SecuriteInfo[.]com[.]Trojan[.]Win64[.]Agent[.]14252[.]8690[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

SecuriteInfo.com.Trojan.Win64.Agent.14252.8690.exe
Size

1.2MB
MD5

2acca97618c4a9f3a10f35c2c83c328f
SHA1

ec6567ee2cdcea849613ed37cd62531cadcd0293
SHA256

1cb30827954cec5a1c7bd73628fc3314582b57ed89c5a02defe34ba873cf828d
SHA512

3cb447f6e5b4ae029c576ece53296424d2cf2473633c1143d5c54549d21822bcb52773c1fa994d0f7a10198bbf1c1990eee65fd1ed5c4d68e736d64883a5c05b
SSDEEP

24576:/1Gztcr5GWxeVrL8keScnZQDYA0OKuGKFbhZbwlnI/9B:/ySGWxeVrL8keScZIYc0nU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
SecuriteInfo.com.Trojan.Win64.Agent.14252.8690.exe

Files

SecuriteInfo.com.Trojan.Win64.Agent.14252.8690.exe
.dll windows:6 windows x64 arch:x64

65d9991eaabb891014c90c2159c0bbba

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

ws2_32

send

opengl32

glViewport
glPopAttrib
glEnd
glMatrixMode
glLineWidth
glPopMatrix
glPolygonOffset
glLoadIdentity
glBegin
glColor3ub
glDisable
glPushMatrix
glOrtho
glPushAttrib
glGetIntegerv
wglGetCurrentDC
glGenLists
glCallLists
wglUseFontBitmapsA
glRasterPos2f
glListBase
glDepthRange
glGetString
glPolygonMode
glEnable
glVertex3f
glCullFace
glColor3f
glBlendFunc
glColor4fv
glColor4ub
glScalef
glColor4f
glGetFloatv
glBindTexture
glGenTextures
glScissor
glTexParameteri
glTexImage2D
glIsEnabled
glDrawElements
glPixelStorei
wglGetProcAddress

user32

GetKeyState
LoadCursorA
ScreenToClient
GetCapture
ClientToScreen
SetCapture
SetCursor
GetClientRect
ReleaseCapture
SetCursorPos
GetCursorPos
OpenClipboard
CloseClipboard
EmptyClipboard
GetClipboardData
SetClipboardData
GetWindowThreadProcessId
FindWindowA
WindowFromDC
mouse_event
SetWindowLongPtrA
PostMessageA
GetAsyncKeyState
GetForegroundWindow
IsChild
CallWindowProcA

kernel32

LCMapStringEx
DecodePointer
EncodePointer
InitializeCriticalSectionEx
GetFileInformationByHandleEx
AreFileApisANSI
GetFileAttributesExW
FindNextFileW
FindFirstFileExW
FindFirstFileW
FindClose
CreateFileW
CreateDirectoryW
GetLocaleInfoEx
FormatMessageA
LocalFree
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
GetLastError
GetSystemTimeAsFileTime
IsDebuggerPresent
IsProcessorFeaturePresent
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
InitializeSListHead
SleepConditionVariableSRW
WakeAllConditionVariable
AcquireSRWLockExclusive
ReleaseSRWLockExclusive
OpenThread
SetThreadContext
FlushInstructionCache
GetModuleHandleW
GetCurrentProcessId
GetThreadContext
HeapDestroy
HeapAlloc
CloseHandle
HeapReAlloc
CreateToolhelp32Snapshot
ResumeThread
SuspendThread
GetCurrentThreadId
Thread32First
Thread32Next
GetCurrentProcess
HeapFree
VirtualProtect
HeapCreate
VirtualQuery
GetSystemInfo
VirtualAlloc
VirtualFree
QueryPerformanceCounter
QueryPerformanceFrequency
LoadLibraryA
GlobalUnlock
WideCharToMultiByte
GlobalLock
GlobalFree
GlobalAlloc
MultiByteToWideChar
VirtualQueryEx
ReadProcessMemory
Sleep
GetFileAttributesA
GetModuleHandleA
GetTickCount64
CreateThread
GetProcAddress
GetTickCount
WriteProcessMemory
FreeLibraryAndExitThread
OpenProcess
FreeConsole
VirtualProtectEx

imm32

ImmReleaseContext
ImmSetCompositionWindow
ImmGetContext

gdi32

CreateFontA
SelectObject
DeleteObject

vcruntime140_1

__CxxFrameHandler4

vcruntime140

__current_exception_context
memchr
__uncaught_exception
memcmp
memmove
memcpy
memset
__current_exception
__std_exception_destroy
__std_exception_copy
__std_terminate
_purecall
__std_type_info_destroy_list
strstr
__C_specific_handler
_CxxThrowException

api-ms-win-crt-runtime-l1-1-0

abort
_seh_filter_dll
_configure_narrow_argv
_initialize_narrow_environment
_initialize_onexit_table
_register_onexit_function
_execute_onexit_table
_crt_atexit
_cexit
_initterm
_initterm_e
_invalid_parameter_noinfo
_wassert
_errno
terminate
_beginthreadex
_invalid_parameter_noinfo_noreturn
_set_new_handler

api-ms-win-crt-stdio-l1-1-0

fseek
fputc
_wfopen
__acrt_iob_func
ungetc
ftell
fsetpos
__stdio_common_vsscanf
fread
__stdio_common_vsprintf
fflush
_fsopen
__stdio_common_vsprintf_s
setvbuf
_get_stream_buffer_pointers
fgetpos
fwrite
__stdio_common_vfprintf
fgetc
_fseeki64
fclose

api-ms-win-crt-filesystem-l1-1-0

_unlock_file
remove
_lock_file

api-ms-win-crt-heap-l1-1-0

malloc
_aligned_free
calloc
free
_callnewh
_aligned_malloc

api-ms-win-crt-environment-l1-1-0

getenv

api-ms-win-crt-string-l1-1-0

isspace
islower
strcmp
isupper
strncpy
tolower
__strncnt
strncmp
strcpy_s
_wcsdup

api-ms-win-crt-utility-l1-1-0

qsort

api-ms-win-crt-convert-l1-1-0

strtod
strtof
atof

api-ms-win-crt-math-l1-1-0

powf
log
pow
_dclass
acosf
atan2f
sqrtf
ceilf
cosf
modf
_isnan
floorf
fmodf
logf
sinf
_finite

api-ms-win-crt-locale-l1-1-0

setlocale
_unlock_locales
_lock_locales
___lc_codepage_func
___mb_cur_max_func
__pctype_func
___lc_locale_name_func
localeconv

Sections

.text
Size: 633KB - Virtual size: 632KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 579KB - Virtual size: 578KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 23KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 27KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

65d9991eaabb891014c90c2159c0bbba

Headers

DLL Characteristics

File Characteristics

Imports

ws2_32

opengl32

user32

kernel32

imm32

gdi32

vcruntime140_1

vcruntime140

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-filesystem-l1-1-0

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-environment-l1-1-0

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-utility-l1-1-0

api-ms-win-crt-convert-l1-1-0

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-locale-l1-1-0

Sections

.text Size: 633KB - Virtual size: 632KB

.rdata Size: 579KB - Virtual size: 578KB

.data Size: 23KB - Virtual size: 64KB

.pdata Size: 27KB - Virtual size: 26KB

.rsrc Size: 512B - Virtual size: 480B

.reloc Size: 6KB - Virtual size: 6KB

.text
Size: 633KB - Virtual size: 632KB

.rdata
Size: 579KB - Virtual size: 578KB

.data
Size: 23KB - Virtual size: 64KB

.pdata
Size: 27KB - Virtual size: 26KB

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 6KB - Virtual size: 6KB