SecuriteInfo[.]com[.]Variant[.]Lazy[.]254423[.]17961[.]21453[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

SecuriteInfo.com.Variant.Lazy.254423.17961.21453.exe
Size

130KB
MD5

22f565d3abf33d622132ca0774d96417
SHA1

205e75512bd7c679ccd2238da5a3c8c8155e7191
SHA256

d5864da0f90081923286cabd8512bc49e73f0074808cc2efff1d2df9d0261b3a
SHA512

0d0e5bf1e34d431ea898d8070b04f81873545ab982835ae30815cf9b3867656f6a68cd060481d6cda7e6e7d7e19dbefcb3d71263274cd73b8d7c5d2268f69b13
SSDEEP

3072:pyCsPEvMCi32nCnQCs0Bl88iRX8+Ryw09hJFTa3zFFh:M9PkKu5/dt8+chJ8FFh

Score

N/A

Malware Config

Signatures

Files

SecuriteInfo.com.Variant.Lazy.254423.17961.21453.exe
.exe windows x86

8b2d7a909fdcb6b6fba5c5fc482d0bd3

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

imm32

ImmGetCompositionFontA
ImmSetHotKey
ImmCreateSoftKeyboard
ImmEscapeA
ImmGetConversionListW
ImmIsIME
ImmCreateIMCC

kernel32

CreateFileW
GetFileSize
ReadFile
GetTempPathW
VirtualAlloc
lstrcatW
EnumResourceTypesW
GetConsoleWindow
WriteConsoleW
CloseHandle
SetFilePointerEx
GetConsoleMode
GetConsoleOutputCP
FlushFileBuffers
HeapReAlloc
HeapSize
GetProcessHeap
LCMapStringW
CompareStringW
GetStringTypeW
GetFileType
SetStdHandle
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
WideCharToMultiByte
MultiByteToWideChar
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
FindNextFileW
FindFirstFileExW
FindClose
HeapFree
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetStartupInfoW
IsProcessorFeaturePresent
GetModuleHandleW
GetCurrentProcess
TerminateProcess
RtlUnwind
GetLastError
SetLastError
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
GetProcAddress
LoadLibraryExW
RaiseException
GetStdHandle
WriteFile
GetModuleFileNameW
ExitProcess
GetModuleHandleExW
GetCommandLineA
GetCommandLineW
HeapAlloc
DecodePointer

wsnmp32

ord206
ord102
ord100
ord400
ord603

shell32

SHGetPathFromIDListA
SHFileOperationW
FindExecutableW

mpr

WNetGetUniversalNameA
WNetCancelConnectionA
WNetConnectionDialog
WNetUseConnectionW

setupapi

SetupDiGetINFClassA
SetupDiDeleteDeviceInterfaceRegKey
SetupScanFileQueueW
SetupDiCallClassInstaller

mswsock

rresvport
getnetbyname
inet_network
sethostname
GetTypeByNameW
GetAddressByNameW

rpcrt4

I_RpcBindingInqDynamicEndpointA
RpcCancelThread
I_RpcSend
NdrServerInitializeNew
NdrStubInitializeMarshall

user32

ShowWindow

Sections

.text
Size: 98KB - Virtual size: 98KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8b2d7a909fdcb6b6fba5c5fc482d0bd3

Headers

DLL Characteristics

File Characteristics

Imports

imm32

kernel32

wsnmp32

shell32

mpr

setupapi

mswsock

rpcrt4

user32

Sections

.text Size: 98KB - Virtual size: 98KB

.rdata Size: 24KB - Virtual size: 23KB

.data Size: 2KB - Virtual size: 4KB

.rsrc Size: 512B - Virtual size: 480B

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 98KB - Virtual size: 98KB

.rdata
Size: 24KB - Virtual size: 23KB

.data
Size: 2KB - Virtual size: 4KB

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 4KB - Virtual size: 3KB