SecuriteInfo[.]com[.]Trojan[.]MulDrop6[.]20495[.]3244[.]19917

Sharing

Copy URL

Twitter E-mail

General

Target

SecuriteInfo.com.Trojan.MulDrop6.20495.3244.19917
Size

914KB
MD5

ddb310f6ad234272c5fc4680f5b7e3c0
SHA1

19126add3204bcfdf93bd6f16bfca2540384656b
SHA256

7c22a5eaeef9d5a32de471d78061c5d9ab2c1fc28399f3a019a5786be9d48ac4
SHA512

038c0f9bd51e0d47d087d86182233874cb8f39ce77a34421f59f9735cf6165b0b9031afd744c3dcfd296b7ecfba40a8b2e9ceb65914f606ccc28b836c4099f48
SSDEEP

24576:tcSxVfBrwzEr7cp9FGCQ6QMjF0SKJr8Q0et6n:2GP7qGVtMRaJr4et6n

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
SecuriteInfo.com.Trojan.MulDrop6.20495.3244.19917

Files

SecuriteInfo.com.Trojan.MulDrop6.20495.3244.19917
.exe windows:4 windows x86 arch:x86

22977549f5973f29d9952f5032e325b2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\work\adsoft_setup\sfx\sfx_Release\sfx.pdb

Imports

kernel32

FindFirstFileA
lstrlenA
GetFileAttributesA
lstrcpynA
GetLastError
MultiByteToWideChar
AreFileApisANSI
SetLastError
GetFullPathNameA
GetProcAddress
GetModuleHandleA
FreeLibrary
LoadLibraryA
Sleep
GetSystemTimeAsFileTime
GetTempPathA
lstrcmpA
SetFilePointer
GetShortPathNameA
GetModuleFileNameA
GetCommandLineA
SetFileAttributesA
FindClose
SetEvent
lstrcmpiA
ResetEvent
CreateEventA
GetExitCodeProcess
WaitForSingleObject
CreateProcessA
CreateDirectoryA
RemoveDirectoryA
DeleteFileA
GetTickCount
FindNextFileA
lstrcatA
HeapSize
FlushFileBuffers
SetStdHandle
lstrcpyA
WriteFile
CreateFileA
ReadFile
SetFileTime
CloseHandle
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
GetLocaleInfoA
GetConsoleMode
ExitProcess
HeapFree
GetVersionExA
HeapAlloc
GetProcessHeap
GetStartupInfoA
EnterCriticalSection
LeaveCriticalSection
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetCPInfo
InterlockedIncrement
InterlockedDecrement
GetACP
GetOEMCP
IsValidCodePage
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
GetCurrentThreadId
LCMapStringA
WideCharToMultiByte
LCMapStringW
DeleteCriticalSection
GetConsoleCP
SetHandleCount
GetStdHandle
GetFileType
RtlUnwind
InitializeCriticalSection
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
QueryPerformanceCounter
GetCurrentProcessId
VirtualAlloc
HeapReAlloc
GetStringTypeA
GetStringTypeW

user32

PostMessageA
CharLowerA
wsprintfA
RegisterWindowMessageA
FindWindowA
MessageBoxA
IsWindow

advapi32

RegOpenKeyExA
RegQueryValueExA
RegCloseKey

shell32

SHGetPathFromIDListA
SHGetDesktopFolder
SHGetMalloc

ole32

CoTaskMemAlloc
CoTaskMemRealloc
CoTaskMemFree

Sections

.text
Size: 79KB - Virtual size: 79KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 46KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

22977549f5973f29d9952f5032e325b2

Headers

File Characteristics

PDB Paths

Imports

kernel32

user32

advapi32

shell32

ole32

Sections

.text Size: 79KB - Virtual size: 79KB

.rdata Size: 12KB - Virtual size: 11KB

.data Size: 6KB - Virtual size: 19KB

.rsrc Size: 46KB - Virtual size: 46KB

.text
Size: 79KB - Virtual size: 79KB

.rdata
Size: 12KB - Virtual size: 11KB

.data
Size: 6KB - Virtual size: 19KB

.rsrc
Size: 46KB - Virtual size: 46KB