SecuriteInfo[.]com[.]Trojan[.]Win32[.]Rozena[.]6847[.]947[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

SecuriteInfo.com.Trojan.Win32.Rozena.6847.947.exe
Size

275KB
MD5

d36b77f788ac6b8a25a10634b6009058
SHA1

489d9760ee7f74f16e44bc2394816445174958e8
SHA256

3f5772f7ad492cae66118a54705d4885336d56ff771c90bb63d3e19e6635008e
SHA512

cf2971ce6f8bdd5a4fc2c882eb62b3f1dbb336900488643ed5164a2f139c331c17ad06588ad933090c5f6db2d128733437d758ce1fbba45ec402859dc31c4af2
SSDEEP

3072:pAL8oMSzxf0HQU25lO6kBc9u/8oMSzxf0HQU25lO6kBc9ucvOUuMMtf+:pAoAzxMHi0679ukAzxMHi0679u0HyG

Score

1^/10

Malware Config

Signatures

Files

SecuriteInfo.com.Trojan.Win32.Rozena.6847.947.exe
.exe windows:4 windows x86 arch:x86

bd3691e1d34908ae58a58dcd43b00287

Code Sign

48:fc:93:b4:60:55:94:8d:36:a7:c9:8a:89:d6:94:16
Certificate

Issuer

CN=AAA Certificate Services,O=Comodo CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

25/05/2021, 00:00

Not After

31/12/2028, 23:59

Subject

CN=Sectigo Public Code Signing Root R46,O=Sectigo Limited,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

33:d7:08:a8:91:40:53:19:e2:a5:bb:d3:39:b9:ad:6e
Certificate

Issuer

CN=Sectigo Public Code Signing Root R46,O=Sectigo Limited,C=GB

Not Before

22/03/2021, 00:00

Not After

21/03/2036, 23:59

Subject

CN=Sectigo Public Code Signing CA EV R36,O=Sectigo Limited,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

ac:6f:bd:a2:b0:58:14:56:48:3a:86:d2:26:1e:1c:a7
Certificate

Issuer

CN=Sectigo Public Code Signing CA EV R36,O=Sectigo Limited,C=GB

Not Before

29/08/2023, 00:00

Not After

28/08/2024, 23:59

Subject

SERIALNUMBER=4237166,CN=16 Software LLC,O=16 Software LLC,ST=Pennsylvania,C=US,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#130c50656e6e73796c76616e6961,1.3.6.1.4.1.311.60.2.1.3=#13025553

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02/05/2019, 00:00

Not After

18/01/2038, 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

39:4c:25:e1:7c:a0:6d:27:a8:65:e2:3b:d9:1d:22:d4
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

03/05/2023, 00:00

Not After

02/08/2034, 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #4,O=Sectigo Limited,ST=Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

76:ee:5a:c2:69:51:c8:66:21:70:2a:06:dc:92:06:d1:23:a0:06:b6
Signer

Actual PE Digest

76:ee:5a:c2:69:51:c8:66:21:70:2a:06:dc:92:06:d1:23:a0:06:b6

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DeleteCriticalSection
EnterCriticalSection
FreeLibrary
GetCurrentDirectoryW
GetLastError
GetModuleFileNameW
GetModuleHandleA
GetProcAddress
InitializeCriticalSection
LeaveCriticalSection
LoadLibraryA
SetUnhandledExceptionFilter
Sleep
TlsGetValue
VirtualProtect
VirtualQuery

msvcrt

__getmainargs
__initenv
__p__commode
__p__fmode
__set_app_type
__setusermatherr
_amsg_exit
_cexit
_initterm
_iob
_onexit
_stricmp
abort
calloc
exit
fprintf
free
fwrite
malloc
memcpy
memset
realloc
signal
strlen
strncmp
vfprintf
wcscat
wcslen
wcsncmp

shell32

ShellExecuteW

Sections

.text
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 40B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

/4
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 180B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 48B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 160KB - Virtual size: 160KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 596B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/14
Size: 1024B - Virtual size: 656B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/29
Size: 35KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/41
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/55
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/67
Size: 1024B - Virtual size: 707B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/78
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/94
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/110
Size: 512B - Virtual size: 391B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bd3691e1d34908ae58a58dcd43b00287

Code Sign

48:fc:93:b4:60:55:94:8d:36:a7:c9:8a:89:d6:94:16Certificate

Extended Key Usages

Key Usages

33:d7:08:a8:91:40:53:19:e2:a5:bb:d3:39:b9:ad:6eCertificate

Extended Key Usages

Key Usages

ac:6f:bd:a2:b0:58:14:56:48:3a:86:d2:26:1e:1c:a7Certificate

Extended Key Usages

Key Usages

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9Certificate

Extended Key Usages

Key Usages

39:4c:25:e1:7c:a0:6d:27:a8:65:e2:3b:d9:1d:22:d4Certificate

Extended Key Usages

Key Usages

76:ee:5a:c2:69:51:c8:66:21:70:2a:06:dc:92:06:d1:23:a0:06:b6Signer

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

msvcrt

shell32

Sections

.text Size: 6KB - Virtual size: 6KB

.data Size: 512B - Virtual size: 40B

.rdata Size: 2KB - Virtual size: 2KB

/4 Size: 2KB - Virtual size: 2KB

.bss Size: - Virtual size: 180B

.idata Size: 1KB - Virtual size: 1KB

.CRT Size: 512B - Virtual size: 48B

.tls Size: 512B - Virtual size: 8B

.rsrc Size: 160KB - Virtual size: 160KB

.reloc Size: 1024B - Virtual size: 596B

/14 Size: 1024B - Virtual size: 656B

/29 Size: 35KB - Virtual size: 34KB

/41 Size: 7KB - Virtual size: 6KB

/55 Size: 6KB - Virtual size: 6KB

/67 Size: 1024B - Virtual size: 707B

/78 Size: 6KB - Virtual size: 6KB

/94 Size: 3KB - Virtual size: 2KB

/110 Size: 512B - Virtual size: 391B

48:fc:93:b4:60:55:94:8d:36:a7:c9:8a:89:d6:94:16
Certificate

33:d7:08:a8:91:40:53:19:e2:a5:bb:d3:39:b9:ad:6e
Certificate

ac:6f:bd:a2:b0:58:14:56:48:3a:86:d2:26:1e:1c:a7
Certificate

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

39:4c:25:e1:7c:a0:6d:27:a8:65:e2:3b:d9:1d:22:d4
Certificate

76:ee:5a:c2:69:51:c8:66:21:70:2a:06:dc:92:06:d1:23:a0:06:b6
Signer

.text
Size: 6KB - Virtual size: 6KB

.data
Size: 512B - Virtual size: 40B

.rdata
Size: 2KB - Virtual size: 2KB

/4
Size: 2KB - Virtual size: 2KB

.bss
Size: - Virtual size: 180B

.idata
Size: 1KB - Virtual size: 1KB

.CRT
Size: 512B - Virtual size: 48B

.tls
Size: 512B - Virtual size: 8B

.rsrc
Size: 160KB - Virtual size: 160KB

.reloc
Size: 1024B - Virtual size: 596B

/14
Size: 1024B - Virtual size: 656B

/29
Size: 35KB - Virtual size: 34KB

/41
Size: 7KB - Virtual size: 6KB

/55
Size: 6KB - Virtual size: 6KB

/67
Size: 1024B - Virtual size: 707B

/78
Size: 6KB - Virtual size: 6KB

/94
Size: 3KB - Virtual size: 2KB

/110
Size: 512B - Virtual size: 391B