SecuriteInfo[.]com[.]Variant[.]Zusy[.]445806[.]4263[.]20708[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

SecuriteInfo.com.Variant.Zusy.445806.4263.20708.exe
Size

116KB
MD5

1e3cbaab4ed1697a4a2b784811daa75e
SHA1

27123aae869b69703cce3c15d586e4bc02de86ee
SHA256

544d096545b16b8fad925d02569f357488e12ca11acb33e64b4737557bff4a5d
SHA512

a461e859c974ecf47e9509c99a73970962054d7cc96a5524d31a10ae53bcc785e94b71b20c50640f1d25601a4514f0a1420d2de817dfac0f5aecdacd4be786b8
SSDEEP

3072:6nKP3h4ZqxYTkMJAcPieyz02FhYqMlaXPTPc2oDl:kKZ4ZqxTMIj02LJLoDl

Score

N/A

Malware Config

Signatures

Files

SecuriteInfo.com.Variant.Zusy.445806.4263.20708.exe
.exe windows x86

007dc2957dbc6977d944e5e81fe0866f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

imm32

ImmSetCompositionStringA
ImmGetCandidateWindow
ImmDestroyContext

kernel32

lstrlenW
ExitProcess
LocalFree
CompareStringW
FindClose
FindFirstFileW
GetFileAttributesW
lstrcatW
GetFullPathNameW
lstrcpyW
GetEnvironmentVariableW
GetExitCodeProcess
WaitForSingleObject
AssignProcessToJobObject
SetInformationJobObject
CreateJobObjectA
SetConsoleCtrlHandler
GetLastError
CreateProcessW
GetBinaryTypeW
VirtualAlloc
Sleep
GetTickCount
GetStdHandle
WriteConsoleW
GetOEMCP
WideCharToMultiByte
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
SetEndOfFile
HeapSize
HeapReAlloc
GetStringTypeW
LCMapStringW
CreateFileW
CloseHandle
FlushFileBuffers
SetStdHandle
GetLocaleInfoW
LoadLibraryW
InterlockedExchange
FreeLibrary
FatalAppExitA
IsValidCodePage
GetACP
GetCPInfo
GetConsoleMode
GetConsoleCP
GetProcessHeap
HeapAlloc
WriteFile
HeapFree
GetCommandLineW
HeapSetInformation
GetStartupInfoW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
EncodePointer
DecodePointer
TerminateProcess
GetCurrentProcess
GetProcAddress
GetModuleHandleW
GetModuleFileNameW
HeapCreate
HeapDestroy
IsProcessorFeaturePresent
MultiByteToWideChar
ReadFile
EnterCriticalSection
LeaveCriticalSection
SetHandleCount
InitializeCriticalSectionAndSpinCount
GetFileType
DeleteCriticalSection
SetFilePointer
RtlUnwind
FreeEnvironmentStringsW
GetEnvironmentStringsW
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
InterlockedDecrement
GetCurrentThread
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
IsValidLocale

gdi32

AngleArc
SetICMProfileW
PolyPatBlt

pdh

PdhExpandCounterPathW
PdhIsRealTimeQuery
PdhSetCounterScaleFactor
PdhCollectQueryData

winspool.drv

DeletePrinterDataA
SetPortA

shell32

SHAppBarMessage
CommandLineToArgvW
ShellExecuteExW

ws2_32

WSAJoinLeaf
recv
WSAEventSelect

resutils

ResUtilVerifyResourceService
ResUtilSetExpandSzValue
ResUtilGetPropertySize
ClusWorkerCheckTerminate
ResUtilEnumPrivateProperties

comdlg32

GetOpenFileNameW
GetOpenFileNameA
CommDlgExtendedError

Sections

.text
Size: 93KB - Virtual size: 92KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

007dc2957dbc6977d944e5e81fe0866f

Headers

DLL Characteristics

File Characteristics

Imports

imm32

kernel32

gdi32

pdh

winspool.drv

shell32

ws2_32

resutils

comdlg32

Sections

.text Size: 93KB - Virtual size: 92KB

.rdata Size: 14KB - Virtual size: 13KB

.data Size: 4KB - Virtual size: 11KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 93KB - Virtual size: 92KB

.rdata
Size: 14KB - Virtual size: 13KB

.data
Size: 4KB - Virtual size: 11KB

.reloc
Size: 4KB - Virtual size: 3KB