SecuriteInfo[.]com[.]Trojan[.]PackedNET[.]2617[.]19984[.]3469[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

SecuriteInfo.com.Trojan.PackedNET.2617.19984.3469.exe
Size

867KB
MD5

fd7cfdfeaf57a1b11b2d78d47f75e570
SHA1

350256377cd5cca2f612a4cc85bac6792b92ea98
SHA256

36324286b61f333964ef0c5ae8ef3fbf326e2ba3cb24f77c1a9e2b756841d412
SHA512

040ffc75807e88bd991b0b42727ed7cbced869f34cac1e9857b9b28925ccc294bdf86f45238522f0344c0b1d9d80d3472f24a06c20e3de7123995bfdd157b57a
SSDEEP

12288:LoBi+5tRXUVUpWg7RQQRlzIWvpd21Ce3VZ+WKNPW0hTF8TS+ujfwk:LD+5ttb7RplU8pd21Cq4dNPW0Vimjj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
SecuriteInfo.com.Trojan.PackedNET.2617.19984.3469.exe

Files

SecuriteInfo.com.Trojan.PackedNET.2617.19984.3469.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 865KB - Virtual size: 864KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