SecuriteInfo[.]com[.]Trojan[.]Inject1[.]19122[.]24205[.]25163[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

SecuriteInfo.com.Trojan.Inject1.19122.24205.25163.exe
Size

33KB
MD5

3f2a17dce077f113b6c194a45f6ad8a5
SHA1

c25a7a48425dc041e1f708e403a564823dcac4af
SHA256

0f59e193ad32132c7021bbdad311b019e6280d25f519ddc3ab9cebc679037f2e
SHA512

99bb59c7f0d303a559c472bb542cd4cab3fc0c11d254bc1698928c5602afc9effd755143b0d16d412d6a470a7e34070128b62ab4efce03f66c3f85ae13ca4a9f
SSDEEP

384:gaBhYO+xp+t33qAIZ17xkgaEDuNH4upfK0C3QxSXo7aPrruM8fLQfjkWC1Ty5aov:gLO+ji33w1WEaGQ0N7kWsTy5BcQh6D9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
SecuriteInfo.com.Trojan.Inject1.19122.24205.25163.exe

Files

SecuriteInfo.com.Trojan.Inject1.19122.24205.25163.exe
.dll regsvr32 windows:4 windows x86

ce031612b07111be3a3089472e670d06

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

SetEvent
UnmapViewOfFile
GetVersion
InterlockedDecrement
InterlockedIncrement
GlobalUnlock
GlobalLock
GetModuleFileNameW
GetModuleHandleA
GetTickCount
CloseHandle
MapViewOfFile
WaitForSingleObject
CreateMutexW
OpenEventW
OpenFileMappingW

user32

OpenClipboard
IsClipboardFormatAvailable
LoadKeyboardLayoutA
LoadImageW
ToUnicode
GetAsyncKeyState
GetKeyboardState
DefWindowProcW
EndPaint
BeginPaint
InvalidateRect
CloseClipboard
GetMonitorInfoW
MonitorFromPoint
ReleaseDC
FillRect
GetCaretBlinkTime
SetTimer
GetDC
KillTimer
GetSysColor
ShowWindow
DestroyWindow
SetLayeredWindowAttributes
MoveWindow
GetClipboardData
GetFocus
CreateWindowExW
RegisterClassW
SendInput

gdi32

SetBkMode
TextOutW
BitBlt
SetTextColor
GetStockObject
CreateSolidBrush
GetTextExtentPoint32W
CreateFontIndirectW
DeleteObject
DeleteDC
SelectObject
CreateCompatibleBitmap
CreateCompatibleDC
GetObjectW

advapi32

RegQueryValueExA
RegOpenKeyExW
RegSetValueExA
RegSetValueW
RegCreateKeyA
RegCloseKey
RegOpenKeyExA

ole32

CoCreateInstance

oleaut32

SysAllocString
SysFreeString
SysAllocStringLen

shlwapi

SHDeleteKeyA

msvcrt

memcpy
??3@YAXPAX@Z
??2@YAPAXI@Z
memset
_itow
wcsrchr

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 29KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ce031612b07111be3a3089472e670d06

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

ole32

oleaut32

shlwapi

msvcrt

Exports

Exports

Sections

.text Size: 29KB - Virtual size: 28KB

.data Size: - Virtual size: 34KB

.rsrc Size: 3KB - Virtual size: 2KB

.reloc Size: 1024B - Virtual size: 1KB

.text
Size: 29KB - Virtual size: 28KB

.data
Size: - Virtual size: 34KB

.rsrc
Size: 3KB - Virtual size: 2KB

.reloc
Size: 1024B - Virtual size: 1KB