SecuriteInfo[.]com[.]Trojan[.]Wacatac[.]15571[.]26196[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

SecuriteInfo.com.Trojan.Wacatac.15571.26196.exe
Size

5KB
MD5

d9c62b2e2b3b0cbf1453d04b27df6152
SHA1

b1e34c18e9d5df4d04f727d97f35aa7d14c2bb1a
SHA256

14ce92a16a06a292b732c49efdfb63b7c7506a1fa669a9b4c83e4a91c87c40c3
SHA512

56042d78752642e45537e1e1e47a68cba09e91317f8a8982ba83a9e6d7be496cce85367f6b28056a85971f83074bdbdc68789b97c3470170facccc1aa5dee0a5
SSDEEP

48:OEPf+kSuWBoKIuGP0e/MKkB++aJdNcFte:nP2+Wf2DkU+aJEe

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
SecuriteInfo.com.Trojan.Wacatac.15571.26196.exe

Files

SecuriteInfo.com.Trojan.Wacatac.15571.26196.exe
.exe windows x86

9f992c7674ef3c0e47579302d855f8de

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

user32

MessageBoxA

kernel32

ExitProcess
GetFileSize
SetFilePointer
WriteFile
lstrlenA
CreateFileA
CloseHandle

Sections

CODE
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE