SecuriteInfo[.]com[.]W32[.]Kryptik[.]KRH[.]gen[.]Eldorado[.]23235[.]15620[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

SecuriteInfo.com.W32.Kryptik.KRH.gen.Eldorado.23235.15620.exe
Size

246KB
MD5

867cb2cb53abd972e5a9e331ed868152
SHA1

8ec9fb9d78d6f5112717b1a61542376d95aa587d
SHA256

ee7042c2f270f30b2b966f6b74fc0b73688201f7383b0c939724fc8e8a0ba330
SHA512

65e1837e82023a0404a16e588f75ba18243c398776cb13a1f4ca4f5a77d20503e9bd80a6f821a44997177f8f74039cc34bc450efb0d9db62ca723633870f5f43
SSDEEP

3072:FsziyUEakLF2ZQzd48XgORVpaBE2kjZtNldxmFVe:SUEakAGdXwqjaBDAZ7xm7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
SecuriteInfo.com.W32.Kryptik.KRH.gen.Eldorado.23235.15620.exe

Files

SecuriteInfo.com.W32.Kryptik.KRH.gen.Eldorado.23235.15620.exe
.exe windows x86

3f06506eee90c0a3a305eaa9c4f190ff

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetConsoleAliasExesA
MoveFileExA
ReadConsoleA
InterlockedDecrement
SetDefaultCommConfigW
GetEnvironmentStringsW
GetUserDefaultLCID
SetConsoleScreenBufferSize
AddConsoleAliasW
SetVolumeMountPointW
GetComputerNameW
GetModuleHandleW
GetCommConfig
GetConsoleAliasesLengthA
GetDriveTypeA
GetEnvironmentStrings
GetPrivateProfileIntA
LoadLibraryW
TerminateThread
ReadConsoleInputA
CopyFileW
SetConsoleCP
EnumSystemCodePagesA
LocalReAlloc
GetACP
GetVolumePathNameA
CreateMailslotW
FindFirstFileW
CreateJobObjectA
GetNamedPipeHandleStateW
GetStartupInfoA
FindFirstFileA
GetLastError
GetCurrentDirectoryW
RemoveDirectoryA
GetProcessVersion
LoadLibraryA
LocalAlloc
GetFileType
FindNextFileA
EnumDateFormatsA
SetLocaleInfoW
FreeEnvironmentStringsW
FindNextFileW
VirtualProtect
PurgeComm
FatalAppExitA
GetShortPathNameW
FindFirstVolumeA
ReadConsoleInputW
FindAtomW
GetWindowsDirectoryW
EnumSystemLocalesW
CreateFileW
CloseHandle
SetInformationJobObject
GetPrivateProfileSectionNamesW
DisconnectNamedPipe
GetCommandLineW
WriteConsoleW
MoveFileA
HeapFree
HeapAlloc
EncodePointer
DecodePointer
HeapSetInformation
GetStartupInfoW
HeapCreate
GetProcAddress
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
TerminateProcess
GetCurrentProcess
Sleep
HeapSize
EnterCriticalSection
LeaveCriticalSection
SetFilePointer
SetHandleCount
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
HeapReAlloc
RtlUnwind
GetCPInfo
GetOEMCP
IsValidCodePage
WideCharToMultiByte
SetStdHandle
GetConsoleCP
GetConsoleMode
FlushFileBuffers
IsProcessorFeaturePresent
LCMapStringW
MultiByteToWideChar
GetStringTypeW
RaiseException

user32

CharUpperW

gdi32

SelectPalette
GetTextFaceW
GetCharWidthA

shell32

DragFinish

Sections

.text
Size: 212KB - Virtual size: 212KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 17KB - Virtual size: 2.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3f06506eee90c0a3a305eaa9c4f190ff

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

shell32

Sections

.text Size: 212KB - Virtual size: 212KB

.data Size: 17KB - Virtual size: 2.8MB

.rsrc Size: 16KB - Virtual size: 15KB

.text
Size: 212KB - Virtual size: 212KB

.data
Size: 17KB - Virtual size: 2.8MB

.rsrc
Size: 16KB - Virtual size: 15KB