SecuriteInfo[.]com[.]Trojan[.]Win32[.]Filecoder[.]13333[.]387 | Triage

Sharing

General

Target

SecuriteInfo.com.Trojan.Win32.Filecoder.13333.387
Size

85KB
MD5

64b304c1cfa305f85b3e5ab9e518c700
SHA1

2791b6bafd4c912eb45724219319ce1482b8728f
SHA256

be8e3129f456f6b04a85c2f442c5fc785b8b0b8c6a54deaa5d21bfe23ba34d66
SHA512

2b397a56f5ee57dd45bbbd907d2a9532b794f0da9f3d0498ef9d0253f2d1c447fe70ee256d436064d196964c43f301cf45cb9932d8915e59608d42222622e7dc
SSDEEP

1536:z1cKiKFglTYNU2iQST8I0rjYj92PtqCZMR5kdnu/V9dk/Eu5:xc1KdUe7jYj9MtqCZC5kdnu/u8u5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
SecuriteInfo.com.Trojan.Win32.Filecoder.13333.387

Files

SecuriteInfo.com.Trojan.Win32.Filecoder.13333.387
.exe windows:5 windows x86

71dc5d3df7e59e82a875d9991fc14f75

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

user32

SetCursor

gdi32

CreateFontIndirectW

comdlg32

GetOpenFileNameW

advapi32

RegOpenKeyExW

shell32

SHBrowseForFolderW

ole32

CoTaskMemRealloc

oleaut32

VarUI4FromStr

shlwapi

PathFileExistsW

comctl32

_TrackMouseEvent

Sections

.text
Size: 66KB - Virtual size: 216KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE