SecuriteInfo[.]com[.]TScope[.]Malware-Cryptor[.]SB[.]4013[.]8195[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

SecuriteInfo.com.TScope.Malware-Cryptor.SB.4013.8195.exe
Size

332KB
MD5

fb2231f08c796f907a4baf27237c1502
SHA1

548006beddf08bbd08b565f44f55b7779e47125b
SHA256

5ba9f645a6630f92303e74e59bd929cd65ba7234bc542ece51aefa817a0e01a9
SHA512

91739885d79c66807e0d248d5b326af4d95fa5c5036027f71a35afb685451cc81db7684209686eaeea27d74a2d8f04921029f038db7a1c618780541b0de2db61
SSDEEP

6144:N3dw8e009xCc4Vd3Ekkus5G5Gvj5D4W9:xdb09xToApOGvj5D

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
SecuriteInfo.com.TScope.Malware-Cryptor.SB.4013.8195.exe

Files

SecuriteInfo.com.TScope.Malware-Cryptor.SB.4013.8195.exe
.exe windows x86

92a07eb3b7b240a61c24caa04984d193

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mfc71

ord605
ord354
ord578
ord876
ord2322
ord310
ord1031
ord2306
ord1181
ord2259
ord1641
ord1571
ord5915
ord1402
ord4238
ord5214
ord4261
ord3875
ord1123
ord4100
ord2094
ord3244
ord1955
ord2371
ord1283
ord1063
ord2372
ord1903
ord6144
ord3401
ord1191
ord1187
ord781
ord304
ord297
ord784
ord6286
ord1211
ord2902
ord783
ord5320
ord1159
ord4394
ord3651
ord3489
ord658
ord3210
ord1934
ord3161
ord1280
ord1279
ord5637
ord572
ord2527
ord5611
ord6060
ord5608
ord6054
ord4161
ord6057
ord6037
ord5727
ord5642
ord5647
ord5523
ord5588
ord5414
ord5401
ord5921
ord5719
ord3180
ord602
ord326
ord2264
ord6062
ord5888
ord347
ord2873
ord2367
ord709
ord501
ord2794
ord620
ord739
ord1554
ord2991
ord3195
ord1647
ord1589
ord3315
ord1781
ord1880
ord265
ord266
ord3684
ord3454
ord5396
ord2787
ord3916
ord1291
ord457
ord3163
ord1966
ord5640
ord3667
ord3552
ord5071
ord5072
ord5070
ord4797
ord4617
ord4867
ord4844
ord4190
ord4213
ord5211
ord4720
ord718
ord4736
ord516
ord1882
ord1774
ord1892
ord2164
ord1397
ord6266
ord1933
ord1484
ord4099
ord2091
ord1570
ord4237
ord3229
ord657
ord2368
ord589
ord330
ord3255
ord5331
ord6297
ord1185
ord629
ord6288
ord5089
ord384
ord1439
ord5323
ord2903
ord4035
ord5563
ord5529
ord587
ord591
ord2168
ord2086
ord1545
ord4232
ord3164
ord1931
ord1483
ord4098
ord2089
ord1547
ord4234
ord3171
ord1486
ord3934
ord3761
ord6236
ord6067
ord2657
ord2866
ord5866
ord3879
ord3094
ord5625
ord3648
ord3466
ord5165
ord5929
ord4896
ord6081
ord4309
ord4041
ord5927
ord5859
ord2003
ord2144
ord2145
ord5725
ord5739
ord2478
ord1470
ord4299
ord1425
ord2246
ord1913
ord2615
ord5009
ord5012
ord4135
ord2939
ord4904
ord943
ord5356
ord2992
ord2425
ord2424
ord4019
ord1557
ord3945
ord5148
ord5205
ord2173
ord1306
ord4277
ord4265
ord751
ord742
ord635
ord562
ord553
ord395
ord2305
ord4109
ord5403
ord2468
ord1489
ord6118
ord299
ord2933
ord865
ord907
ord911
ord4262
ord3302
ord1929
ord5634
ord630
ord3997
ord2747
ord2021
ord385
ord3204
ord6014
ord4196
ord3929
ord5355
ord3987
ord1912
ord2081
ord2077
ord2039
ord1352
ord5145
ord6269
ord5202
ord5161
ord1962
ord1728
ord4125
ord3668
ord3553
ord1327
ord2036
ord1582
ord5212
ord4280
ord1521
ord4272
ord721
ord2158
ord526
ord4583
ord4469
ord4467
ord3683
ord4038
ord4014
ord6278
ord3801
ord6276
ord4326
ord2063
ord2018
ord5583
ord3806
ord1010
ord5102
ord6219
ord5382
ord3832
ord1920
ord2931
ord5224
ord5226
ord2248
ord3948
ord4568
ord5230
ord5213
ord5566
ord2838
ord4481
ord3333
ord566
ord3182
ord757
ord908
ord6090
ord593
ord5225
ord5119
ord334
ord5386
ord2156
ord959
ord547
ord4031
ord5975
ord3830
ord1126
ord3645
ord3450
ord1198
ord6231
ord4705
ord1084
ord6043
ord1308
ord2176
ord3088
ord1917
ord5420
ord313
ord2049
ord2271
ord2292
ord3085
ord1922
ord3056
ord4566
ord2614
ord2621
ord6238
ord2016
ord5156
ord5592
ord1379
ord5412
ord2742
ord5495
ord4257
ord4222
ord3040
ord2768
ord5934
ord4482
ord4264
ord616
ord368
ord5620
ord5377
ord4306
ord980
ord2793
ord2791
ord4221
ord1014
ord2105
ord1511
ord727
ord5174
ord1161
ord1979
ord1290
ord4562
ord5057
ord5622
ord4863
ord5641
ord5976
ord502
ord3740
ord4444
ord4443
ord4790
ord4204
ord4781
ord4172
ord4181
ord4776
ord4386
ord4401
ord3974
ord5151
ord3344
ord1360
ord4273
ord694
ord3109
ord468
ord6305
ord584
ord1434
ord317
ord2744
ord4980
ord734
ord689
ord2011
ord1340
ord1977
ord458
ord546
ord5759
ord6147
ord741
ord2095
ord1591
ord4240
ord3317
ord3989
ord5731
ord2075
ord4399
ord4381
ord4384
ord4379
ord5988
ord6091
ord4860
ord3348
ord3637
ord3432
ord595
ord4296
ord3295
ord530
ord722
ord4908
ord6005
ord5714
ord336
ord1343
ord2654
ord5064
ord2277
ord3952
ord3505
ord758
ord2234
ord3891
ord567
ord2790
ord4115
ord3506
ord5497
ord3863
ord5871
ord5869
ord3514
ord3286
ord3672
ord3567
ord732
ord544
ord4591
ord3351
ord4935
ord4486
ord3949
ord2644
ord3709
ord3719
ord3718
ord2533
ord2646
ord2540
ord2862
ord2714
ord4307
ord2835
ord2731
ord2537
ord5200
ord1599
ord1655
ord1656
ord1964
ord5175
ord1362
ord4967
ord3345
ord6277
ord3802
ord6279
ord1522
ord2172
ord2178

