SecuriteInfo[.]com[.]Win32[.]MalwareX-gen[.]22606[.]12305

Sharing

Copy URL Twitter E-mail

General

Target

SecuriteInfo.com.Win32.MalwareX-gen.22606.12305
Size

199KB
MD5

20c52a24d9e665f29eeeda191a8e47ff
SHA1

794c6e0516433a5caae0de868a9db54743b09525
SHA256

235f5430842be63a9bca58fb148480b6d6a1f0a0631ace17e78bf8430c5f98e0
SHA512

c7f258892846bd70409a67cbd0979fcf899ffad319e22ec77849789cc6b6c5b3c558c45d74be6ddda12a5eed4f566d2f915f2472a971237974e44a5f62d35413
SSDEEP

3072:cg3lQcYDAB88t1/4YZG9N/VNWIclco+Hm9/4jXA++9HCMVZnG:cJLUB88v4YYVNiIHYgXAMEg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
SecuriteInfo.com.Win32.MalwareX-gen.22606.12305

Files

SecuriteInfo.com.Win32.MalwareX-gen.22606.12305
.exe windows:6 windows x86

8bafd71683d27c4e3c4ba0d0ddd1e237

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTempPathW
FindNextFileW
FindFirstFileW
FindClose
EnumSystemCodePagesA
VirtualAlloc
DeleteFileW
SetEndOfFile
CreateFileW
OutputDebugStringW
ReadConsoleW
WriteConsoleW
SetStdHandle
LoadLibraryExW
HeapReAlloc
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
GetModuleFileNameW
SetFilePointerEx
ReadFile
GetFileType
GetStdHandle
GetConsoleMode
GetConsoleCP
WriteFile
FlushFileBuffers
CloseHandle
GetProcessHeap
IsDebuggerPresent
GetCurrentThreadId
GetOEMCP
GetACP
IsValidCodePage
HeapSize
AreFileApisANSI
GetModuleHandleExW
WideCharToMultiByte
MultiByteToWideChar
GetStringTypeW
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
EncodePointer
DecodePointer
GetLastError
HeapFree
RaiseException
RtlUnwind
GetCommandLineW
GetCPInfo
HeapAlloc
UnhandledExceptionFilter
SetUnhandledExceptionFilter
SetLastError
InitializeCriticalSectionAndSpinCount
Sleep
GetCurrentProcess
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetStartupInfoW
GetModuleHandleW
GetProcAddress
IsProcessorFeaturePresent
LCMapStringW
GetLocaleInfoW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
ExitProcess

crypt32

CertSetCTLContextProperty
CertVerifySubjectCertificateContext
CertFindRDNAttr
CertDuplicateCRLContext
CryptDecryptMessage

mpr

WNetCancelConnectionW
WNetGetUserW
WNetDisconnectDialog1A
WNetGetResourceInformationA
WNetCloseEnum
WNetOpenEnumA
WNetGetNetworkInformationA
WNetGetResourceParentW
WNetEnumResourceW

user32

ToUnicode
IsDialogMessageA
GetMonitorInfoW
SetRect
CopyImage
PeekMessageW
GetActiveWindow

ole32

CreateStreamOnHGlobal
GetClassFile
CLIPFORMAT_UserSize
HBITMAP_UserUnmarshal

loadperf

UnloadPerfCounterTextStringsA
LoadPerfCounterTextStringsA

shell32

SHBrowseForFolder
ExtractAssociatedIconExA
DragFinish
ExtractIconA
SHGetFileInfo

rtutils

TraceDeregisterExA
RouterAssert
RouterLogEventW

Sections

.text
Size: 147KB - Virtual size: 147KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 37KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

8bafd71683d27c4e3c4ba0d0ddd1e237

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

crypt32

mpr

user32

ole32

loadperf

shell32

rtutils

Sections

.text Size: 147KB - Virtual size: 147KB

.rdata Size: 37KB - Virtual size: 37KB

.data Size: 13KB - Virtual size: 21KB

.text
Size: 147KB - Virtual size: 147KB

.rdata
Size: 37KB - Virtual size: 37KB

.data
Size: 13KB - Virtual size: 21KB