SecuriteInfo[.]com[.]Variant[.]Jaik[.]94950[.]4587[.]18705[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

SecuriteInfo.com.Variant.Jaik.94950.4587.18705.exe
Size

108KB
MD5

a5301fd58f3c2a25c027839129732bf7
SHA1

28d40ae262a3340f8c0aff52731b692dee5d714f
SHA256

21d1c63fcea6b4acf886dfbed60be3a3cd5c8560ec9e3b4d1232fde22355305e
SHA512

971cc341c0e5fa9923728a7380c96e23a3accc429cd652f74cf4444e27c88a4fa4768263ab8aa2c41411ea1a7af09740dbaba35fffbe68e0e88465e11a2d7b2a
SSDEEP

3072:qRIYo30ZCJSxPQdrzokRIEoTDfcepEgSEkTAnpdgNN3ymQf:qRGEpQF8jEZgOEf

Score

1^/10

Malware Config

Signatures

Files

SecuriteInfo.com.Variant.Jaik.94950.4587.18705.exe
.exe windows x86

0ffce9bf950c7c47ebc72dd4c8d35580

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

UrlIsOpaqueW
PathFindNextComponentA
StrCSpnA
UrlIsOpaqueA
StrRStrIA
UrlUnescapeW
PathStripToRootA
SHRegWriteUSValueA

kernel32

lstrlenW
FormatMessageW
VirtualAlloc
GetProcessHeap
HeapFree
HeapReAlloc
HeapAlloc
SetLastError
FileTimeToSystemTime
GetLastError
GetStringTypeW
SetStdHandle
FreeEnvironmentStringsW
GetEnvironmentStringsW
WideCharToMultiByte
GetCommandLineW
GetCommandLineA
GetCPInfo
GetDateFormatW
GetACP
IsValidCodePage
FindNextFileW
FindFirstFileExW
SetFilePointerEx
FindClose
ReadConsoleW
GetConsoleMode
ReadFile
GetFileType
GetModuleHandleExW
ExitProcess
WriteConsoleW
GetModuleFileNameW
WriteFile
GetStdHandle
RaiseException
LoadLibraryExW
GetProcAddress
FreeLibrary
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
LeaveCriticalSection
MultiByteToWideChar
GetLocaleInfoW
GetOEMCP
CloseHandle
CreateFileW
HeapSize
FlushFileBuffers
GetConsoleCP
SetEndOfFile
DecodePointer
LCMapStringW
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetStartupInfoW
IsProcessorFeaturePresent
GetModuleHandleW
GetCurrentProcess
TerminateProcess
RtlUnwind
EnterCriticalSection

crypt32

CertGetPublicKeyLength
CertGetNameStringW
CertNameToStrW
CertVerifyCRLRevocation
CryptSignMessageWithKey
CryptSignCertificate
CertStrToNameW
CryptSignAndEncryptMessage
CryptDecodeMessage
CertAddEncodedCertificateToStore
CryptFormatObject
CryptFindOIDInfo

mswsock

dn_expand
MigrateWinsockConfiguration
s_perror
GetTypeByNameW
NPLoadNameSpaces

mpr

WNetGetProviderNameW
WNetCancelConnectionA
WNetGetLastErrorW
WNetOpenEnumW
WNetGetUniversalNameW
MultinetGetConnectionPerformanceA
WNetCancelConnectionW

msvfw32

MCIWndCreate
DrawDibStop
DrawDibChangePalette

avifil32

AVIStreamRelease

msi

ord134
ord103
ord50
ord74
ord160

user32

LoadStringW

Sections

.text
Size: 70KB - Virtual size: 70KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0ffce9bf950c7c47ebc72dd4c8d35580

Headers

DLL Characteristics

File Characteristics

Imports

shlwapi

kernel32

crypt32

mswsock

mpr

msvfw32

avifil32

msi

user32

Sections

.text Size: 70KB - Virtual size: 70KB

.rdata Size: 28KB - Virtual size: 28KB

.data Size: 3KB - Virtual size: 5KB

.rsrc Size: 512B - Virtual size: 480B

.reloc Size: 4KB - Virtual size: 4KB

.text
Size: 70KB - Virtual size: 70KB

.rdata
Size: 28KB - Virtual size: 28KB

.data
Size: 3KB - Virtual size: 5KB

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 4KB - Virtual size: 4KB