SecuriteInfo[.]com[.]Win32[.]RATX-gen[.]9059[.]21841[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

SecuriteInfo.com.Win32.RATX-gen.9059.21841.exe
Size

99KB
MD5

70177cf6cd1a0e9a13bfc079491aadf3
SHA1

8f07e82859f4a6ef71f9217104f615126f3fb16c
SHA256

5c9ebb54a9aa2a61203c05312763b2005702408f0a15ac79b88b96ee904abdaa
SHA512

2df6bca6557572fd11a86cee3e34015f29a40494d36e62477b5649e1d2268066cde2417c1c2d6f22c447325c7ba747010376c462d2109962871aa7ddee083300
SSDEEP

3072:3T4y0PhLuXXvtg4or6ep4rIekZG2zMBm/iPn2a6cN:3EPxYvMWezZTa

Score

N/A

Malware Config

Signatures

Files

SecuriteInfo.com.Win32.RATX-gen.9059.21841.exe
.exe windows x86

173ac54c63dde3a0c27bc2efc30e9403

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

imm32

ImmAssociateContext
ImmGetCandidateListCountA
ImmSetHotKey
ImmInstallIMEW
ImmGetCompositionFontW
ImmGetCandidateListCountW
ImmGetCompositionWindow

shlwapi

PathUnmakeSystemFolderW
SHRegQueryInfoUSKeyW
PathAddBackslashW
SHRegDeleteEmptyUSKeyA

kernel32

CreateFileW
GetFileSize
ReadFile
HeapAlloc
HeapFree
GetProcessHeap
SetEvent
DecodePointer
CreateEventW
VirtualAlloc
EnumSystemCodePagesW
GetConsoleMode
GetConsoleCP
FlushFileBuffers
HeapReAlloc
HeapSize
SetFilePointerEx
LCMapStringW
CloseHandle
WriteConsoleW
WaitForSingleObject
GetStringTypeW
SetStdHandle
FreeEnvironmentStringsW
GetEnvironmentStringsW
WideCharToMultiByte
MultiByteToWideChar
GetCommandLineW
GetCommandLineA
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
FindNextFileW
FindFirstFileExW
FindClose
GetFileType
GetModuleHandleExW
ExitProcess
GetModuleFileNameW
WriteFile
GetStdHandle
LoadLibraryExW
GetProcAddress
FreeLibrary
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetStartupInfoW
IsProcessorFeaturePresent
GetModuleHandleW
GetCurrentProcess
TerminateProcess
RtlUnwind
GetLastError
SetLastError
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
RaiseException

msi

ord121
ord146
ord22
ord43
ord63
ord33
ord162

msvfw32

ICCompress
ICImageDecompress
DrawDibDraw

avifil32

AVIStreamSetFormat
AVIStreamGetFrameClose

user32

GetSysColor
ActivateKeyboardLayout
GetAncestor
CharToOemBuffA
OemToCharA
MessageBoxIndirectW
DrawTextExA

wsock32

WSAAsyncGetServByPort
ord1141
getsockopt
sendto
ord1107
inet_ntoa
WSACleanup

odbc32

ord55
ord40
ord10
ord64
ord77
ord47
ord18
ord227

ole32

CoUninitialize
CoInitializeEx
CoGetClassObject
CoRegisterClassObject
CoRevokeClassObject
CoRegisterSurrogate
CoMarshalInterface
CoFreeUnusedLibraries
CLSIDFromString

Sections

.text
Size: 63KB - Virtual size: 63KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 27KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 512B - Virtual size: 176B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

173ac54c63dde3a0c27bc2efc30e9403

Headers

DLL Characteristics

File Characteristics

Imports

imm32

shlwapi

kernel32

msi

msvfw32

avifil32

user32

wsock32

odbc32

ole32

Sections

.text Size: 63KB - Virtual size: 63KB

.rdata Size: 27KB - Virtual size: 26KB

.data Size: 2KB - Virtual size: 4KB

.gfids Size: 512B - Virtual size: 176B

.rsrc Size: 512B - Virtual size: 480B

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 63KB - Virtual size: 63KB

.rdata
Size: 27KB - Virtual size: 26KB

.data
Size: 2KB - Virtual size: 4KB

.gfids
Size: 512B - Virtual size: 176B

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 4KB - Virtual size: 3KB