - Virtual size: 4KB