SecuriteInfo[.]com[.]BScope[.]Trojan[.]Wacatac[.]14436[.]16313[.]exe

General

Target

SecuriteInfo.com.BScope.Trojan.Wacatac.14436.16313.exe
Size

16KB
MD5

b7a5048292d239b65eff0287ecf4b13e
SHA1

b924f864a0d619dcc9996588d2ac56b483c95827
SHA256

0c62d28bd62c21c37157d489e6ebf518c27af113af2897e475e5865b150011de
SHA512

c8b5c1528f05298322ff94425e755c79a994c196bc4205f702ec661735659ee3c655e808e1eb668d8eb3ad90795c920b46b1ee2c69859625c4d1d598ae0f5809
SSDEEP

384:x8eBjDUMB4aMdt6ZRcwupZoeW2r8maQQgdBik:x8eBj5B2tgIZByJ5gR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
SecuriteInfo.com.BScope.Trojan.Wacatac.14436.16313.exe

Files

SecuriteInfo.com.BScope.Trojan.Wacatac.14436.16313.exe
.exe windows x86

457637093d431ae9818efeeb58e0b5f6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapAlloc
GetProcessHeap
lstrlenA
lstrcatA
WritePrivateProfileStringA
CreateThread
Sleep
lstrcpyA
GetCommandLineA
GetStartupInfoA
GetModuleHandleA
GetSystemDefaultLangID
ExitProcess
GetPrivateProfileIntA
GetTempPathA
GetModuleFileNameA
WritePrivateProfileSectionA

user32

GetWindowLongA
SetMenu
PostQuitMessage
EndPaint
BeginPaint
RegisterClassExA
LoadCursorA
LoadIconA
GetDC
ReleaseDC
SetWindowLongA
GetSystemMetrics
SetWindowPos
SetForegroundWindow
PostMessageA
GetAsyncKeyState
RedrawWindow
CreateWindowExA
ShowWindow
UpdateWindow
GetClientRect
DrawTextA
GetMessageA
TranslateAcceleratorA
TranslateMessage
DispatchMessageA
wsprintfA
DefWindowProcA

gdi32

SetTextColor
CreateFontIndirectA
SetBkMode
ExtTextOutA
SetBkColor
GetDeviceCaps
DeleteDC
BitBlt
LineTo
MoveToEx
CreatePen
CreateCompatibleDC
CreateDIBSection
DeleteObject
SelectObject

shell32

ShellExecuteA

winmm

timeGetTime

Sections

.text
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

457637093d431ae9818efeeb58e0b5f6

Headers

File Characteristics

Imports

kernel32

user32

gdi32

shell32

winmm

Sections

.text Size: 7KB - Virtual size: 6KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 4KB - Virtual size: 6KB

.rsrc Size: 2KB - Virtual size: 1KB

.text
Size: 7KB - Virtual size: 6KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 4KB - Virtual size: 6KB

.rsrc
Size: 2KB - Virtual size: 1KB