msvcr71

_strcmpi
_stricmp
_setmbcp
??0exception@@QAE@XZ
_acmdln
exit
_cexit
_ismbblead
_XcptFilter
_exit
_c_exit
?terminate@@YAXXZ
_onexit
__dllonexit
??1type_info@@UAE@XZ
__security_error_handler
memset
_except_handler3
floor
ceil
_purecall
_mbccpy
_mbclen
_mbsnbcmp
_mbsncmp
_mbsstr
_mbschr
memmove
fgetc
fopen
fread
fseek
ftell
fclose
fwrite
free
malloc
atoi
__RTDynamicCast
_CxxThrowException
??1exception@@UAE@XZ
_amsg_exit
__getmainargs
_initterm
??0exception@@QAE@ABV0@@Z
__CxxFrameHandler
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_controlfp

kernel32

GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
GetStartupInfoA
GetModuleHandleA
ExitProcess
GlobalAlloc
GetVersionExA
GlobalUnlock
GlobalLock
GetLastError
OutputDebugStringA
GetModuleFileNameA
GetSystemTime
MulDiv
InitializeCriticalSection
DeleteCriticalSection
GlobalSize
GlobalReAlloc
GlobalFree

user32

RegisterClipboardFormatA
BeginDeferWindowPos
EndDeferWindowPos
GetWindowLongA
GetClassLongA
wsprintfA
GetSysColorBrush
RedrawWindow
GetDCEx
ClientToScreen
GetWindowRect
OffsetRect
PtInRect
CopyRect
SystemParametersInfoA
ReleaseCapture
GetCursorPos
LoadCursorA
SetCapture
GetCapture
KillTimer
SetTimer
ScreenToClient
ReleaseDC
UnionRect
IntersectRect
SetRectEmpty
SetRect
PeekMessageA
TranslateMessage
DispatchMessageA
GetWindow
GetKeyState
InflateRect
IsRectEmpty
GetWindowPlacement
InvalidateRect
UpdateWindow
GetSystemMetrics
GetDC
MessageBeep
GetSysColor
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
GetFocus
GetClientRect
DrawFocusRect
FrameRect
FillRect
GetParent
LoadMenuA
InsertMenuA
GetSubMenu
EnableWindow
SendMessageA
RemoveMenu

gdi32

GetViewportOrgEx
GetSystemPaletteEntries
GetDIBits
CreatePalette
GetTextColor
Rectangle
GetStockObject
CreateRectRgnIndirect
CreateSolidBrush
SetStretchBltMode
StretchBlt
SelectPalette
PatBlt
RealizePalette
GetDeviceCaps
CreatePatternBrush
SelectObject
GetCurrentObject
CreateBitmap
GetObjectA
CreateDIBSection
DeleteDC
DeleteObject
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
GetTextExtentPoint32A
BitBlt
LPtoDP
DPtoLP
GetWindowExtEx
GetViewportExtEx
GetMapMode
CreateCompatibleBitmap
CreateCompatibleDC
GetBkColor

msimg32

TransparentBlt

shell32

DragAcceptFiles

comctl32

ord17

msvcp71

??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?find@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z
?substr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV12@II@Z
??0?$basic_stringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@H@Z
??$?6U?$char_traits@D@std@@@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@PBD@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@K@Z
?str@?$basic_stringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@2@XZ
??_D?$basic_stringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXXZ
??$?8DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
??$?8DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z

Sections

.text
Size: 208KB - Virtual size: 207KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 52KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 44KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

92a07eb3b7b240a61c24caa04984d193

Headers

File Characteristics

Imports

mfc71

msvcr71

kernel32

user32

gdi32

msimg32

shell32

comctl32

msvcp71

Sections

.text Size: 208KB - Virtual size: 207KB

.rdata Size: 52KB - Virtual size: 51KB

.data Size: 44KB - Virtual size: 45KB

.rsrc Size: 24KB - Virtual size: 23KB

.text
Size: 208KB - Virtual size: 207KB

.rdata
Size: 52KB - Virtual size: 51KB

.data
Size: 44KB - Virtual size: 45KB

.rsrc
Size: 24KB - Virtual size: 23KB