SecuriteInfo[.]com[.]FileRepMetagen[.]11876[.]3709

Sharing

Copy URL

Twitter E-mail

General

Target

SecuriteInfo.com.FileRepMetagen.11876.3709
Size

1.7MB
MD5

aa3d4b76c880ebae6f66305d6e7140e4
SHA1

aae329425c4dcb425e30896e36cf0917a22aa487
SHA256

850bacc0640ddc09d8f3a64a586b5e31f69c38a1d4028e8dd3151cb01bba89d2
SHA512

91e7252e22d243c013f1fc4f6e633627734210588b129bfe517d1dc3d46c1e1e5363b6722eb34a71986accd4b845433e18992e843001f22661f24a816c28b7a9
SSDEEP

49152:gJXbYWGHzMdCY0AsdAFOB5iJfqUquW+CzaB+:SNGwdaAIAFqfPL7zr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
SecuriteInfo.com.FileRepMetagen.11876.3709

Files

SecuriteInfo.com.FileRepMetagen.11876.3709
.exe windows x86

f096c876f8f48c83f5ef66b228d62ddc

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ole32 kernel32

CoCreateInstance ��

kernel32

FreeResource
GlobalUnlock
GlobalLock
GlobalAlloc
LockResource
FindResourceW
GetModuleHandleW
GlobalFree
GetProcAddress
GetCurrentThreadId
GetLastError
InterlockedIncrement
lstrcmpiW
lstrlenA
DebugBreak
OutputDebugStringW
SetLastError
FreeLibrary
LoadLibraryExW
GetModuleFileNameW
LoadLibraryW
VirtualAlloc
GetFileSize
GetSystemDirectoryA
VirtualAllocEx
FlushFileBuffers
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
GetConsoleMode
GetConsoleCP
GetStringTypeW
GetStringTypeA
GetSystemTimeAsFileTime
GetCurrentProcess
GetTickCount
QueryPerformanceCounter
GetStartupInfoA
GetFileType
SetHandleCount
GetCommandLineW
GetCommandLineA
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
ExitProcess
LCMapStringW
WideCharToMultiByte
LCMapStringA
HeapSize
GetModuleFileNameA
GetStdHandle
WriteFile
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetModuleHandleA
IsValidCodePage
GetOEMCP
GetCPInfo
GetStartupInfoW
RtlUnwind
HeapReAlloc
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
VirtualFree
IsProcessorFeaturePresent
LoadLibraryA
GetProcessHeap
HeapFree
FlushInstructionCache
VirtualProtectEx
VirtualFreeEx
Module32FirstW
Module32NextW
OpenProcess
ReadProcessMemory
WaitForSingleObject
CreateToolhelp32Snapshot
Process32FirstW
Process32NextW
WriteProcessMemory
MultiByteToWideChar
lstrlenW
InterlockedDecrement
DeleteCriticalSection
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
RaiseException
SizeofResource
LoadResource
FindResourceA
SetFilePointer
InterlockedCompareExchange
GetVersionExA
ReadFile
CreateFileA
Sleep
HeapDestroy
HeapCreate
HeapAlloc
SetThreadPriority
CreateThread
CloseHandle
GetCurrentProcessId

user32

GetTopWindow
FindWindowW
SetWindowLongW
ShowWindow
LoadStringW
DispatchMessageW
TranslateMessage
GetMessageW
PeekMessageW
CharNextW
DefWindowProcW
DestroyWindow
GetWindowLongW
GetParent
PostMessageW
HideCaret
CallWindowProcW
GetCursor
LoadCursorW
SystemParametersInfoW
CreateDialogParamW
CreateWindowExW
GetMenu
SetWindowPos
GetWindowRect
GetClientRect
ClientToScreen
UpdateWindow
InvalidateRect
GetWindowThreadProcessId
GetWindow
SendMessageW
GetForegroundWindow
PostQuitMessage
DrawTextW
FillRect
LoadImageW
MapWindowPoints
IsDialogMessageW
MessageBoxW
SetDlgItemTextW
IsWindowVisible
ReleaseDC
GetDC
LoadBitmapW
SetWindowRgn
GetDlgItem
ScreenToClient
GetWindowTextLengthW
SetFocus
EndPaint
BeginPaint
GetSystemMetrics
InflateRect
PtInRect
DrawEdge
DrawFocusRect
ReleaseCapture
GetCapture
IsWindow
AdjustWindowRectEx
GetDlgCtrlID
SetCapture
IsWindowEnabled
KillTimer
SetTimer
UnregisterClassA

gdi32

BitBlt
CreateCompatibleBitmap
SetViewportOrgEx
SelectObject
CreateCompatibleDC
CreateFontW
SetTextColor
SetBkMode
GetStockObject
CreateRoundRectRgn
CreateSolidBrush
DeleteDC
DeleteObject
TextOutW

advapi32

RegDeleteKeyW
RegCreateKeyExW
RegOpenKeyExW
RegSetValueExW
RegQueryInfoKeyW
RegEnumKeyExW
RegDeleteValueW
RegCloseKey

shell32

Shell_NotifyIconW
ShellExecuteW

ole32

CoTaskMemRealloc
CoCreateInstance
CoTaskMemFree
CoUninitialize
CoInitialize
CreateStreamOnHGlobal
CoTaskMemAlloc

oleaut32

VarUI4FromStr

comctl32

ImageList_Destroy
ImageList_AddMasked
ImageList_Create
_TrackMouseEvent
ImageList_Draw
ImageList_GetIconSize
InitCommonControlsEx

gdiplus

GdiplusStartup
GdiplusShutdown
GdipCloneImage
GdipDrawImageRect
GdipReleaseDC
GdipCreateFromHDC
GdipGetImageHeight
GdipGetImageWidth
GdipDisposeImage
GdipLoadImageFromStreamICM
GdipLoadImageFromStream
GdipDeleteGraphics
GdipAlloc
GdipFree

winmm

PlaySoundW
waveOutWrite
waveOutUnprepareHeader
waveOutReset
waveOutPrepareHeader
waveOutOpen
waveOutGetPosition
waveOutClose

dinput8

DirectInput8Create

Sections

.text
Size: 360KB - Virtual size: 360KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sedata
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sedata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f096c876f8f48c83f5ef66b228d62ddc

Headers

File Characteristics

Imports

ole32 kernel32

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

comctl32

gdiplus

winmm

dinput8

Sections

.text Size: 360KB - Virtual size: 360KB

.sedata Size: 1.3MB - Virtual size: 1.3MB

.idata Size: 20KB - Virtual size: 20KB

.rsrc Size: 20KB - Virtual size: 20KB

.sedata Size: 4KB - Virtual size: 4KB

.text
Size: 360KB - Virtual size: 360KB

.sedata
Size: 1.3MB - Virtual size: 1.3MB

.idata
Size: 20KB - Virtual size: 20KB

.rsrc
Size: 20KB - Virtual size: 20KB

.sedata
Size: 4KB - Virtual size: 4KB