Static task
static1
Behavioral task
behavioral1
Sample
SecuriteInfo.com.Win32.Trojan-gen.19394.exe
Resource
win7-20230220-en
windows7-x64
Behavioral task
behavioral2
Sample
SecuriteInfo.com.Win32.Trojan-gen.19394.exe
Resource
win10v2004-20230220-en
windows10-2004-x64
General
-
Target
SecuriteInfo.com.Win32.Trojan-gen.19394.32663
-
Size
862KB
-
MD5
8eddeda61a4c7f152fcc2edde5d829b0
-
SHA1
6c8fd3cf13620951d55128d6aa10e67c6d91f88b
-
SHA256
2160d7effc7ffdf2b572b693c4585ad9e21dce3e57c1ebc00f89c4e16d5422ab
-
SHA512
c31c25c8a3b24b8560aa14b63363adb8a1cf9753f8fe8c1a48d21423265d2325c34743a3603b165174ae9c3c35866d36230f818f9f286c536c2affb223764378
-
SSDEEP
12288:u06+mdWX+eVo+XKocjKkb6MNHwnfjn8G:B6DdWuknXHcjKk5Iz8G
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource SecuriteInfo.com.Win32.Trojan-gen.19394.32663
Files
-
SecuriteInfo.com.Win32.Trojan-gen.19394.32663.exe windows x86
f4f2606e8db3888a7cecb3ec3d542bbd
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
winmm
waveInClose
waveInPrepareHeader
waveInOpen
waveInAddBuffer
waveInReset
waveInStop
waveInStart
waveInGetNumDevs
kernel32
Sleep
InterlockedCompareExchange
HeapSetInformation
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
GetCommandLineW
GetLastError
SetErrorMode
GetModuleFileNameW
ExitProcess
AllocConsole
InterlockedExchange
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
DecodePointer
EncodePointer
GetStartupInfoW
user32
GetMessageW
shell32
SHGetFolderPathW
CommandLineToArgvW
pocofoundation
?lock@FastMutex@Poco@@QAEXXZ
?unlock@FastMutex@Poco@@QAEXXZ
?tryWait@Event@Poco@@QAE_NJ@Z
??0Condition@Poco@@QAE@XZ
??1Condition@Poco@@QAE@XZ
?broadcast@Condition@Poco@@QAEXXZ
?enqueue@Condition@Poco@@IAEXAAVEvent@2@@Z
?dequeue@Condition@Poco@@IAEXAAVEvent@2@@Z
??0Event@Poco@@QAE@_N@Z
??1Event@Poco@@QAE@XZ
?unlock@NamedMutex@Poco@@QAEXXZ
?id@Thread@Poco@@QBEHXZ
?current@Thread@Poco@@SAPAV12@XZ
??0Thread@Poco@@QAE@XZ
??1Thread@Poco@@QAE@XZ
?tryLock@NamedMutex@Poco@@QAE_NXZ
?getSize@File@Poco@@QBE_KXZ
??0NamedMutex@Poco@@QAE@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
??1NamedMutex@Poco@@QAE@XZ
?lock@Mutex@Poco@@QAEXXZ
?unlock@Mutex@Poco@@QAEXXZ
?isRunning@Thread@Poco@@QBE_NXZ
??0Runnable@Poco@@QAE@XZ
??1Runnable@Poco@@UAE@XZ
?start@Thread@Poco@@QAEXAAVRunnable@2@@Z
?join@Thread@Poco@@QAEXXZ
??0Exception@Poco@@IAE@H@Z
??0Exception@Poco@@QAE@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@H@Z
??1Exception@Poco@@UAE@XZ
?what@Exception@Poco@@UBEPBDXZ
?format@DateTimeFormatter@Poco@@SA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@ABVTimestamp@2@ABV34@H@Z
?get@Logger@Poco@@SAAAV12@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?displayText@Exception@Poco@@QBE?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@XZ
??8File@Poco@@QBE_NABV01@@Z
??_DFileOutputStream@Poco@@QAEXXZ
??_DFileInputStream@Poco@@QAEXXZ
?open@Channel@Poco@@UAEXXZ
?close@Channel@Poco@@UAEXXZ
?setProperty@Channel@Poco@@UAEXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@0@Z
?getProperty@Channel@Poco@@UBE?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@ABV34@@Z
?toUTF8@UnicodeConverter@Poco@@SAXPB_WAAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?copyToString@StreamCopier@Poco@@SA_JAAV?$basic_istream@DU?$char_traits@D@std@@@std@@AAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@4@I@Z
??0File@Poco@@QAE@ABV01@@Z
??0File@Poco@@QAE@ABVPath@1@@Z
??0File@Poco@@QAE@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
??0File@Poco@@QAE@XZ
??1File@Poco@@UAE@XZ
??4File@Poco@@QAEAAV01@ABV01@@Z
?exists@File@Poco@@QBE_NXZ
??0NullChannel@Poco@@QAE@XZ
??1NullChannel@Poco@@UAE@XZ
?log@NullChannel@Poco@@UAEXABVMessage@2@@Z
?setProperty@NullChannel@Poco@@UAEXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@0@Z
?create@Logger@Poco@@SAAAV12@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@PAVChannel@2@H@Z
??0FileInputStream@Poco@@QAE@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@H@Z
?tryParse64@NumberParser@Poco@@SA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AA_J@Z
??0NullPointerException@Poco@@QAE@ABV01@@Z
??0NullPointerException@Poco@@QAE@H@Z
