SecuriteInfo[.]com[.]Variant[.]Zusy[.]447907[.]10461[.]8539[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

SecuriteInfo.com.Variant.Zusy.447907.10461.8539.exe
Size

50KB
MD5

eef5af80881e0f57211a8e68fb54e4e4
SHA1

31a8ce948b626ffd6508342bacd34b0e926a2a96
SHA256

65c3a8b45f08392ea275ac035ebebc75f4b8032b5781d748185d528b32a3e2d4
SHA512

6763c8813d4f05d2e87059890d8e87ac19521200acefc10ba0289496693c230f9c086b9ca0a9c600f7e4076ed7de208b6f55fbb4c68f562ec2ab76398a4938d2
SSDEEP

768:Nh1VzJWGSDi3MRUlUyd58bYdREeW6Yeq4ReXkz/QGuNKBW7MdTJ:PkGSDiQWz3jRB7QGXHJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
SecuriteInfo.com.Variant.Zusy.447907.10461.8539.exe

Files

SecuriteInfo.com.Variant.Zusy.447907.10461.8539.exe
.exe windows x86

66508cfbf8a3550adad13f7a52bc266c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

imm32

ImmGetRegisterWordStyleW
ImmDisableIME
ImmSetCompositionStringW
ImmSetStatusWindowPos
ImmGetHotKey

kernel32

GetModuleHandleW
GetProcAddress
LCMapStringEx
HeapSize
GetStringTypeW
SetEndOfFile
WriteConsoleW
HeapReAlloc
HeapAlloc
LoadLibraryW
OutputDebugStringW
LoadLibraryExW
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
CloseHandle
CreateFileW
GetConsoleCP
WideCharToMultiByte
FlushFileBuffers
SetStdHandle
Sleep
HeapFree
TerminateProcess
GetCurrentProcess
ReadFile
GetCommandLineW
IsDebuggerPresent
EncodePointer
DecodePointer
IsProcessorFeaturePresent
EnterCriticalSection
LeaveCriticalSection
GetLastError
MultiByteToWideChar
GetConsoleMode
ReadConsoleW
SetFilePointer
SetFilePointerEx
GetStdHandle
GetFileType
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
InitOnceExecuteOnce
GetStartupInfoW
RtlUnwind
SetLastError
InterlockedIncrement
InterlockedDecrement
GetCurrentThreadId
ExitProcess
GetModuleHandleExW
WriteFile
GetModuleFileNameW
GetProcessHeap
QueryPerformanceCounter
GetSystemTimeAsFileTime
GetTickCount64
GetEnvironmentStringsW
FreeEnvironmentStringsW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
FlsAlloc
FlsGetValue
FlsSetValue
FlsFree

ole32

HBRUSH_UserFree
HMENU_UserFree
HMETAFILEPICT_UserSize
GetRunningObjectTable
HBITMAP_UserMarshal
OleInitialize
RegisterDragDrop
HWND_UserUnmarshal
OleConvertIStorageToOLESTREAM

msi

ord144
ord150
ord97
ord70
ord151
ord130
ord20
ord112
ord52

pdh

PdhEnumMachinesW
PdhGetLogFileSize
PdhUpdateLogA
PdhGetDefaultPerfCounterA
PdhCalculateCounterFromRawValue

mscms

SetColorProfileElementReference
AssociateColorProfileWithDeviceW
UninstallColorProfileW
SetColorProfileElementSize
IsColorProfileTagPresent
SetStandardColorSpaceProfileA
GetColorDirectoryW

Sections

.text
Size: 34KB - Virtual size: 34KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

66508cfbf8a3550adad13f7a52bc266c

Headers

DLL Characteristics

File Characteristics

Imports

imm32

kernel32

ole32

msi

pdh

mscms

Sections

.text Size: 34KB - Virtual size: 34KB

.rdata Size: 10KB - Virtual size: 10KB

.data Size: 4KB - Virtual size: 11KB

.rsrc Size: 512B - Virtual size: 480B

.text
Size: 34KB - Virtual size: 34KB

.rdata
Size: 10KB - Virtual size: 10KB

.data
Size: 4KB - Virtual size: 11KB

.rsrc
Size: 512B - Virtual size: 480B