SecuriteInfo[.]com[.]Win32[.]RATX-gen[.]28388[.]29304[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

SecuriteInfo.com.Win32.RATX-gen.28388.29304.exe
Size

99KB
MD5

258d7af9da086046c3021ac1f50e3a5a
SHA1

0b1a9b2c1c6dd75a0a24a904aa4938c045886b59
SHA256

26067c6b759a301e93dbe4ab1edf45acc0fd0177c53fc8ba906bfad3589eecb7
SHA512

0427b21f96a2b46f4c2316b94803f6d55f8648cbe3c655be0eb6805e24eb354593cc8ecd801bf064d02988f27891b918049668d08dd738578312a94e25ecae59
SSDEEP

3072:gQ4S0vhLBXXvNg4or6ep4rIekZG2zMBG/aPn2a6aD9:gjPxJvsWezZHM

Score

N/A

Malware Config

Signatures

Files

SecuriteInfo.com.Win32.RATX-gen.28388.29304.exe
.exe windows x86

173ac54c63dde3a0c27bc2efc30e9403

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

imm32

ImmAssociateContext
ImmGetCandidateListCountA
ImmSetHotKey
ImmInstallIMEW
ImmGetCompositionFontW
ImmGetCandidateListCountW
ImmGetCompositionWindow

shlwapi

PathUnmakeSystemFolderW
SHRegQueryInfoUSKeyW
PathAddBackslashW
SHRegDeleteEmptyUSKeyA

kernel32

CreateFileW
GetFileSize
ReadFile
HeapAlloc
HeapFree
GetProcessHeap
SetEvent
DecodePointer
CreateEventW
VirtualAlloc
EnumSystemCodePagesW
GetConsoleMode
GetConsoleCP
FlushFileBuffers
HeapReAlloc
HeapSize
SetFilePointerEx
LCMapStringW
CloseHandle
WriteConsoleW
WaitForSingleObject
GetStringTypeW
SetStdHandle
FreeEnvironmentStringsW
GetEnvironmentStringsW
WideCharToMultiByte
MultiByteToWideChar
GetCommandLineW
GetCommandLineA
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
FindNextFileW
FindFirstFileExW
FindClose
GetFileType
GetModuleHandleExW
ExitProcess
GetModuleFileNameW
WriteFile
GetStdHandle
LoadLibraryExW
GetProcAddress
FreeLibrary
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetStartupInfoW
IsProcessorFeaturePresent
GetModuleHandleW
GetCurrentProcess
TerminateProcess
RtlUnwind
GetLastError
SetLastError
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
RaiseException

msi

ord121
ord146
ord22
ord43
ord63
ord33
ord162

msvfw32

ICCompress
ICImageDecompress
DrawDibDraw

avifil32

AVIStreamSetFormat
AVIStreamGetFrameClose

user32

GetSysColor
ActivateKeyboardLayout
GetAncestor
CharToOemBuffA
OemToCharA
MessageBoxIndirectW
DrawTextExA

wsock32

WSAAsyncGetServByPort
ord1141
getsockopt
sendto
ord1107
inet_ntoa
WSACleanup

odbc32

ord55
ord40
ord10
ord64
ord77
ord47
ord18
ord227

ole32

CoUninitialize
CoInitializeEx
CoGetClassObject
CoRegisterClassObject
CoRevokeClassObject
CoRegisterSurrogate
CoMarshalInterface
CoFreeUnusedLibraries
CLSIDFromString

Sections

.text
Size: 63KB - Virtual size: 63KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 27KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 512B - Virtual size: 176B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

173ac54c63dde3a0c27bc2efc30e9403

Headers

DLL Characteristics

File Characteristics

Imports

imm32

shlwapi

kernel32

msi

msvfw32

avifil32

user32

wsock32

odbc32

ole32

Sections

.text Size: 63KB - Virtual size: 63KB

.rdata Size: 27KB - Virtual size: 26KB

.data Size: 2KB - Virtual size: 4KB

.gfids Size: 512B - Virtual size: 176B

.rsrc Size: 512B - Virtual size: 480B

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 63KB - Virtual size: 63KB

.rdata
Size: 27KB - Virtual size: 26KB

.data
Size: 2KB - Virtual size: 4KB

.gfids
Size: 512B - Virtual size: 176B

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 4KB - Virtual size: 3KB