SecuriteInfo[.]com[.]Trojan[.]GenericKDZ[.]105649[.]15764[.]2812[.]exe | Triage

Sharing

General

Target

SecuriteInfo.com.Trojan.GenericKDZ.105649.15764.2812.exe
Size

900KB
MD5

b296376c4d19fa3a245a26fde7cc78d5
SHA1

38e6fa587ecc3dc9dde0b5214563e973c0fbe3f9
SHA256

f5550e94f417d68539f7b77ad71c4825b5f64c26aa17ca38a3bd65e0f94013ff
SHA512

bfb91fd6e379f79cb9379f5468bcd3bd82189f7dd7bd4130ae8b7dc04971dab4a14b48e967f208dc5dc1fbd57eea853e12f3cd59acc621cf3dcbfe8a62972720
SSDEEP

24576:R7VvyDDe8XBB9t5aKKSv/nE4W1eaiZr3QhZuxw:RVyu8rQevfEx1qr8Zux

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
SecuriteInfo.com.Trojan.GenericKDZ.105649.15764.2812.exe

Files

SecuriteInfo.com.Trojan.GenericKDZ.105649.15764.2812.exe
.exe windows:6 windows x86 arch:x86

2388fee6ad8ce4f4a35dbaf64e2da01a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA

user32

EnumDisplayDevicesA

advapi32

CredEnumerateA

comctl32

PropertySheet

Sections

Size: - Virtual size: 1.3MB

IMAGE_SCN_MEM_READ

Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 67KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 94KB - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE