SecuriteInfo[.]com[.]W32[.]Kryptik[.]GDVU[.]tr[.]29932[.]14369

Sharing

Copy URL Twitter E-mail

General

Target

SecuriteInfo.com.W32.Kryptik.GDVU.tr.29932.14369
Size

80KB
MD5

a517992085a7dc6b6a338f92cfb06db4
SHA1

1dba197e3f0d9186a78860ac807c8960f30b141e
SHA256

86f0726d7e53adf708560aa5797d347ac003a1f59c0eee2acb7203ea57a6bd7f
SHA512

4512ce0a50ca3dbecaf55f2b24c68680ec7e99ea6cab000a48b6117d163d2e4d2067f832bfb49ead431199d22996bf2098ea1221435f165f551377e4af63c5bf
SSDEEP

1536:zdyFfHPemUcsJ5+Pp8zWIuPdxfFApXRCvodtQuWPXXqsWy6cdSjCLOQGEFo:afHTUcsJ5+Pp8IDfFApXRCv4WPH7SWSB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
SecuriteInfo.com.W32.Kryptik.GDVU.tr.29932.14369

Files

SecuriteInfo.com.W32.Kryptik.GDVU.tr.29932.14369
.exe windows:6 windows x86 arch:x86

25a6de05a84f5ee95b37910243108cc8

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

InitCommonControlsEx

kernel32

FindResourceW
WriteConsoleW
CloseHandle
CreateFileW
SetFilePointerEx
GetConsoleMode
GetConsoleCP
FlushFileBuffers
HeapReAlloc
HeapSize
GetProcessHeap
LCMapStringW
GetStringTypeW
GetFileType
SetStdHandle
SizeofResource
GetEnvironmentStringsW
WideCharToMultiByte
MultiByteToWideChar
GetCommandLineW
GetCommandLineA
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
FindNextFileW
FindFirstFileExW
FindClose
HeapAlloc
HeapFree
GetModuleHandleExW
ExitProcess
GetModuleFileNameW
WriteFile
GetStdHandle
RaiseException
LoadLibraryExW
GetProcAddress
FreeLibrary
TlsFree
TlsSetValue
TlsGetValue
LockResource
LoadResource
GetModuleHandleW
VirtualAlloc
FreeEnvironmentStringsW
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetStartupInfoW
IsProcessorFeaturePresent
GetCurrentProcess
TerminateProcess
RtlUnwind
GetLastError
SetLastError
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
TlsAlloc
DecodePointer

mswsock

MigrateWinsockConfiguration
GetAddressByNameW
GetNameByTypeA
rexec
NPLoadNameSpaces
dn_expand
s_perror
AcceptEx
EnumProtocolsW

user32

wsprintfW
TabbedTextOutW
EnumDesktopsA
SetMenuItemBitmaps
DdeUnaccessData
SendMessageTimeoutW
LoadStringW
UpdateWindow
MessageBoxW
GetMessageW
ShowWindow
CreateWindowExW
RegisterClassW
PostQuitMessage
DefWindowProcW
SendMessageW
DispatchMessageW
TranslateMessage

wsnmp32

ord101
ord202
ord300
ord902
ord602
ord900
ord100
ord301

mscms

CreateProfileFromLogColorSpaceW
OpenColorProfileW
EnumColorProfilesA

wsock32

inet_ntoa
getsockopt
htons
__WSAFDIsSet
WSACleanup

resutils

ResUtilResourceTypesEqual
ResUtilSetDwordValue
ResUtilGetMultiSzProperty
ResUtilGetEnvironmentWithNetName
ClusWorkerCheckTerminate
ResUtilPropertyListFromParameterBlock

gdi32

MaskBlt
EndPath
GetMapMode
SetGraphicsMode

Sections

.text
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

25a6de05a84f5ee95b37910243108cc8

Headers

DLL Characteristics

File Characteristics

Imports

comctl32

kernel32

mswsock

user32

wsnmp32

mscms

wsock32

resutils

gdi32

Sections

.text Size: 42KB - Virtual size: 41KB

.rdata Size: 24KB - Virtual size: 24KB

.data Size: 2KB - Virtual size: 4KB

.rsrc Size: 6KB - Virtual size: 5KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 42KB - Virtual size: 41KB

.rdata
Size: 24KB - Virtual size: 24KB

.data
Size: 2KB - Virtual size: 4KB

.rsrc
Size: 6KB - Virtual size: 5KB

.reloc
Size: 4KB - Virtual size: 3KB