??1NullPointerException@Poco@@UAE@XZ
??0Exception@Poco@@QAE@ABV01@@Z
??0LogicException@Poco@@QAE@ABV01@@Z
??_DMemoryInputStream@Poco@@QAEXXZ
??1Timespan@Poco@@QAE@XZ
??0Timespan@Poco@@QAE@HHHHH@Z
??1Timestamp@Poco@@QAE@XZ
??0Timestamp@Poco@@QAE@XZ
??0PatternFormatter@Poco@@QAE@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
??1PatternFormatter@Poco@@UAE@XZ
?format@PatternFormatter@Poco@@UAEXABVMessage@2@AAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?setProperty@PatternFormatter@Poco@@UAEXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@0@Z
?getProperty@PatternFormatter@Poco@@UBE?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@ABV34@@Z
??0FormattingChannel@Poco@@QAE@PAVFormatter@1@@Z
?setChannel@FormattingChannel@Poco@@QAEXPAVChannel@2@@Z
?log@FormattingChannel@Poco@@UAEXABVMessage@2@@Z
?setProperty@FormattingChannel@Poco@@UAEXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@0@Z
?open@FormattingChannel@Poco@@UAEXXZ
?close@FormattingChannel@Poco@@UAEXXZ
??1FormattingChannel@Poco@@MAE@XZ
??0ConsoleChannel@Poco@@QAE@XZ
?log@ConsoleChannel@Poco@@UAEXABVMessage@2@@Z
??1ConsoleChannel@Poco@@MAE@XZ
??0Path@Poco@@QAE@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
??1Path@Poco@@QAE@XZ
?toString@Path@Poco@@QBE?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@XZ
?makeDirectory@Path@Poco@@QAEAAV12@XZ
?setFileName@Path@Poco@@QAEAAV12@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?parent@Path@Poco@@QBE?AV12@XZ
??0FileOutputStream@Poco@@QAE@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@H@Z
?close@FileIOS@Poco@@QAEXXZ
??0Mutex@Poco@@QAE@XZ
??1Mutex@Poco@@QAE@XZ
?path@File@Poco@@QBEABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@XZ
?release@RefCountedObject@Poco@@QBEXXZ
?information@Logger@Poco@@QAEXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?totalMilliseconds@Timespan@Poco@@QBE_JXZ
?year@DateTime@Poco@@QBEHXZ
?month@DateTime@Poco@@QBEHXZ
?day@DateTime@Poco@@QBEHXZ
?format@DateTimeFormatter@Poco@@SA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@ABVDateTime@2@ABV34@H@Z
??0DateTime@Poco@@QAE@HHHHHHHH@Z
??0DateTime@Poco@@QAE@XZ
??1DateTime@Poco@@QAE@XZ
??HDateTime@Poco@@QBE?AV01@ABVTimespan@1@@Z
??GDateTime@Poco@@QBE?AVTimespan@1@ABV01@@Z
??0MemoryInputStream@Poco@@QAE@PBD_J@Z
msvcp100
?eback@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHD@Z
?egptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
?pptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
?setg@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXPAD00@Z
?epptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
?setp@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXPAD0@Z
?_Pninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEPADXZ
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IAE@XZ
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAE@XZ
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAE_JPBD_J@Z
?uncaught_exception@std@@YA_NXZ
?_BADOFF@std@@3_JB
??_7?$basic_ostream@DU?$char_traits@D@std@@@std@@6B@
?_Xlength_error@std@@YAXPBD@Z
?_Xout_of_range@std@@YAXPBD@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@_J@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@J@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@H@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAV01@AAV01@@Z@Z
??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UAE@XZ
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UAE@XZ
?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEXABVlocale@2@@Z
?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHXZ
?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEPAV12@PAD_J@Z
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPBD_J@Z
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPAD_J@Z
?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHXZ
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JXZ
?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAEXXZ
?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAEXXZ
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAE@XZ
?endl@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@1@AAV21@@Z
?write@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@PBD_J@Z
??_7?$basic_istream@DU?$char_traits@D@std@@@std@@6B@
?pbackfail@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHH@Z
?seekoff@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE?AV?$fpos@H@2@_JHH@Z
?seekpos@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE?AV?$fpos@H@2@V32@H@Z
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
?read@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV12@PAD_J@Z
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@XZ
pocoutil
?getRaw@MapConfiguration@Util@Poco@@MBE_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAV45@@Z
?setRaw@MapConfiguration@Util@Poco@@MAEXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@0@Z
?enumerate@MapConfiguration@Util@Poco@@MBEXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAV?$vector@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@V?$allocator@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@2@@5@@Z
?removeRaw@MapConfiguration@Util@Poco@@MAEXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
??0PropertyFileConfiguration@Util@Poco@@QAE@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?save@PropertyFileConfiguration@Util@Poco@@QBEXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
??1PropertyFileConfiguration@Util@Poco@@MAE@XZ
?getString@AbstractConfiguration@Util@Poco@@QBE?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@ABV45@@Z
?getInt@AbstractConfiguration@Util@Poco@@QBEHABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?setString@AbstractConfiguration@Util@Poco@@QAEXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@0@Z
?setInt@AbstractConfiguration@Util@Poco@@QAEXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@H@Z
msvcr100
??1exception@std@@UAE@XZ
??0exception@std@@QAE@ABQBD@Z
??0exception@std@@QAE@ABV01@@Z
memmove
??3@YAXPAX@Z
getchar
??2@YAPAXI@Z
??1bad_cast@std@@UAE@XZ
??0bad_cast@std@@QAE@PBD@Z
??0bad_cast@std@@QAE@ABV01@@Z
_purecall
??_V@YAXPAX@Z
free
malloc
__iob_func
freopen_s
__RTtypeid
memcpy
_amsg_exit
__getmainargs
_cexit
_exit
_XcptFilter
_ismbblead
exit
_acmdln
_initterm
_initterm_e
_configthreadlocale
__setusermatherr
_commode
_fmode
__set_app_type
?_name_internal_method@type_info@@QBEPBDPAU__type_info_node@@@Z
_unlock
__dllonexit
_lock
_onexit
_crt_debugger_hook
?terminate@@YAXXZ
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_except_handler4_common
__RTDynamicCast
_invoke_watson
_controlfp_s
memset
__CxxFrameHandler3
_CxxThrowException
?what@exception@std@@UBEPBDXZ
pocoxml
??1DOMParser@XML@Poco@@QAE@XZ
??0DOMParser@XML@Poco@@QAE@PAVNamePool@12@@Z
?release@DOMObject@XML@Poco@@QBEXXZ
?parse@DOMParser@XML@Poco@@QAEPAVDocument@23@PAVInputSource@23@@Z
?getAttribute@Element@XML@Poco@@QBEABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@ABV45@@Z
?documentElement@Document@XML@Poco@@QBEPAVElement@23@XZ
??0InputSource@XML@Poco@@QAE@AAV?$basic_istream@DU?$char_traits@D@std@@@std@@@Z
??1InputSource@XML@Poco@@QAE@XZ
Sections
.text Size: 160KB - Virtual size: 160KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 64KB - Virtual size: 63KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 2KB - Virtual size: 3KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.eh_fram Size: 16KB - Virtual size: 16KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.debug_i Size: 260KB - Virtual size: 259KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
.debug_a Size: 45KB - Virtual size: 45KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
.debug_l Size: 203KB - Virtual size: 203KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
.debug_a Size: 4KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
.debug_l Size: 74KB - Virtual size: 73KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
.debug_s Size: 2KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
.debug_r Size: 11KB - Virtual size: 10KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
.rsrc Size: 512B - Virtual size: 436B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 16KB - Virtual size: 16KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