SecuriteInfo[.]com[.]Trojan-Dropper[.]Win32[.]Small[.]7432[.]18534[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

SecuriteInfo.com.Trojan-Dropper.Win32.Small.7432.18534.exe
Size

3.0MB
MD5

9e8954d91455770a972511c3e70e4e8f
SHA1

983d21a8edae58f16e4546ef5a2a13bb9833511e
SHA256

25ccd9df5e9266dcef831c561c39f9968cc565ecc28132d80c5768484d3df25e
SHA512

ea6dc289348142cb41723d214f45ee260e6a4dadb5851bc57f63e8915e0975d1150d8a5c9bbcad1b503716e9537a3c83af40a345fac53726770407ef2997b850
SSDEEP

24576:M3ERl7Tc2BkI2iIPGxg0C9QJECee3JoVy/WMyQDYwjx7NDUT9/rN+XAPQmXu:MURb2/cDeeWNMZUJ2m+

Score

1^/10

Malware Config

Signatures

Files

SecuriteInfo.com.Trojan-Dropper.Win32.Small.7432.18534.exe
.exe windows x64

b35f5f37c72fdd60140b8862a1cb983d

Code Sign

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04-12-2003 00:00

Not After

03-12-2013 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0d:e9:2b:f0:d4:d8:29:88:18:32:05:09:5e:9a:76:88
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

04-12-2003 00:00

Not After

03-12-2008 23:59

Subject

CN=VeriSign Time Stamping Services Signer,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

16-07-2004 00:00

Not After

15-07-2014 23:59

Subject

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

75:c1:a7:98:b8:75:89:43:35:c7:8c:dd:bf:05:cb:ff
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Not Before

02-02-2006 00:00

Not After

04-04-2007 23:59

Subject

CN=Sysinternals,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=Headquarters,O=Sysinternals,L=Austin,ST=Texas,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

ws2_32

gethostbyaddr
gethostname
getservbyport
WSAStartup
htons
ntohs
ntohl
htonl

mpr

WNetGetConnectionA

comctl32

ImageList_Create
ord17
PropertySheetA
ord6
CreatePropertySheetPageA
CreateToolbarEx
InitCommonControlsEx
ImageList_ReplaceIcon

version

VerQueryValueA
GetFileVersionInfoA
GetFileVersionInfoSizeA

kernel32

FindClose
FindFirstFileA
SetEnvironmentVariableA
WaitForSingleObject
CreateProcessA
GlobalUnlock
GlobalAlloc
GlobalLock
GlobalReAlloc
SetProcessWorkingSetSize
CreateEventA
GetLocaleInfoA
FormatMessageA
OutputDebugStringA
Sleep
TerminateProcess
DeviceIoControl
GetDriveTypeA
IsWow64Process
GetCurrentDirectoryA
GetFileTime
GetExitCodeThread
TerminateThread
GlobalMemoryStatus
DuplicateHandle
GetProcessAffinityMask
DeleteFileA
VirtualFree
VirtualAlloc
GetPriorityClass
GetThreadContext
MultiByteToWideChar
GetCommandLineW
GetSystemInfo
FatalAppExitA
QueryPerformanceCounter
GetEnvironmentStringsW
SetPriorityClass
GetEnvironmentStrings
FreeEnvironmentStringsA
GetFileType
SetHandleCount
HeapSize
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
GetConsoleMode
GetConsoleCP
FlsAlloc
GetCurrentThread
TlsSetValue
FlsFree
TlsFree
FlsSetValue
TlsAlloc
FlsGetValue
GetOEMCP
GetACP
GetCPInfo
RtlPcToFileHeader
RaiseException
RtlCaptureContext
RtlVirtualUnwind
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
HeapDestroy
HeapCreate
HeapSetInformation
GetStdHandle
WriteFile
ExitProcess
GetStartupInfoA
GetVersionExA
GetCommandLineA
GetCurrentThreadId
RtlUnwindEx
RtlLookupFunctionEntry
HeapReAlloc
CreateThread
ResumeThread
ExitThread
GetCurrentProcessId
SetErrorMode
FreeLibrary
GetUserDefaultLCID
EnumSystemLocalesA
WaitForMultipleObjects
PulseEvent
CreateFileMappingA
MapViewOfFile
IsBadReadPtr
UnmapViewOfFile
__C_specific_handler
GetSystemTimeAsFileTime
ReadFile
SetFilePointer
OpenProcess
VirtualQueryEx
ReadProcessMemory
GetSystemDirectoryA
lstrcpynA
WideCharToMultiByte
GetNumberFormatA
GetFileAttributesA
SearchPathA
ExpandEnvironmentStringsA
MulDiv
GetEnvironmentVariableA
lstrcmpiA
lstrcmpA
SetEvent
GetDateFormatA
GetProcessHeap
HeapAlloc
lstrcpyA
HeapFree
lstrcatA
GetTickCount
GetVersion
LoadLibraryA
GetModuleHandleA
GetProcAddress
SetLastError
CreateFileA
FindResourceA
LoadResource
SizeofResource
LockResource
GetCurrentProcess
IsValidLocale
IsValidCodePage
SetStdHandle
FlushFileBuffers
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CloseHandle
IsBadStringPtrA
lstrlenA
InitializeCriticalSection
DeleteCriticalSection
FileTimeToLocalFileTime
FileTimeToSystemTime
GetTimeFormatA
EnterCriticalSection
LeaveCriticalSection
GetLastError
LocalFree
LocalAlloc
GetModuleFileNameA
GetLocaleInfoW
GetTimeZoneInformation
SetEndOfFile
CompareStringA
CompareStringW
lstrlenW
FreeEnvironmentStringsW
SetConsoleCtrlHandler

