SecuriteInfo[.]com[.]BackDoor[.]BlackHole[.]55951[.]25738[.]15896 | Triage

Sharing

General

Target

SecuriteInfo.com.BackDoor.BlackHole.55951.25738.15896
Size

1.1MB
MD5

ec83b4eabdee9d3e7d3d2c04c874d1b8
SHA1

dcf9c858a5244ae1528d334f6a2e2ad98709548a
SHA256

d84acd554675283504bdd27f2c36ee8dbd09dd89d3dff7f139eadcf186c3626d
SHA512

84629912ca15fdb62db66c487c97ec1967b696466660e848acbb37633fca627a6d370f9120797607612c435b0c954553bd1faa4d94e823ffb0651f90e09a6586
SSDEEP

6144:mPoUFAPxD/QdjRjk4kHjsAErxqGnxp8Ny8OYkHMNyV5IhCU/5+ZL5OlVsJb1lHY+:mPoUsDMdMPErx9UNQ0CUs1OnEstY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
SecuriteInfo.com.BackDoor.BlackHole.55951.25738.15896

Files

SecuriteInfo.com.BackDoor.BlackHole.55951.25738.15896
.exe windows:4 windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 524KB - Virtual size: 524KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 88KB - Virtual size: 88KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 232KB - Virtual size: 232KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.snaker
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE