SecuriteInfo[.]com[.]Variant[.]Fragtor[.]166552[.]23548[.]19417

Sharing

Copy URL

Twitter E-mail

General

Target

SecuriteInfo.com.Variant.Fragtor.166552.23548.19417
Size

1.1MB
MD5

74583ad9ff89611e4614388fcc1243b9
SHA1

c85bb349b69bba11ed9a62a30701a1c7b407533a
SHA256

e8fe6641ba9f45c1bed42e4dd0706e4db795adba0d9943bcd5f3fe14e7773e8d
SHA512

6d489000c48d3f19f116f4ef0ac4756ffc878682b41a8d27075625e80a859e5e5686485785b7e415537ceb58e61ca2c8a6e8a9132ddd305060ad1f47ba3aad9d
SSDEEP

24576:E0nWgqtP0mKw64BU3CY2Mpp4kOc8UeEQbjL7kn82xBOUP3c32Bn4:FW510mKCCpC5bF2jO8M32S

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
SecuriteInfo.com.Variant.Fragtor.166552.23548.19417

Files

SecuriteInfo.com.Variant.Fragtor.166552.23548.19417
.dll windows:6 windows x86 arch:x86

a9e6f5b9cfe7981af0275ceefff5a4fc

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

WriteConsoleA
Sleep
GetCurrentProcessId
GetModuleHandleW
WideCharToMultiByte
MultiByteToWideChar
GlobalAlloc
GlobalFree
GlobalLock
GlobalUnlock
QueryPerformanceFrequency
GetProcAddress
QueryPerformanceCounter
DisableThreadLibraryCalls
VirtualFree
VirtualAlloc
VirtualQuery
HeapCreate
VirtualProtect
HeapFree
GetCurrentProcess
Thread32Next
Thread32First
GetCurrentThreadId
SuspendThread
ResumeThread
CreateToolhelp32Snapshot
HeapReAlloc
CloseHandle
HeapAlloc
GetThreadContext
FlushInstructionCache
SetThreadContext
GetPrivateProfileStringA
FormatMessageA
InitializeSListHead
GetSystemTimeAsFileTime
IsDebuggerPresent
IsProcessorFeaturePresent
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
CreateEventW
WaitForSingleObjectEx
ResetEvent
SetEvent
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
EnterCriticalSection
GetFileInformationByHandleEx
GetLastError
AreFileApisANSI
SetFileInformationByHandle
CreateDirectoryA
WritePrivateProfileStringA
GetLocaleInfoEx
CreateDirectoryW
CreateFileW
FindClose
FindFirstFileW
FindFirstFileExW
FindNextFileW
GetFileAttributesExW
GetTickCount
GetFileAttributesA
OpenThread
GetModuleHandleA
LocalFree

user32

CallWindowProcA
SetWindowLongA
FlashWindowEx
SetClipboardData
MapVirtualKeyA
GetWindowTextA
GetClipboardData
EmptyClipboard
CloseClipboard
OpenClipboard
FindWindowExA
GetKeyNameTextA
SetCursorPos
ReleaseCapture
GetClientRect
SetCursor
ScreenToClient
GetCapture
GetWindowRect
LoadCursorA
GetCursorPos
ClientToScreen
IsChild
SetCapture
GetKeyState
GetForegroundWindow

msvcp140

?_Pninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEPADXZ
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IAE@XZ
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAE@XZ
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JXZ
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPAD_J@Z
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPBD_J@Z
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UAE@XZ
??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UAE@XZ
?always_noconv@codecvt_base@std@@QBE_NXZ
??Bid@locale@std@@QAEIXZ
_Query_perf_frequency
?_Throw_Cpp_error@std@@YAXH@Z
?_Throw_C_error@std@@YAXH@Z
_Cnd_do_broadcast_at_thread_exit
_Thrd_sleep
_Query_perf_counter
_Thrd_detach
_Xtime_get_ticks
?id@?$time_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@2V0locale@2@A
?uncaught_exception@std@@YA_NXZ
?_Winerror_map@std@@YAHH@Z
?setprecision@std@@YA?AU?$_Smanip@_J@1@_J@Z
?_Syserror_map@std@@YAPBDH@Z
?_Getcat@?$time_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAE_JPBD_J@Z
?put@?$time_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QBE?AV?$ostreambuf_iterator@DU?$char_traits@D@std@@@2@V32@AAVios_base@2@DPBUtm@@PBD3@Z
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHD@Z
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@XZ
??0?$basic_iostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAEXXZ
?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAEXXZ
?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHXZ
?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEPAV12@PAD_J@Z
?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHXZ
?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEXABVlocale@2@@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAVios_base@1@AAV21@@Z@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@H@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@M@Z
??1?$basic_iostream@DU?$char_traits@D@std@@@std@@UAE@XZ
?getloc@ios_base@std@@QBE?AVlocale@2@XZ
_Mtx_trylock
_Mtx_destroy_in_situ
_Mtx_lock
_Mtx_init_in_situ
_Mtx_unlock
?out@?$codecvt@DDU_Mbstatet@@@std@@QBEHAAU_Mbstatet@@PBD1AAPBDPAD3AAPAD@Z
?in@?$codecvt@DDU_Mbstatet@@@std@@QBEHAAU_Mbstatet@@PBD1AAPBDPAD3AAPAD@Z
?clear@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXXZ
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAE@XZ
?unshift@?$codecvt@DDU_Mbstatet@@@std@@QBEHAAU_Mbstatet@@PAD1AAPAD@Z
?getloc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QBE?AVlocale@2@XZ
?_Getcat@?$codecvt@DDU_Mbstatet@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Xlength_error@std@@YAXPBD@Z
?_Fiopen@std@@YAPAU_iobuf@@PBDHH@Z
?id@?$codecvt@DDU_Mbstatet@@@std@@2V0locale@2@A
?_Xout_of_range@std@@YAXPBD@Z
?_Getgloballocale@locale@std@@CAPAV_Locimp@12@XZ
??0_Lockit@std@@QAE@H@Z
??1_Lockit@std@@QAE@XZ

d3dx9_42

D3DXCreateTextureFromFileInMemory

imm32

ImmGetContext
ImmSetCompositionWindow
ImmReleaseContext

vcruntime140

memmove
__std_exception_destroy
__std_exception_copy
__std_terminate
memchr
__std_type_info_destroy_list
_except_handler4_common
__CxxFrameHandler3
_CxxThrowException
memset
__current_exception_context
_purecall
__current_exception
strstr
memcpy

api-ms-win-crt-stdio-l1-1-0

fseek
__stdio_common_vsscanf
ftell
__stdio_common_vsnprintf_s
_get_stream_buffer_pointers
_wfopen
_fseeki64
fread
fsetpos
ungetc
setvbuf
fgetpos
__stdio_common_vsprintf
fwrite
fgetc
__stdio_common_vsprintf_s
fclose
fflush
fputc

api-ms-win-crt-filesystem-l1-1-0

_unlock_file
_lock_file

api-ms-win-crt-convert-l1-1-0

strtoul
atoi
atof

api-ms-win-crt-runtime-l1-1-0

_execute_onexit_table
_beginthreadex
_initterm_e
_initterm
_cexit
_crt_atexit
_register_onexit_function
_initialize_onexit_table
_initialize_narrow_environment
_configure_narrow_argv
_seh_filter_dll
terminate
_invalid_parameter_noinfo_noreturn

api-ms-win-crt-math-l1-1-0

_libm_sse2_pow_precise
_libm_sse2_exp_precise
_libm_sse2_tan_precise
_libm_sse2_cos_precise
floor
log2f
_libm_sse2_sqrt_precise
exp2f
ceil
_libm_sse2_sin_precise
remainderf
fminf
fmaxf
_CIatan2
_CIfmod
_fdclass
_libm_sse2_acos_precise
_libm_sse2_atan_precise

api-ms-win-crt-utility-l1-1-0

rand
qsort

api-ms-win-crt-string-l1-1-0

toupper
strncpy
isdigit
strncmp
strnlen

api-ms-win-crt-heap-l1-1-0

_callnewh
realloc
free
malloc

api-ms-win-crt-time-l1-1-0

_time64
_localtime64

api-ms-win-crt-locale-l1-1-0

___lc_codepage_func

Sections

.text
Size: 618KB - Virtual size: 618KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 458KB - Virtual size: 457KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a9e6f5b9cfe7981af0275ceefff5a4fc

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

msvcp140

d3dx9_42

imm32

vcruntime140

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-filesystem-l1-1-0

api-ms-win-crt-convert-l1-1-0

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-utility-l1-1-0

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-time-l1-1-0

api-ms-win-crt-locale-l1-1-0

Sections

.text Size: 618KB - Virtual size: 618KB

.rdata Size: 458KB - Virtual size: 457KB

.data Size: 10KB - Virtual size: 38KB

.rsrc Size: 512B - Virtual size: 480B

.reloc Size: 32KB - Virtual size: 32KB

.text
Size: 618KB - Virtual size: 618KB

.rdata
Size: 458KB - Virtual size: 457KB

.data
Size: 10KB - Virtual size: 38KB

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 32KB - Virtual size: 32KB