SecuriteInfo[.]com[.]Trojan[.]Win32[.]VecStealer[.]LK[.]MTB[.]24834[.]30300

General

Target

SecuriteInfo.com.Trojan.Win32.VecStealer.LK.MTB.24834.30300
Size

5KB
MD5

34ea087535510dd7df75fdbe5b00925d
SHA1

a74e07cc5ff27765917cff342ec9c6cb55f9486b
SHA256

89f6aa1e917cd535d8ba513f0e289772b1af0ef68a8ae27cc8d3ac93d338d6e0
SHA512

2fb381388fbc5ae470ecc58687251215b8b3c61d4f9804bb44fdae9f2754ac40c8acf23e86bd92abeffc443f7d9f70fde7ca689544e94a2334b2d7a84889b881
SSDEEP

48:imYGNS2F5vd8bts1IOCMs1IOCThcx/6+eTo/NkF7DAy52y:Up2FlB+Z+Tu/ReE/NkNN5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
SecuriteInfo.com.Trojan.Win32.VecStealer.LK.MTB.24834.30300

Files

SecuriteInfo.com.Trojan.Win32.VecStealer.LK.MTB.24834.30300
.dll windows x86

ede14b73694a83dece2930898de1ac25

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
EnumResourceTypesA

crypt32

CertStrToNameA
CryptEncryptMessage
CertSaveStore
CryptImportPublicKeyInfoEx
CertEnumCertificatesInStore

rpcrt4

TowerExplode
RpcObjectInqType
NdrProxyGetBuffer
RpcMgmtEnableIdleCleanup

mswsock

AcceptEx
TransmitFile
GetAcceptExSockaddrs
EnumProtocolsW
s_perror
GetTypeByNameA

oleaut32

VarUI2FromI4
BSTR_UserMarshal
VarInt
VarCyFromBool
VarR8FromCy
OleLoadPicture
VarBstrFromR4
VarAdd
VarI4FromUI2

msi

ord51
ord95
ord135
ord8
ord31
ord11
ord137

mscms

CheckColors
IsColorProfileValid
InstallColorProfileW
OpenColorProfileA
GetStandardColorSpaceProfileA
CreateMultiProfileTransform
RegisterCMMW
EnumColorProfilesW
UnregisterCMMW

wininet

InternetQueryDataAvailable
InternetErrorDlg
InternetAutodialHangup
FtpGetCurrentDirectoryW
FtpSetCurrentDirectoryA
GopherGetAttributeW
InternetGetLastResponseInfoA
InternetGetCertByURL

Exports

Exports

hVLRxv

Sections

.text
Size: 1024B - Virtual size: 676B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 142B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 166B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ede14b73694a83dece2930898de1ac25

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

crypt32

rpcrt4

mswsock

oleaut32

msi

mscms

wininet

Exports

Exports

Sections

.text Size: 1024B - Virtual size: 676B

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 512B - Virtual size: 142B

.reloc Size: 512B - Virtual size: 166B

.text
Size: 1024B - Virtual size: 676B

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 512B - Virtual size: 142B

.reloc
Size: 512B - Virtual size: 166B