user32

EnumWindows
RegisterWindowMessageA
LoadBitmapA
SetMenuItemBitmaps
CreateMenu
RemoveMenu
DrawMenuBar
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
ExitWindowsEx
RedrawWindow
LoadAcceleratorsA
GetMessageA
TranslateAcceleratorA
IsDialogMessageA
TranslateMessage
DispatchMessageA
CreateDialogParamA
GetDlgItemTextA
CheckMenuItem
PostQuitMessage
LoadMenuA
InsertMenuA
TrackPopupMenu
DrawEdge
DrawFrameControl
BeginDeferWindowPos
EnumChildWindows
EndDeferWindowPos
OffsetRect
UnionRect
GetClassNameA
DeferWindowPos
wsprintfA
SetPropA
IsZoomed
GetDlgCtrlID
SetForegroundWindow
GetDesktopWindow
FindWindowExA
GetWindowThreadProcessId
IsIconic
GetWindowDC
SetClassLongA
GetWindowLongA
GetWindowTextA
IntersectRect
ShowScrollBar
CallWindowProcA
FrameRect
FillRect
DrawIconEx
DeleteMenu
GetCapture
ReleaseCapture
SetCapture
EnableWindow
CheckDlgButton
IsDlgButtonChecked
GetWindowPlacement
ModifyMenuA
CreatePopupMenu
AppendMenuA
TrackPopupMenuEx
GetMenu
GetSubMenu
GetMenuItemCount
GetMenuItemID
EnableMenuItem
GetPropA
DestroyIcon
GetDoubleClickTime
ScreenToClient
SystemParametersInfoA
InvalidateRgn
MessageBoxA
SendMessageTimeoutA
GetWindow
GetUserObjectSecurity
PeekMessageA
MsgWaitForMultipleObjects
CheckRadioButton
GetKeyState
GetMenuCheckMarkDimensions
SetUserObjectSecurity
SetFocus
SetTimer
GetCursorPos
PtInRect
WindowFromPoint
KillTimer
LoadStringA
FindWindowA
PostMessageA
LoadIconA
LoadImageA
RegisterClassExA
RegisterClassA
SetWindowPlacement
UpdateWindow
DialogBoxIndirectParamA
SetWindowTextA
InflateRect
SendMessageA
DefFrameProcA
DefMDIChildProcA
DefDlgProcA
GetWindowLongPtrA
ShowWindow
ClientToScreen
GetSystemMetrics
SetWindowPos
BeginPaint
EndPaint
DefWindowProcA
SetWindowLongPtrA
GetClientRect
CreateIconIndirect
MapWindowPoints
DestroyWindow
CreateWindowExA
GetParent
IsWindowVisible
GetFocus
DrawTextA
GetDC
ReleaseDC
DialogBoxParamA
EndDialog
ChildWindowFromPoint
GetDlgItem
InvalidateRect
SetCursor
GetSysColorBrush
GetSysColor
GetWindowRect
MoveWindow
SetDlgItemTextA
LoadCursorA
SetWindowLongA

gdi32

Rectangle
RestoreDC
CreateCompatibleBitmap
SetTextAlign
ExtTextOutA
CreatePen
CreateSolidBrush
GetDeviceCaps
SetMapMode
StartDocA
SetBkColor
SetROP2
SaveDC
StretchBlt
LineTo
MoveToEx
GetTextMetricsA
GetTextExtentPoint32A
CreateCompatibleDC
DeleteDC
StartPage
EndPage
DeleteObject
SetBkMode
SetTextColor
SelectObject
GetStockObject
GetObjectA
CreateFontIndirectA
BitBlt
CreateDIBSection
EndDoc

comdlg32

PrintDlgA
ChooseFontA
GetOpenFileNameA
ChooseColorA
GetSaveFileNameA
FindTextA

advapi32

MapGenericMask
LookupPrivilegeNameA
IsValidSecurityDescriptor
SetKernelObjectSecurity
GetKernelObjectSecurity
OpenSCManagerA
QueryServiceStatus
CloseServiceHandle
StartServiceA
ControlService
CreateProcessAsUserA
RegConnectRegistryA
AllocateAndInitializeSid
FreeSid
LookupPrivilegeValueW
GetTokenInformation
IsValidSid
GetSidIdentifierAuthority
GetSidSubAuthorityCount
GetSidSubAuthority
EqualSid
LookupAccountSidA
GetLengthSid
CopySid
RegEnumValueA
OpenServiceA
QueryServiceConfigA
RegOpenKeyA
RegCreateKeyExA
RegDeleteValueA
RegCreateKeyA
RegSetValueExA
RegDeleteKeyA
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
RegOpenKeyExA
RegQueryValueExA
QueryServiceObjectSecurity
SetServiceObjectSecurity
RegCloseKey

shell32

SHGetFileInfoA
ShellExecuteExA
SHGetMalloc
SHGetSpecialFolderLocation
SHBrowseForFolderA
SHGetPathFromIDListA
Shell_NotifyIconA
ShellExecuteA
CommandLineToArgvW

ole32

CoInitialize
CoCreateInstance

oleaut32

SysFreeString
VariantClear
SysAllocString
GetErrorInfo
VariantChangeType
VariantInit
SetErrorInfo
CreateErrorInfo

Sections

.text
Size: 584KB - Virtual size: 584KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 205KB - Virtual size: 205KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 144KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 162KB - Virtual size: 162KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b35f5f37c72fdd60140b8862a1cb983d

Code Sign

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4Certificate

Extended Key Usages

Key Usages

0d:e9:2b:f0:d4:d8:29:88:18:32:05:09:5e:9a:76:88Certificate

Extended Key Usages

Key Usages

41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2Certificate

Extended Key Usages

Key Usages

75:c1:a7:98:b8:75:89:43:35:c7:8c:dd:bf:05:cb:ffCertificate

Extended Key Usages

Key Usages

Signer

Headers

DLL Characteristics

File Characteristics

Imports

ws2_32

mpr

comctl32

version

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

Sections

.text Size: 584KB - Virtual size: 584KB

.rdata Size: 205KB - Virtual size: 205KB

.data Size: 24KB - Virtual size: 144KB

.pdata Size: 27KB - Virtual size: 27KB

.rsrc Size: 162KB - Virtual size: 162KB

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

0d:e9:2b:f0:d4:d8:29:88:18:32:05:09:5e:9a:76:88
Certificate

41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2
Certificate

75:c1:a7:98:b8:75:89:43:35:c7:8c:dd:bf:05:cb:ff
Certificate

.text
Size: 584KB - Virtual size: 584KB

.rdata
Size: 205KB - Virtual size: 205KB

.data
Size: 24KB - Virtual size: 144KB

.pdata
Size: 27KB - Virtual size: 27KB

.rsrc
Size: 162KB - Virtual size: 162KB