Static task
static1
Behavioral task
behavioral1
Sample
SecuriteInfo.com.Win32.InjectorX-gen.25801.7286.exe
Resource
win7-20231023-en
Behavioral task
behavioral2
Sample
SecuriteInfo.com.Win32.InjectorX-gen.25801.7286.exe
Resource
win10v2004-20231023-en
General
-
Target
SecuriteInfo.com.Win32.InjectorX-gen.25801.7286.exe
-
Size
163KB
-
MD5
34ee43b0ce680bd84e6b8271d2acae56
-
SHA1
e87a97be24839616ef5221d63ab95866c545574f
-
SHA256
5a194ede7d0067815b86deff35f0e42c7bdc23a3926e547c5a8ed2cf2e9a04d4
-
SHA512
ad5ad5046660f9d442e57e0a18c4e11f6686c0ad765f613e177b3bafd802aa4fc00acd024b8a341e1e3c7734d0350fcb7c036a0a036a029d56e272a247dc9f3b
-
SSDEEP
3072:HcHzLc80p1GMNFFz3cXqia95mCVJGF9J7qwZIf4D51rIOyQag:HcHsnVsXqzfmiGdmidgg
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource SecuriteInfo.com.Win32.InjectorX-gen.25801.7286.exe
Files
-
SecuriteInfo.com.Win32.InjectorX-gen.25801.7286.exe.exe windows:6 windows x86
5a23357764f0c833dcd1a07cf87f8149
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
shlwapi
PathIsDirectoryA
PathAddBackslashW
SHRegEnumUSKeyW
UrlGetLocationW
StrNCatA
kernel32
GetCurrentProcessId
WriteConsoleW
HeapSize
CreateFileW
SetStdHandle
HeapAlloc
GetProcessHeap
Sleep
GetProcAddress
LoadLibraryA
EnumSystemCodePagesW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetOEMCP
GetACP
IsValidCodePage
FindNextFileW
FindFirstFileExW
FindClose
HeapReAlloc
ReadConsoleW
SetFilePointerEx
GetFileSizeEx
ReadFile
GetConsoleMode
GetConsoleCP
FlushFileBuffers
CloseHandle
GetFileType
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
LCMapStringW
HeapFree
GetModuleHandleExW
ExitProcess
GetModuleFileNameW
WriteFile
GetStdHandle
LoadLibraryExW
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionEx
DeleteCriticalSection
EncodePointer
DecodePointer
MultiByteToWideChar
WideCharToMultiByte
LCMapStringEx
GetStringTypeW
GetCPInfo
IsProcessorFeaturePresent
QueryPerformanceCounter
SetEndOfFile
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetStartupInfoW
GetModuleHandleW
GetCurrentProcess
TerminateProcess
RaiseException
RtlUnwind
GetLastError
SetLastError
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
mswsock
EnumProtocolsA
EnumProtocolsW
WSARecvEx
AcceptEx
SetServiceA
GetAddressByNameA
rcmd
getnetbyname
rexec
user32
CharUpperA
UserHandleGrantAccess
CreateIconFromResourceEx
mouse_event
DdeSetQualityOfService
wsock32
WSAStartup
WSASetBlockingHook
getprotobynumber
msacm32
acmFilterChooseW
acmFilterEnumA
acmStreamUnprepareHeader
acmStreamConvert
acmFormatTagEnumA
acmDriverAddW
acmDriverOpen
acmFormatEnumW
acmGetVersion
acmMetrics
ole32
CoInitialize
CoCreateInstance
CoUninitialize
oleaut32
VariantInit
SysAllocString
Sections
.text Size: 112KB - Virtual size: 112KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 37KB - Virtual size: 37KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 12KB - Virtual size: 15KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE