SecuriteInfo[.]com[.]Trojan[.]TR[.]ATRAPS[.]Gen[.]1699[.]7004

Sharing

Copy URL

Twitter E-mail

General

Target

SecuriteInfo.com.Trojan.TR.ATRAPS.Gen.1699.7004
Size

18.8MB
MD5

74b1ec2e0d8ab31256096c674a26b5f1
SHA1

847b63e433e23e51e0fdfd12f5ad00cd0c41609c
SHA256

9d521333a79d744ede01a133eded8bf562e739bc93af8695acf2342d96f80d99
SHA512

129f7eed579bdc959cf43016d98d8de11b0c97aad2f657e84e8b441ff816cf0b57eadf7872f85435130aa98f7016ff4f41374f3e8653deea945b9bf69ab77c4d
SSDEEP

393216:P1qGMMtyaJYWrILsMA8xdp+1hmQ8OHwtBbEE9jb4Y:P1nttH38LsMA8xd1Dl4Y

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
SecuriteInfo.com.Trojan.TR.ATRAPS.Gen.1699.7004

Files

SecuriteInfo.com.Trojan.TR.ATRAPS.Gen.1699.7004
.dll windows:5 windows x86 arch:x86

6f8e15e476c783b4975094c644e04e09

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Imports

mpr

WNetEnumResourceW

winspool.drv

DocumentPropertiesW

comctl32

ImageList_GetImageInfo

ws2_32

WSAIoctl

shell32

Shell_NotifyIconW

user32

CopyImage

version

GetFileVersionInfoSizeW

oleaut32

SafeArrayPutElement

advapi32

RegSetValueExW

netapi32

NetWkstaGetInfo

kernel32

GetVersion
GetVersionExW

wsock32

gethostbyaddr

ole32

CreateBindCtx

gdi32

Pie

Exports

Exports

TMethodImplementationIntercept
__dbk_fcall_wrapper
dbkFCallWrapperAddr
rwhwxwuopoyf

Sections

.text
Size: 6.2MB - Virtual size: 6.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.itext
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 101KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 36KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.didata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 177B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 69B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.oclnzfe
Size: 5.6MB - Virtual size: 5.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.oclnzfe
Size: 512B - Virtual size: 140B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.oclnzfe
Size: 5.0MB - Virtual size: 5.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 519KB - Virtual size: 518KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6f8e15e476c783b4975094c644e04e09

Headers

File Characteristics

Imports

mpr

winspool.drv

comctl32

ws2_32

shell32

user32

version

oleaut32

advapi32

netapi32

kernel32

wsock32

ole32

gdi32

Exports

Exports

Sections

.text Size: 6.2MB - Virtual size: 6.2MB

.itext Size: 23KB - Virtual size: 22KB

.data Size: 101KB - Virtual size: 100KB

.bss Size: - Virtual size: 36KB

.idata Size: 15KB - Virtual size: 14KB

.didata Size: 3KB - Virtual size: 3KB

.edata Size: 512B - Virtual size: 177B

.rdata Size: 512B - Virtual size: 69B

.oclnzfe Size: 5.6MB - Virtual size: 5.6MB

.oclnzfe Size: 512B - Virtual size: 140B

.oclnzfe Size: 5.0MB - Virtual size: 5.0MB

.reloc Size: 519KB - Virtual size: 518KB

.text
Size: 6.2MB - Virtual size: 6.2MB

.itext
Size: 23KB - Virtual size: 22KB

.data
Size: 101KB - Virtual size: 100KB

.bss
Size: - Virtual size: 36KB

.idata
Size: 15KB - Virtual size: 14KB

.didata
Size: 3KB - Virtual size: 3KB

.edata
Size: 512B - Virtual size: 177B

.rdata
Size: 512B - Virtual size: 69B

.oclnzfe
Size: 5.6MB - Virtual size: 5.6MB

.oclnzfe
Size: 512B - Virtual size: 140B

.oclnzfe
Size: 5.0MB - Virtual size: 5.0MB

.reloc
Size: 519KB - Virtual size: 518KB