SecuriteInfo[.]com[.]Variant[.]Jaik[.]94950[.]23936[.]2151[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

SecuriteInfo.com.Variant.Jaik.94950.23936.2151.exe
Size

108KB
MD5

391c069b1002b5d1e70d75c82255167c
SHA1

3199e8dccc508db51cb719026ce4a3c12ddb98e1
SHA256

c0187838bd5992492fe2230c5bf59c072944ea98c4401c4992321d8dbc8645d7
SHA512

1e1c458456bf17cfb84083658b590f31c987d3220c18a1166dd2c71bdda7d914b6a315a3c1c267a95367cd9b98e15fb1d07d92f9edcaa557d5495f2c4f336165
SSDEEP

3072:URIYo30ZCJSxPQdrzokRIEoTDfcepEgSEkTAnpdgNNkymQf:URGEpQF8jEZgO5f

Score

1^/10

Malware Config

Signatures

Files

SecuriteInfo.com.Variant.Jaik.94950.23936.2151.exe
.exe windows x86

0ffce9bf950c7c47ebc72dd4c8d35580

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

UrlIsOpaqueW
PathFindNextComponentA
StrCSpnA
UrlIsOpaqueA
StrRStrIA
UrlUnescapeW
PathStripToRootA
SHRegWriteUSValueA

kernel32

lstrlenW
FormatMessageW
VirtualAlloc
GetProcessHeap
HeapFree
HeapReAlloc
HeapAlloc
SetLastError
FileTimeToSystemTime
GetLastError
GetStringTypeW
SetStdHandle
FreeEnvironmentStringsW
GetEnvironmentStringsW
WideCharToMultiByte
GetCommandLineW
GetCommandLineA
GetCPInfo
GetDateFormatW
GetACP
IsValidCodePage
FindNextFileW
FindFirstFileExW
SetFilePointerEx
FindClose
ReadConsoleW
GetConsoleMode
ReadFile
GetFileType
GetModuleHandleExW
ExitProcess
WriteConsoleW
GetModuleFileNameW
WriteFile
GetStdHandle
RaiseException
LoadLibraryExW
GetProcAddress
FreeLibrary
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
LeaveCriticalSection
MultiByteToWideChar
GetLocaleInfoW
GetOEMCP
CloseHandle
CreateFileW
HeapSize
FlushFileBuffers
GetConsoleCP
SetEndOfFile
DecodePointer
LCMapStringW
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetStartupInfoW
IsProcessorFeaturePresent
GetModuleHandleW
GetCurrentProcess
TerminateProcess
RtlUnwind
EnterCriticalSection

crypt32

CertGetPublicKeyLength
CertGetNameStringW
CertNameToStrW
CertVerifyCRLRevocation
CryptSignMessageWithKey
CryptSignCertificate
CertStrToNameW
CryptSignAndEncryptMessage
CryptDecodeMessage
CertAddEncodedCertificateToStore
CryptFormatObject
CryptFindOIDInfo

mswsock

dn_expand
MigrateWinsockConfiguration
s_perror
GetTypeByNameW
NPLoadNameSpaces

mpr

WNetGetProviderNameW
WNetCancelConnectionA
WNetGetLastErrorW
WNetOpenEnumW
WNetGetUniversalNameW
MultinetGetConnectionPerformanceA
WNetCancelConnectionW

msvfw32

MCIWndCreate
DrawDibStop
DrawDibChangePalette

avifil32

AVIStreamRelease

msi

ord134
ord103
ord50
ord74
ord160

user32

LoadStringW

Sections

.text
Size: 70KB - Virtual size: 70KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0ffce9bf950c7c47ebc72dd4c8d35580

Headers

DLL Characteristics

File Characteristics

Imports

shlwapi

kernel32

crypt32

mswsock

mpr

msvfw32

avifil32

msi

user32

Sections

.text Size: 70KB - Virtual size: 70KB

.rdata Size: 28KB - Virtual size: 28KB

.data Size: 3KB - Virtual size: 5KB

.rsrc Size: 512B - Virtual size: 480B

.reloc Size: 4KB - Virtual size: 4KB

.text
Size: 70KB - Virtual size: 70KB

.rdata
Size: 28KB - Virtual size: 28KB

.data
Size: 3KB - Virtual size: 5KB

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 4KB - Virtual size: 4KB