SecuriteInfo[.]com[.]Trojan[.]GenericKD[.]66504432[.]19604[.]15374[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

SecuriteInfo.com.Trojan.GenericKD.66504432.19604.15374.exe
Size

323KB
MD5

e5a5cf018f413821c97986712e5077c2
SHA1

396cd07035c0e37877a477558d1678efccccf7a3
SHA256

d6e9e0693933f4a4a37d42102ae0a725ff42b7a10c2ed5d5cb440facd59fe962
SHA512

3bcad6fd418ef35e9dfdca1d3db859cf0b90ef13e6b5ac78c3c44742e3348aab20bb65d3b06d66c7bf5f6a7e962d30e322a19afef159168bda3b058dfd09240b
SSDEEP

6144:wa7/sMtu5lWAhp+bbjVlp+UhPz3vLs5ync8lqr7zlJw6tTYg3pBwKF:X7UxpwbplpLhPM4nc8lqzuWB

Score

1^/10

Malware Config

Signatures

Files

SecuriteInfo.com.Trojan.GenericKD.66504432.19604.15374.exe
.exe windows x86

72924ac5a91f563b1f01c642ae375f4b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ImageList_Create
PropertySheetW
ImageList_Destroy
ImageList_SetBkColor
ImageList_AddMasked

kernel32

lstrcmpW
lstrcpynW
lstrcpyW
lstrcatW
lstrlenW
CreateFileMappingA
FileTimeToSystemTime
GetDateFormatW
MultiByteToWideChar
GetLocaleInfoW
WriteConsoleW
ReadConsoleW
ReadFile
SetFilePointerEx
GetFileSizeEx
GetConsoleMode
GetConsoleOutputCP
FlushFileBuffers
HeapSize
SetConsoleCtrlHandler
LCMapStringW
CompareStringW
GetTimeFormatW
GetTempPathW
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetFileType
SetStdHandle
SetEnvironmentVariableW
VirtualFree
FreeEnvironmentStringsW
GetEnvironmentStringsW
VirtualAlloc
GetProcessHeap
GetCommandLineW
GetCommandLineA
GetCPInfo
FormatMessageW
GetACP
IsValidCodePage
FindNextFileW
FindFirstFileExW
FindClose
OutputDebugStringW
GetCurrentThread
GetStringTypeW
GetModuleHandleExW
ExitProcess
GetModuleFileNameW
GetStdHandle
RaiseException
EncodePointer
LoadLibraryExW
GetProcAddress
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
RtlUnwind
InterlockedFlushSList
InterlockedPushEntrySList
TerminateProcess
GetCurrentProcess
GetModuleHandleW
DecodePointer
IsProcessorFeaturePresent
GetStartupInfoW
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsDebuggerPresent
InitializeSListHead
GetSystemTimeAsFileTime
MulDiv
LocalFree
FreeLibrary
LoadLibraryW
DisableThreadLibraryCalls
UnmapViewOfFile
GetOEMCP
HeapFree
HeapReAlloc
HeapAlloc
SetLastError
GetLastError
CloseHandle
WriteFile
CreateFileW
CreateFileA
CompareFileTime
MapViewOfFile
WideCharToMultiByte
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter

resutils

ResUtilSetDwordValue
ResUtilGetMultiSzProperty
ResUtilStopResourceService
ClusWorkerTerminate
ResUtilStartResourceService
ResUtilGetEnvironmentWithNetName
ResUtilFindSzProperty

mapi32

ord21
ord151
ord76
ord78
ord156
ord160
ord206
ord162

msvfw32

DrawDibTime
GetOpenFileNamePreviewW
ICDecompress

avifil32

AVIStreamInfoA

msacm32

acmMetrics
acmFormatDetailsA
acmDriverPriority
acmFilterChooseA
acmFormatChooseW
acmFilterEnumW

loadperf

UnloadPerfCounterTextStringsA
LoadPerfCounterTextStringsA

mpr

WNetAddConnectionW
WNetConnectionDialog
WNetCancelConnectionW
WNetDisconnectDialog1W
WNetEnumResourceW
MultinetGetConnectionPerformanceW
WNetConnectionDialog1A

user32

ShowScrollBar
ReleaseDC
GetDC
EnableWindow
SetFocus
IsDlgButtonChecked
LoadStringW
SendMessageA
SendMessageW
PostMessageW
ShowWindow
GetWindowRect
MessageBoxW
GetWindowLongW
SetWindowLongW
GetParent
EnumChildWindows
LoadBitmapW
LoadImageW
SetWindowPos
MapWindowPoints
DialogBoxParamW
EndDialog
GetDlgItem

gdi32

DeleteObject
CreateFontW
GetDeviceCaps

comdlg32

GetOpenFileNameW
GetSaveFileNameW

advapi32

CryptReleaseContext
RegCloseKey
RegCreateKeyExW
RegDeleteValueA
RegQueryValueExA
CryptGetUserKey
CryptSetProvParam
CryptGetKeyParam
CryptDestroyKey
CryptAcquireContextW
RegSetValueExA

ole32

CreateBindCtx

Sections

.text
Size: 279KB - Virtual size: 279KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 38KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

72924ac5a91f563b1f01c642ae375f4b

Headers

DLL Characteristics

File Characteristics

Imports

comctl32

kernel32

resutils

mapi32

msvfw32

avifil32

msacm32

loadperf

mpr

user32

gdi32

comdlg32

advapi32

ole32

Sections

.text Size: 279KB - Virtual size: 279KB

.rdata Size: 38KB - Virtual size: 38KB

.data Size: 4KB - Virtual size: 8KB

.rsrc Size: 512B - Virtual size: 480B

.text
Size: 279KB - Virtual size: 279KB

.rdata
Size: 38KB - Virtual size: 38KB

.data
Size: 4KB - Virtual size: 8KB

.rsrc
Size: 512B - Virtual size: 480B