SecuriteInfo[.]com[.]Backdoor[.]Win32[.]SdBot[.]6789[.]28727

General

Target

SecuriteInfo.com.Backdoor.Win32.SdBot.6789.28727
Size

56KB
MD5

187a4668b8580ba37f5278117ebe3099
SHA1

1bbed8305916bbe2cb7603c4fec510841857694b
SHA256

b532e8134269532d811aeab14ca1c70292dc07a18b0a42a337988e04158df2ce
SHA512

6e33a069b4e715194be3a9312d32f6349dbc88593e79c3517b26dcab6e2085832381ffa99d07ee525933216f1fb1695ae2e4f4c91097a5c96fe949033ab4fba1
SSDEEP

768:+jRcCGgrr9Jwjig3J29Tq9ZMS6NKiB9PzqQNilRA6Yo/y:8tGgrWZaG2XfjHo6

Score

1^/10

Malware Config

Signatures

Files

SecuriteInfo.com.Backdoor.Win32.SdBot.6789.28727
.exe windows x86

6d7262a957616f786de56f96417e37d0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

quartz

AMGetErrorTextA

kernel32

WideCharToMultiByte
GetCurrentProcessId
GetLastError
LCMapStringW
LCMapStringA
SetStdHandle
LoadLibraryA
GetOEMCP
GetACP
GetCPInfo
GetStringTypeW
FlushFileBuffers
MultiByteToWideChar
HeapReAlloc
VirtualAlloc
SetFilePointer
WriteFile
RtlUnwind
VirtualFree
HeapCreate
HeapDestroy
GetVersionExA
GetEnvironmentVariableA
GetFileType
GetStringTypeA
TerminateProcess
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetModuleFileNameA
UnhandledExceptionFilter
GetProcAddress
HeapAlloc
ExitProcess
CloseHandle
GetCurrentProcess
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
HeapFree

user32

ShowWindow
CheckMenuItem
AppendMenuA
GetClientRect
wsprintfW
LoadCursorA
RegisterClassA
CreateWindowExA
DestroyWindow
SetWindowTextA
GetMessageA
MessageBoxA
DispatchMessageA
TranslateMessage
PostQuitMessage
IsIconic
CreateDialogParamA
DefWindowProcA
GetSystemMenu
GetDlgItemTextA
EndDialog

gdi32

GetStockObject

ole32

CoCreateInstance
CreateItemMoniker
GetRunningObjectTable
CoTaskMemFree
CoUninitialize
CoInitializeEx

oleaut32

OleCreatePropertyFrame
SysFreeString

Sections

.text
Size: 32KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6d7262a957616f786de56f96417e37d0

Headers

File Characteristics

Imports

quartz

kernel32

user32

gdi32

ole32

oleaut32

Sections

.text Size: 32KB - Virtual size: 28KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 12KB - Virtual size: 17KB

.rsrc Size: 4KB - Virtual size: 1KB

.text
Size: 32KB - Virtual size: 28KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 12KB - Virtual size: 17KB

.rsrc
Size: 4KB - Virtual size: 1KB