SecuriteInfo[.]com[.]TScope[.]Malware-Cryptor[.]SB[.]26060[.]13321 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

SecuriteInfo.com.TScope.Malware-Cryptor.SB.26060.13321
Size

3.4MB
MD5

4ee27e2086f3bae24a65d677185a98de
SHA1

8586cba64216c10301b82fea8a90637b574c0540
SHA256

e586bf17566b9188b9274097ddf059cf20569b87754f38e460c2fd884ae88a15
SHA512

bfeb2fab32ff3c6a8e27d2fcb342dc0fc840975a88efcf4d23585e2a289fc3c8f87e176a8d22eb800d3db889c719d20b549b51f7f6f65dd6477c5e534a5cb7bd
SSDEEP

98304:pQGxD61kWfdBnwZrU2j7A6F+eRvSQCKZUxR:SGxABwZ5/Aq+eHhZUxR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
SecuriteInfo.com.TScope.Malware-Cryptor.SB.26060.13321

Files

SecuriteInfo.com.TScope.Malware-Cryptor.SB.26060.13321
.exe windows:4 windows x86 arch:x86

2eabe9054cad5152567f0699947a2c5b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpy

Sections

Size: 1.8MB - Virtual size: 5.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 4KB - Virtual size: 2.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

xspsmdya
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

wwwpkrhm
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.taggant
Size: 12KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE