SecuriteInfo[.]com[.]Win32[.]TrojanX-gen[.]21775[.]7430

Sharing

Copy URL Twitter E-mail

General

Target

SecuriteInfo.com.Win32.TrojanX-gen.21775.7430
Size

296KB
MD5

ae08244b681a5f7360a8d577be0f0540
SHA1

246030a9b20f84afeda25031459ba43073c0c08e
SHA256

c221aff067c0d898bd3fb0a8e89bf42a29858842dddadbe428c56d4fc99fa44b
SHA512

c0eae5be316f365435fa1d6cca6e7e8dca594d46522ed1742e00a8b92332839d6bc771849fbf3c787850491ec3cbfc76126d9e4ba40be191c4b8f187617f377a
SSDEEP

6144:dYYpnug3+Fm1/BHIt0tuQ0NGbluRvjhBCtSt1tud7lIlZGSfcQ2ydKLXg:dYYpnuHFm1/BHItguQ0NGblut1jt1tuO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
SecuriteInfo.com.Win32.TrojanX-gen.21775.7430

Files

SecuriteInfo.com.Win32.TrojanX-gen.21775.7430
.exe windows:6 windows x86 arch:x86

0952fa0a4af71390e412a32cb229b819

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

imm32

ImmUnregisterWordA
ImmRequestMessageA
ImmGetHotKey
ImmEnumRegisterWordA
ImmGetDefaultIMEWnd
ImmGetCandidateListCountW
ImmSetCompositionFontW
ImmShowSoftKeyboard

shlwapi

StrStrIA
SHIsLowMemoryMachine
SHRegCloseUSKey
PathFindNextComponentA
PathQuoteSpacesA
PathParseIconLocationW
SHCreateShellPalette
SHQueryInfoKeyA

kernel32

SetFilePointerEx
GetConsoleCP
VirtualAlloc
GetModuleHandleW
LoadResource
LockResource
SizeofResource
FindResourceW
FlushFileBuffers
ReadFile
ReadConsoleW
CreateFileW
CloseHandle
WriteConsoleW
GetFileSizeEx
GetConsoleMode
HeapReAlloc
HeapSize
SetConsoleCtrlHandler
GetProcessHeap
LCMapStringW
CompareStringW
GetTimeFormatW
GetDateFormatW
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
GetStringTypeW
GetFileType
SetStdHandle
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
WideCharToMultiByte
MultiByteToWideChar
GetCommandLineW
GetCommandLineA
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
FindNextFileW
FindFirstFileExW
FindClose
HeapFree
OutputDebugStringW
HeapAlloc
GetCurrentThread
GetModuleHandleExW
ExitProcess
GetModuleFileNameW
WriteFile
GetStdHandle
LoadLibraryExW
GetProcAddress
FreeLibrary
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
EncodePointer
SetLastError
GetLastError
InterlockedFlushSList
InterlockedPushEntrySList
DecodePointer
RtlUnwind
RaiseException
TerminateProcess
GetCurrentProcess
IsProcessorFeaturePresent
GetStartupInfoW
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter

gdi32

CloseMetaFile
AddFontResourceExA
EnumFontFamiliesW
EndDoc
PolyBezier
GetCharWidth32W

wsock32

ord1114
WSAAsyncGetProtoByName
WSAStartup
getsockopt
ord1111

wininet

FtpSetCurrentDirectoryA
InternetCreateUrlW
InternetAutodialHangup
FindNextUrlCacheEntryExA
InternetHangUp

shell32

SHGetDataFromIDListW
DragAcceptFiles
SHLoadInProc

winspool.drv

SplDriverUnloadComplete
AddPrinterDriverExW
FindClosePrinterChangeNotification
ScheduleJob
ord208
GetPrinterDataExA
FindFirstPrinterChangeNotification
DeletePrinterConnectionA

oleaut32

VarCyFromUI2
VarI2FromDec
VarFormatCurrency
VarCyFromDisp
VarUI2FromStr
VarUI1FromStr
SafeArrayGetElemsize
VarOr
VariantInit
VariantClear

resutils

ResUtilGetMultiSzProperty
ResUtilAddUnknownProperties
ResUtilFindSzProperty
ResUtilSetExpandSzValue
ResUtilSetBinaryValue
ResUtilSetDwordValue
ResUtilGetEnvironmentWithNetName
ResUtilStopService

user32

UpdateWindow
MessageBoxW
ShowWindow
GetMessageW
RegisterClassW
GetClientRect
PostQuitMessage
TranslateMessage
DispatchMessageW
CreateWindowExW
DefWindowProcW

ole32

CoInitializeEx
CoCreateInstance
CoUninitialize

Sections

.text
Size: 219KB - Virtual size: 219KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 57KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0952fa0a4af71390e412a32cb229b819

Headers

DLL Characteristics

File Characteristics

Imports

imm32

shlwapi

kernel32

gdi32

wsock32

wininet

shell32

winspool.drv

oleaut32

resutils

user32

ole32

Sections

.text Size: 219KB - Virtual size: 219KB

.rdata Size: 57KB - Virtual size: 57KB

.data Size: 3KB - Virtual size: 7KB

.rsrc Size: 6KB - Virtual size: 5KB

.reloc Size: 9KB - Virtual size: 8KB

.text
Size: 219KB - Virtual size: 219KB

.rdata
Size: 57KB - Virtual size: 57KB

.data
Size: 3KB - Virtual size: 7KB

.rsrc
Size: 6KB - Virtual size: 5KB

.reloc
Size: 9KB - Virtual size: 8KB