SecuriteInfo[.]com[.]BScope[.]Trojan[.]Download[.]24464[.]15417

Sharing

Copy URL Twitter E-mail

General

Target

SecuriteInfo.com.BScope.Trojan.Download.24464.15417
Size

387KB
MD5

6a53167cc1fc4cf1c68f592f9e5a428f
SHA1

72b552ae5fbc2278e2f6b46a8f0b8f76c6885a2e
SHA256

1baba422186830060f5297738ee0bf24b8f1fb4415f801a85446d27fda919e06
SHA512

c3558570bf414bf029c51ad1e365903c7a8d7c82c29121418d58829efc414bf641c1895246068de579ab131e1ba54dc765267214c744463ef8d32d62c67a38e1
SSDEEP

6144:guKBkP1+K0Jag6uxMaThEARBVET3hmRZ9T9ZXC+Udz7ADNl/A:0koKFTuKaTq7ccdgDNl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
SecuriteInfo.com.BScope.Trojan.Download.24464.15417

Files

SecuriteInfo.com.BScope.Trojan.Download.24464.15417
.exe windows x86

05fe417a68e8a3debae496838ce8b937

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

PeekNamedPipe
WriteFile
GetSystemInfo
GetVersionExA
UnmapViewOfFile
MapViewOfFile
CreateFileMappingA
WriteProcessMemory
ReadProcessMemory
WaitForSingleObject
SetFileTime
MoveFileA
CopyFileA
SetSystemPowerState
SizeofResource
LockResource
LoadResource
FindResourceA
EnumResourceNamesA
WideCharToMultiByte
CompareStringA
RaiseException
SetEndOfFile
SetStdHandle
GetStringTypeW
GetStringTypeA
IsBadCodePtr
IsBadReadPtr
SetUnhandledExceptionFilter
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
CreatePipe
LCMapStringW
LCMapStringA
GetFileType
SetHandleCount
FlushFileBuffers
IsBadWritePtr
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
UnhandledExceptionFilter
GetOEMCP
GetACP
GetCPInfo
HeapSize
HeapReAlloc
DeleteCriticalSection
InitializeCriticalSection
SetLastError
TlsAlloc
GetVersion
GetCommandLineA
GetStartupInfoA
GetSystemTimeAsFileTime
ExitProcess
LeaveCriticalSection
EnterCriticalSection
HeapAlloc
HeapFree
ExitThread
TlsGetValue
TlsSetValue
CreateThread
ResumeThread
GetSystemTime
GetTimeZoneInformation
RtlUnwind
GetTempFileNameA
GetCurrentProcess
DuplicateHandle
GetStdHandle
CreateProcessA
OpenProcess
TerminateProcess
GetComputerNameA
GetWindowsDirectoryA
GetSystemDirectoryA
GetModuleFileNameA
GetTempPathA
GetCurrentProcessId
Beep
GlobalMemoryStatus
QueryPerformanceFrequency
QueryPerformanceCounter
GetCurrentThreadId
GetFileSize
GlobalFree
GlobalAlloc
GlobalLock
GlobalUnlock
SetEnvironmentVariableA
GetEnvironmentVariableA
WritePrivateProfileSectionA
GetShortPathNameA
SetFileAttributesA
GetFileAttributesA
CreateDirectoryA
DeviceIoControl
RemoveDirectoryA
DeleteFileA
SetVolumeLabelA
GetVolumeInformationA
GetModuleHandleA
GetDiskFreeSpaceA
SetErrorMode
GetDriveTypeA
MultiByteToWideChar
FindNextFileA
GetLocalTime
SystemTimeToFileTime
LocalFileTimeToFileTime
GetCurrentDirectoryA
SetCurrentDirectoryA
FindFirstFileA
FileTimeToLocalFileTime
FileTimeToSystemTime
ReadFile
SetFilePointer
CreateFileA
GetPrivateProfileSectionNamesA
GetPrivateProfileSectionA
WritePrivateProfileStringA
GetPrivateProfileStringA
GetExitCodeProcess
GetFullPathNameA
GetLastError
FormatMessageA
FreeLibrary
FindClose
LoadLibraryA
GetProcAddress
lstrcmpiA
CloseHandle
Sleep
InterlockedDecrement
FreeEnvironmentStringsA
InterlockedIncrement
CompareStringW

user32

GetSystemMetrics
SetClassLongA
GetSysColor
SetCursor
PtInRect
MessageBeep
GetKeyState
TrackPopupMenuEx
SetCapture
UnregisterHotKey
DestroyWindow
MessageBoxA
GetMenuItemInfoA
CheckMenuRadioItem
ReleaseCapture
LoadImageA
IsDialogMessageA
InvalidateRect
KillTimer
PostQuitMessage
SetTimer
RegisterWindowMessageA
CreatePopupMenu
DefWindowProcA
GetSysColorBrush
LoadIconA
RegisterClassExA
DestroyIcon
FlashWindow
SetWindowLongA
FindWindowA
GetActiveWindow
CharNextA
wsprintfA
IsMenu
RedrawWindow
DrawMenuBar
SetMenuItemInfoA
DeleteMenu
DestroyMenu
SetMenu
DefDlgProcA
CreateMenu
LoadStringA
DispatchMessageA
TranslateMessage
PeekMessageA
SetMenuDefaultItem
LockWindowUpdate
SendMessageA
CharLowerBuffA
CharUpperA
IsWindow
SetWindowTextA
GetWindowTextA
SendMessageTimeoutA
CloseClipboard
GetClipboardData
OpenClipboard
IsClipboardFormatAvailable
SetClipboardData
EmptyClipboard
ReleaseDC
GetDC
GetCursorPos
InsertMenuItemA
EndPaint
BeginPaint
CopyRect
SendDlgItemMessageA
GetDlgItem
EndDialog
DialogBoxParamA
VkKeyScanA
GetKeyboardLayoutNameA
keybd_event
GetAsyncKeyState
EnumThreadWindows
SetKeyboardState
GetKeyboardState
mouse_event
GetWindowRect
GetDesktopWindow
ShowWindow
MoveWindow
SetWindowPos
CopyImage
GetClientRect
CreateWindowExA
AdjustWindowRectEx
SetRect
SystemParametersInfoA
GetCursor
AttachThreadInput
GetWindowThreadProcessId
WindowFromPoint
LoadCursorA
RegisterHotKey
ClientToScreen
GetForegroundWindow
CharUpperBuffA
IsCharAlphaA
IsCharAlphaNumericA
IsCharLowerA
IsCharUpperA
EnumChildWindows
EnumWindows
GetClassNameA
IsWindowVisible
EnableWindow
GetWindowLongA
IsIconic
IsZoomed
GetCaretPos
GetFocus
GetMenu
GetMenuItemCount
GetMenuStringA
GetMenuItemID
GetSubMenu
IsWindowEnabled
MapVirtualKeyA
SetForegroundWindow
CreateIconFromResourceEx
CreateIcon
GetMessageA
GetParent
ScreenToClient
SetActiveWindow
SetFocus
GetDlgCtrlID
PostMessageA
ExitWindowsEx

gdi32

PolyBezierTo
ExtCreatePen
GetTextExtentPoint32A
StrokeAndFillPath
EndPath
StrokePath
MoveToEx
AngleArc
LineTo
CloseFigure
Ellipse
SetPixel
BeginPath
PolyDraw
SetViewportOrgEx
Rectangle
GetObjectA
SetTextColor
SetBkMode
CreateSolidBrush
SetBkColor
CreateDCA
GetStockObject
GetTextFaceA
GetDeviceCaps
CreateFontA
CreateCompatibleDC
CreateDIBSection
SelectObject
BitBlt
GetDIBits
DeleteObject
GetPixel
DeleteDC

comdlg32

GetSaveFileNameA
GetOpenFileNameA

advapi32

RegEnumValueA
UnlockServiceDatabase
LockServiceDatabase
OpenSCManagerA
RegCloseKey
RegQueryValueExA
RegEnumKeyExA
RegOpenKeyExA
RegConnectRegistryA
GetUserNameA
RegSetValueExA
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
CloseServiceHandle
RegDeleteValueA
RegDeleteKeyA
RegCreateKeyExA

shell32

ExtractIconA
DragQueryPoint
DragFinish
Shell_NotifyIconA
DragQueryFileA
SHFileOperationA
SHGetMalloc
SHGetDesktopFolder
SHBrowseForFolderA
SHGetPathFromIDListA
ExtractIconExA

ole32

StringFromCLSID
CoInitializeSecurity
CoCreateInstanceEx
CoSetProxyBlanket
OleInitialize
OleUninitialize
CreateBindCtx
MkParseDisplayName
OleSetMenuDescriptor
StringFromIID
CLSIDFromString
IIDFromString
CoTaskMemAlloc
CoTaskMemFree
CreateStreamOnHGlobal
CoCreateInstance
CoInitialize
CoUninitialize
CLSIDFromProgID
OleSetContainedObject

oleaut32

GetActiveObject
SysAllocString
SafeArrayAllocDescriptorEx
SafeArrayAllocData
SafeArrayDestroyData
SafeArrayDestroyDescriptor
OleLoadPicture
VariantTimeToSystemTime
VarR4FromDec
SafeArrayAccessData
SafeArrayUnaccessData
VariantClear
VariantCopy
VariantInit
LoadRegTypeLi

winmm

timeGetTime
mciSendStringA
waveOutSetVolume

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

wsock32

htons
connect
closesocket
send
select
__WSAFDIsSet
recv
WSAGetLastError
inet_addr
WSAStartup
ioctlsocket
gethostbyname
WSACleanup
socket
listen
bind
accept
sendto
ntohs
recvfrom
gethostname

comctl32

ImageList_ReplaceIcon
ImageList_Create
InitCommonControlsEx
ImageList_DragMove
ImageList_EndDrag
ImageList_DragLeave
ImageList_DragEnter
ImageList_BeginDrag
ImageList_SetDragCursorImage
ImageList_Destroy
ImageList_Remove

mpr

WNetAddConnection2A
WNetGetConnectionA
WNetCancelConnection2A
WNetUseConnectionA

Sections

.text
Size: 316KB - Virtual size: 316KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 31KB - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

05fe417a68e8a3debae496838ce8b937

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

winmm

version

wsock32

comctl32

mpr

Sections

.text Size: 316KB - Virtual size: 316KB

.rdata Size: 14KB - Virtual size: 13KB

.data Size: 31KB - Virtual size: 107KB

.idata Size: 10KB - Virtual size: 10KB

.rsrc Size: 14KB - Virtual size: 13KB

.text
Size: 316KB - Virtual size: 316KB

.rdata
Size: 14KB - Virtual size: 13KB

.data
Size: 31KB - Virtual size: 107KB

.idata
Size: 10KB - Virtual size: 10KB

.rsrc
Size: 14KB - Virtual size: 13KB