Static task
static1
Behavioral task
behavioral1
Sample
SecuriteInfo.com.Win32.InjectorX-gen.30566.27452.exe
Resource
win7-20231023-en
Behavioral task
behavioral2
Sample
SecuriteInfo.com.Win32.InjectorX-gen.30566.27452.exe
Resource
win10v2004-20231023-en
General
-
Target
SecuriteInfo.com.Win32.InjectorX-gen.30566.27452.exe
-
Size
163KB
-
MD5
4b0a82dc47565ead19950288805f43e2
-
SHA1
3f32f653f674d85cd024ec236383e19686f4e541
-
SHA256
f0f8649135af4815cf441bd553124b2f422d39667dcb7d0f476a9cc5a871767d
-
SHA512
d193eed1103e89ac946d8b00984964132fffd331f8dde12bb17b249252b24b82d4acd35134c4ccd68ef2ccf6509febb3c4eef33856a92c66cd3109c174766153
-
SSDEEP
3072:cysS3L3kfHEdvOtJuWDPQC2N0PCSJF91i0Rz0PaOfFPgL4rIONE90Wg:c1QF2hDPaKPTF/ntIa1pk
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource SecuriteInfo.com.Win32.InjectorX-gen.30566.27452.exe
Files
-
SecuriteInfo.com.Win32.InjectorX-gen.30566.27452.exe.exe windows:6 windows x86
5a23357764f0c833dcd1a07cf87f8149
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
shlwapi
PathIsDirectoryA
PathAddBackslashW
SHRegEnumUSKeyW
UrlGetLocationW
StrNCatA
kernel32
GetCurrentProcessId
WriteConsoleW
HeapSize
CreateFileW
SetStdHandle
HeapAlloc
GetProcessHeap
Sleep
GetProcAddress
LoadLibraryA
EnumSystemCodePagesW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetOEMCP
GetACP
IsValidCodePage
FindNextFileW
FindFirstFileExW
FindClose
HeapReAlloc
ReadConsoleW
SetFilePointerEx
GetFileSizeEx
ReadFile
GetConsoleMode
GetConsoleCP
FlushFileBuffers
CloseHandle
GetFileType
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
LCMapStringW
HeapFree
GetModuleHandleExW
ExitProcess
GetModuleFileNameW
WriteFile
GetStdHandle
LoadLibraryExW
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionEx
DeleteCriticalSection
EncodePointer
DecodePointer
MultiByteToWideChar
WideCharToMultiByte
LCMapStringEx
GetStringTypeW
GetCPInfo
IsProcessorFeaturePresent
QueryPerformanceCounter
SetEndOfFile
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetStartupInfoW
GetModuleHandleW
GetCurrentProcess
TerminateProcess
RaiseException
RtlUnwind
GetLastError
SetLastError
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
mswsock
EnumProtocolsA
EnumProtocolsW
WSARecvEx
AcceptEx
SetServiceA
GetAddressByNameA
rcmd
getnetbyname
rexec
user32
CharUpperA
UserHandleGrantAccess
CreateIconFromResourceEx
mouse_event
DdeSetQualityOfService
wsock32
WSAStartup
WSASetBlockingHook
getprotobynumber
msacm32
acmFilterChooseW
acmFilterEnumA
acmStreamUnprepareHeader
acmStreamConvert
acmFormatTagEnumA
acmDriverAddW
acmDriverOpen
acmFormatEnumW
acmGetVersion
acmMetrics
ole32
CoInitialize
CoCreateInstance
CoUninitialize
oleaut32
VariantInit
SysAllocString
Sections
.text Size: 112KB - Virtual size: 112KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 37KB - Virtual size: 37KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 12KB - Virtual size: 15KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE