SecuriteInfo[.]com[.]Win32[.]BankerX-gen[.]8489[.]1406[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

SecuriteInfo.com.Win32.BankerX-gen.8489.1406.exe
Size

12.3MB
MD5

640a9f199631cadc37d85caa795b3393
SHA1

ec64a02a353ed432c77c3e54765c5db055e5c8ed
SHA256

73109fe6d89876d8464f39767d9f12edcf3fbdcf52e5eb977d6b582b1ec49a6c
SHA512

4b78547db9820c67c2cbeb85fc0eefd1c6ab25307737fa5d38225fb6acde68c3aa85f91fa57c09a6909a8308f1c7b0e6e48d93248fe2f7bda238be08d7b0e1f3
SSDEEP

49152:atVplF5UZz/h5kVXQ6iIBiRvYhPD6CS63Og7ttXp22Zp22X222Hp2222ppBUuVki:atPb5qvkVX1iIwAhL6CS9av8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
SecuriteInfo.com.Win32.BankerX-gen.8489.1406.exe

Files

SecuriteInfo.com.Win32.BankerX-gen.8489.1406.exe
.exe windows:5 windows x86 arch:x86

26ed6ddb3620f031d19001cb6df6f58c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

gdiplus

GdipDrawImageRectI
GdipSetInterpolationMode
GdipDeleteGraphics
GdipGetImageWidth
GdipGetImageEncoders
GdipGetImageEncodersSize
GdipGetImageGraphicsContext
GdipAlloc
GdipDisposeImage
GdipCreateBitmapFromScan0
GdipBitmapSetPixel
GdipSaveImageToFile
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCloneImage
GdipCreateBitmapFromFile
GdipCreateBitmapFromFileICM
GdipCreateBitmapFromStream
GdipCreateBitmapFromStreamICM
GdipCreateBitmapFromHBITMAP
GdipFree
GdiplusShutdown
GdipGetImageHeight
GdipImageGetFrameDimensionsList
GdipImageSelectActiveFrame
GdipImageGetFrameDimensionsCount
GdiplusStartup
GdipImageGetFrameCount
GdipGetPropertyItemSize
GdipGetPropertyItem
GdipCreateFromHDC
GdipDrawImageI
GdipLoadImageFromFileICM
GdipLoadImageFromFile

kernel32

SetFilePointer
WriteFile
FlushFileBuffers
LocalFree
GetCommandLineW
InterlockedExchangeAdd
FreeResource
GetVersionExA
SetLastError
CompareStringW
FreeLibrary
LoadLibraryW
GlobalDeleteAtom
GlobalFindAtomW
GlobalAddAtomW
FormatMessageW
GetCurrentProcessId
InterlockedExchange
CompareStringA
GetLocaleInfoW
EnumResourceLanguagesW
ConvertDefaultLocale
GetTickCount
GetThreadLocale
FindClose
FindNextFileW
FindFirstFileW
GlobalFlags
LocalAlloc
LeaveCriticalSection
EnterCriticalSection
GlobalReAlloc
InitializeCriticalSection
LocalReAlloc
DeleteCriticalSection
WritePrivateProfileStringW
LockFile
UnlockFile
SetEndOfFile
GetVolumeInformationW
GetFullPathNameW
SetErrorMode
GetFileSizeEx
RtlUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapAlloc
RaiseException
GetSystemTimeAsFileTime
HeapFree
SetStdHandle
GetFileType
HeapReAlloc
ExitProcess
HeapSize
VirtualQuery
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetStartupInfoA
HeapCreate
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
LCMapStringA
LCMapStringW
GetTimeZoneInformation
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
GetStringTypeA
GetStringTypeW
InitializeCriticalSectionAndSpinCount
GetConsoleCP
GetConsoleMode
WriteConsoleW
WriteConsoleA
GetConsoleOutputCP
GetExitCodeProcess
GetCurrentDirectoryA
GetDriveTypeA
GetProcessHeap
CreateFileA
SetEnvironmentVariableA
SetEnvironmentVariableW
GetConsoleWindow
CreateToolhelp32Snapshot
Process32FirstW
OpenProcess
TerminateProcess
Process32NextW
VirtualProtectEx
VirtualQueryEx
SetCurrentDirectoryW
DeleteFileW
CopyFileW
ExpandEnvironmentStringsW
GetCurrentDirectoryW
FileTimeToLocalFileTime
FileTimeToSystemTime
SystemTimeToFileTime
LocalFileTimeToFileTime
CreatePipe
GetStartupInfoW
CreateProcessW
WaitForSingleObject
ReadFile
Beep
IsBadWritePtr
GetFileSize
GetFileTime
InterlockedDecrement
InterlockedIncrement
IsBadReadPtr
GetSystemInfo
VirtualAlloc
VirtualFree
GetModuleHandleA
lstrcatA
lstrcmpA
GetModuleHandleW
GetFileAttributesW
AllocConsole
GetStdHandle
MulDiv
DuplicateHandle
QueryPerformanceFrequency
QueryPerformanceCounter
GetModuleFileNameW
lstrcpyW
LoadLibraryA
GetProcAddress
GetDriveTypeW
GetSystemDirectoryW
GetDiskFreeSpaceExW
GetCurrentThreadId
lstrcpynW
lstrlenA
lstrlenW
lstrcmpiW
LoadResource
LockResource
SizeofResource
FindResourceW
MultiByteToWideChar
GetVersionExW
TlsAlloc
TlsFree
GetModuleFileNameA
CreateFileW
SetFileTime
lstrcmpW
VirtualProtect
FlushInstructionCache
TlsGetValue
FreeConsole
TlsSetValue
GetCurrentThread
SetThreadPriority
Sleep
WideCharToMultiByte
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalFree
GetCurrentProcess
GetLastError
CreateThread
SuspendThread
ResumeThread
CloseHandle
GlobalHandle

user32

RemovePropW
GetPropW
SetPropW
GetClassLongW
CallNextHookEx
SetWindowsHookExW
GetCapture
IsChild
WinHelpW
SendDlgItemMessageA
SendDlgItemMessageW
RegisterWindowMessageW
CheckMenuItem
EnableMenuItem
GetMenuState
ModifyMenuW
LoadBitmapW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
MoveWindow
PostQuitMessage
ValidateRect
MapDialogRect
SetWindowContextHelpId
DestroyMenu
GetSysColorBrush
SetCapture
ReleaseCapture
CharUpperW
CharNextW
CopyAcceleratorTableW
InvalidateRgn
GetNextDlgGroupItem
MessageBeep
UnregisterClassW
PostThreadMessageW
RegisterClassW
AdjustWindowRectEx
CallWindowProcW
GetMenu
OffsetRect
SystemParametersInfoA
GetWindowPlacement
GetWindow
GetSubMenu
CreateDialogIndirectParamW
EndDialog
CopyRect
EndPaint
BeginPaint
GetCursorInfo
ClientToScreen
RemoveMenu
SetMenu
TrackPopupMenu
CreatePopupMenu
CreateMenu
GetComboBoxInfo
LockWindowUpdate
SetLayeredWindowAttributes
SetParent
GetLastActivePopup
FlashWindowEx
ShowCaret
HideCaret
GetFocus
EnumChildWindows
SetWindowLongW
GetNextDlgTabItem
SetFocus
CreateWindowExW
GetSysColor
DestroyWindow
CreateAcceleratorTableW
IsWindowEnabled
RedrawWindow
GetActiveWindow
SetActiveWindow
DestroyAcceleratorTable
GetWindowLongW
TranslateAcceleratorW
IsDialogMessageW
DefWindowProcW
RegisterClassExW
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
WindowFromDC
GetDlgItem
GetWindowDC
WindowFromPoint
GetCursor
GetIconInfo
DrawIconEx
VkKeyScanW
GetAsyncKeyState
MessageBoxW
SetCursor
LoadCursorW
GetDlgCtrlID
GetDesktopWindow
IsRectEmpty
IntersectRect
InvalidateRect
MessageBoxA
GetKeyState
wsprintfW
ChildWindowFromPoint
GetWindowTextLengthW
GetForegroundWindow
GetWindowThreadProcessId
AttachThreadInput
ShowWindow
SetWindowPos
GetParent
ScreenToClient
IsClipboardFormatAvailable
IsIconic
DrawIcon
GetSystemMenu
AppendMenuW
PostMessageW
RegisterClipboardFormatW
GetKeyNameTextW
PeekMessageW
SystemParametersInfoW
LoadIconW
EqualRect
SetRect
mouse_event
EmptyClipboard
SetClipboardData
GetWindowTextW
IsWindowVisible
GetClassNameW
EnumWindows
MapVirtualKeyW
keybd_event
OpenClipboard
GetClipboardData
CloseClipboard
GetDC
ReleaseDC
IsWindow
SetForegroundWindow
KillTimer
ExitWindowsEx
GetSystemMetrics
EnableWindow
GetMessageW
TranslateMessage
DispatchMessageW
SetClipboardViewer
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
MapWindowPoints
ChangeClipboardChain
GetWindowRect
UpdateWindow
GetMenuItemID
GetMenuItemCount
GetClassInfoExW
SetWindowTextW
GetClassInfoW
PtInRect
GetCursorPos
SetCursorPos
UnregisterHotKey
RegisterHotKey
SetTimer
SendMessageW
GetClientRect
PrintWindow

gdi32

GetCurrentObject
DeleteObject
GetTextColor
GetBkColor
GetBkMode
Ellipse
PtVisible
RectVisible
TextOutW
ExtTextOutW
Escape
CreateFontW
SaveDC
RestoreDC
SetMapMode
ExcludeClipRect
LineTo
MoveToEx
GetBitmapBits
CreateCompatibleDC
GetViewportExtEx
GetWindowExtEx
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
ExtSelectClipRgn
GetRgnBox
SetBitmapBits
CreateRectRgnIndirect
CreateBitmap
GetClipBox
CreateCompatibleBitmap
BitBlt
SelectObject
DPtoLP
CreateFontIndirectW
GetTextMetricsW
GetTextExtentPoint32W
CreatePalette
CreateDIBitmap
CreateDCW
GetDeviceCaps
DeleteDC
GetObjectW
GetStockObject
SelectPalette
RealizePalette
GetDIBits
SetTextColor
SetBkMode
SetBkColor
CreateHatchBrush
CreateSolidBrush
CreatePen
GetMapMode

comdlg32

GetFileTitleW

winspool.drv

DocumentPropertiesW
OpenPrinterW
ClosePrinter

advapi32

RegOpenKeyExW
RegQueryValueW
RegOpenKeyW
RegEnumKeyW
RegDeleteKeyW
RegDeleteValueW
AdjustTokenPrivileges
RegCreateKeyExW
RegCloseKey
RegSetValueExW
GetUserNameW
RegQueryValueExW
LookupPrivilegeValueW
OpenProcessToken
LookupPrivilegeValueA

shell32

SHGetPathFromIDListW
SHBrowseForFolderW
SHFileOperationW
ShellExecuteW
ShellExecuteExW
CommandLineToArgvW
SHGetSpecialFolderPathW

comctl32

_TrackMouseEvent

shlwapi

PathFindExtensionW
PathFindFileNameW
PathRemoveFileSpecW
PathStripToRootW
PathFileExistsW
PathIsUNCW

oledlg

OleUIBusyW

ole32

CoGetClassObject
CoTaskMemFree
CoTaskMemAlloc
CoCreateInstance
OleRun
CoInitialize
CLSIDFromProgID
CLSIDFromString
CoRegisterMessageFilter
OleFlushClipboard
OleIsCurrentClipboard
CoRevokeClassObject
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CreateStreamOnHGlobal
CoInitializeEx
CoUninitialize
OleInitialize
CoFreeUnusedLibraries
OleUninitialize

oleaut32

VariantClear
SysStringLen
SystemTimeToVariantTime
VariantTimeToSystemTime
SysStringByteLen
SysAllocStringByteLen
SysAllocStringLen
SysFreeString
VariantChangeType
VariantCopy
SysAllocString
VariantInit
SafeArrayDestroy
OleCreateFontIndirect
GetErrorInfo

winmm

PlaySoundW

iphlpapi

GetAdaptersInfo

version

GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueW

winhttp

WinHttpOpenRequest
WinHttpSendRequest
WinHttpReceiveResponse
WinHttpConnect
WinHttpOpen
WinHttpCloseHandle
WinHttpReadData
WinHttpQueryHeaders

Sections

.text
Size: 1.7MB - Virtual size: 1.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10.3MB - Virtual size: 10.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 21KB - Virtual size: 395KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 163KB - Virtual size: 162KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 137KB - Virtual size: 137KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

26ed6ddb3620f031d19001cb6df6f58c

Headers

DLL Characteristics

File Characteristics

Imports

gdiplus

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

winmm

iphlpapi

version

winhttp

Sections

.text Size: 1.7MB - Virtual size: 1.7MB

.rdata Size: 10.3MB - Virtual size: 10.3MB

.data Size: 21KB - Virtual size: 395KB

.rsrc Size: 163KB - Virtual size: 162KB

.reloc Size: 137KB - Virtual size: 137KB

.text
Size: 1.7MB - Virtual size: 1.7MB

.rdata
Size: 10.3MB - Virtual size: 10.3MB

.data
Size: 21KB - Virtual size: 395KB

.rsrc
Size: 163KB - Virtual size: 162KB

.reloc
Size: 137KB - Virtual size: 137KB