SecuriteInfo[.]com[.]Win32[.]TrojanX-gen[.]23440[.]3125[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

SecuriteInfo.com.Win32.TrojanX-gen.23440.3125.exe
Size

152KB
MD5

42ad8bf5b54e4f464c4d6e6a00b9742c
SHA1

1546b05015d0304076b5c16ffc2769e810663132
SHA256

b8824669a491f652a71ffc86c54eacb82b81cc685776800057b48eec8ad762cc
SHA512

ca94ffdcf8b2057663428864318086f0e7d56e1c2fcc3141b71d909181195192ae1d325040f752c80f5efcf674f78f9f0d84710e95f7313b418bd93f635c6345
SSDEEP

3072:zympNyqIpxBHPbtk7MsFzpHNb+7Nc09Z9geuHUj:zymbCxhtOFzLh2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
SecuriteInfo.com.Win32.TrojanX-gen.23440.3125.exe

Files

SecuriteInfo.com.Win32.TrojanX-gen.23440.3125.exe
.exe windows:6 windows x86

08df1a54a46b580009d36cecf85d9890

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryExW
SetFilePointerEx
ReadFile
GetConsoleMode
WriteConsoleW
FlushFileBuffers
OutputDebugStringW
HeapReAlloc
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
WriteFile
ReadConsoleW
CreateFileW
CloseHandle
SetStdHandle
EnumTimeFormatsW
GetProcAddress
GetConsoleCP
GetModuleHandleA
GetModuleFileNameW
GetFileType
GetStdHandle
IsDebuggerPresent
GetProcessHeap
GetCurrentThreadId
WideCharToMultiByte
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
EncodePointer
DecodePointer
MultiByteToWideChar
GetStringTypeW
GetLastError
HeapFree
RaiseException
RtlUnwind
GetCommandLineW
GetCPInfo
HeapAlloc
UnhandledExceptionFilter
SetUnhandledExceptionFilter
SetLastError
InitializeCriticalSectionAndSpinCount
Sleep
GetCurrentProcess
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetStartupInfoW
GetModuleHandleW
IsProcessorFeaturePresent
LCMapStringW
GetLocaleInfoW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
ExitProcess
GetModuleHandleExW
HeapSize
IsValidCodePage
GetACP
GetOEMCP

crypt32

CryptMsgControl

ole32

HBITMAP_UserFree
OleDestroyMenuDescriptor
OleCreate
OleGetClipboard
OleLockRunning
HMETAFILE_UserUnmarshal
OleRun

oleaut32

VarR8FromUI4
VarAbs
VarXor
VarFormatNumber
VarDecDiv

mapi32

ord143
ord24
ord183
ord26
ord138
ord128
ord123

comdlg32

GetOpenFileNameW
PrintDlgExA
GetOpenFileNameA
FindTextW
ChooseColorA
PrintDlgExW
ChooseColorW
CommDlgExtendedError

wsock32

getservbyport
WSACancelBlockingCall
ord1114
WSASetLastError
sendto

Sections

.text
Size: 104KB - Virtual size: 103KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 34KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

08df1a54a46b580009d36cecf85d9890

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

crypt32

ole32

oleaut32

mapi32

comdlg32

wsock32

Sections

.text Size: 104KB - Virtual size: 103KB

.rdata Size: 34KB - Virtual size: 34KB

.data Size: 12KB - Virtual size: 21KB

.text
Size: 104KB - Virtual size: 103KB

.rdata
Size: 34KB - Virtual size: 34KB

.data
Size: 12KB - Virtual size: 21KB