SecuriteInfo[.]com[.]Trojan[.]MulDrop6[.]41499[.]23436[.]14776 | Triage

Sharing

General

Target

SecuriteInfo.com.Trojan.MulDrop6.41499.23436.14776
Size

256KB
MD5

afd310760edb83162135791633b44d1b
SHA1

e6c553bf770dc43d47929bb96316f5d4df3c4bfa
SHA256

1dcf30737ac12880bd355009211689736e629284a4d8a6797c66757314003e9a
SHA512

b56ecb895be724e68155ba281381be5a5690d15fac620dc5ad9ef24cbe08a7a3c0b8d0f7e0bbe8448754dbaf586b655a1bdd4481c13690a894abf67ab82fac9c
SSDEEP

3072:TTRCGvrDmrN28JQsjEq728TgK3PYrCb+NThzl4f6BYFO+3uRLV/cB6JUHcPB554T:T1XvXq5jIRog38B6WHu/cT4B5gP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
SecuriteInfo.com.Trojan.MulDrop6.41499.23436.14776

Files

SecuriteInfo.com.Trojan.MulDrop6.41499.23436.14776
.exe windows:4 windows x86

f78c00be23c6254967bb8d80c0ad6190

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
GetProcAddress

user32

GetDC

gdi32

EndDoc

winmm

waveOutOpen

winspool.drv

ClosePrinter

advapi32

RegCloseKey

shell32

ShellExecuteA

ole32

OleInitialize

oleaut32

UnRegisterTypeLi

comctl32

ord17

ws2_32

recvfrom

wldap32

ord29

comdlg32

ChooseColorA

Sections

.MPRESS1
Size: 245KB - Virtual size: 756KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE