SecuriteInfo[.]com[.]FileRepMalware[.]10040[.]9737[.]exe

General

Target

SecuriteInfo.com.FileRepMalware.10040.9737.exe
Size

24KB
MD5

8b6a45d8fa4e70b0e1c06c76b523cbc0
SHA1

71ec9aa061ee5136730a7d0abfe196ff5c8b7dd0
SHA256

07487a9b997d8f757501912961bce0e4d72acfe80760ebd50ee4b485b89210b4
SHA512

64488eb8be36938a266dc75f880f3ca40d57fa9b574072a8f4c29b2dfc63e2116c63a360a3991700700b220b0a3a1d0c67bb450afba20cccb6b0d4a1204b387f
SSDEEP

192:XH4SiEy1Hf9fe3gSLfn7g9ivf3qw/RgBdP29K4f2PdV0e8VaxRBnbaHCxyzXJyOD:X4bNe3Lns9ivwrl4fwGadnfxyDs

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
SecuriteInfo.com.FileRepMalware.10040.9737.exe

Files

SecuriteInfo.com.FileRepMalware.10040.9737.exe
.exe windows:4 windows x86 arch:x86

20b0e5ae70b508773a5ce1469630cc99

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LocalFree
_lread
LocalAlloc
GetFileSize
SetFileAttributesA
GetModuleFileNameA
Sleep
GetTickCount
WaitForSingleObject
SetEvent
OutputDebugStringA
CloseHandle
CreateThread
CreateEventA
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
ResetEvent
ExitProcess
GetModuleHandleA
GetStartupInfoA
lstrcmpiA
lstrcatA
lstrcpyA
lstrcpynA
GetCommandLineA
GetPrivateProfileIntA
GetPrivateProfileStringA
_lopen
_lcreat
_llseek
_lwrite
_lclose
lstrlenA

user32

wsprintfA
MessageBoxA
GetWindowTextA

advapi32

DeleteService
OpenSCManagerA
SetServiceStatus
RegisterServiceCtrlHandlerA
StartServiceCtrlDispatcherA
ChangeServiceConfig2A
CreateServiceA
CloseServiceHandle
OpenServiceA

ws2_32

ioctlsocket
bind
htons
WSAGetLastError
WSAStartup
socket
WSAAsyncSelect
listen
gethostbyname
inet_addr
connect
recv
send
WSACloseEvent
accept
WSAWaitForMultipleEvents
WSAEventSelect
WSACreateEvent
WSACleanup
closesocket

Sections

.text
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

20b0e5ae70b508773a5ce1469630cc99

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ws2_32

Sections

.text Size: 12KB - Virtual size: 9KB

.rdata Size: 4KB - Virtual size: 1KB

.data Size: 4KB - Virtual size: 2KB

.text
Size: 12KB - Virtual size: 9KB

.rdata
Size: 4KB - Virtual size: 1KB

.data
Size: 4KB - Virtual size: 2KB