SecuriteInfo[.]com[.]BScope[.]Trojan[.]Downloader[.]4780[.]10287[.]exe

General

Target

SecuriteInfo.com.BScope.Trojan.Downloader.4780.10287.exe
Size

1.2MB
MD5

9417807bf427246ed57fccbd9d44715d
SHA1

5861dd833335c232d8f96f86d2a8ec651990e97f
SHA256

69ac849e8911291d46e20b52c9d65445b477d99573208218e9b4cb09a904050b
SHA512

520ad7eedd3a71ec4f09d4dfbe7359d608f967afac0e9a1295ee3cfb81531df0f11ab7c53feafdfcefbdac94092606cf031fe28436b82f669a59beb7eb6065cf
SSDEEP

1536:j1QG/orN3qeWSiAzTamUw4mDMcLQfkjy6c9qdDSNTwegY0xRCkU3n6eo3P9TE0px:RR/MWZAvMw4yfQMcUddM36RBiUv1B

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
SecuriteInfo.com.BScope.Trojan.Downloader.4780.10287.exe

Files

SecuriteInfo.com.BScope.Trojan.Downloader.4780.10287.exe
.exe windows:4 windows x86 arch:x86

3b2530a5792034a7a49cbd779820c9c9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
GetModuleHandleA
GetCommandLineA
GetStartupInfoA
lstrlenA
lstrcpynA
_lopen
SizeofResource
LoadResource
FindResourceA
FindClose
CopyFileA
CreateDirectoryA
MultiByteToWideChar
LockResource
_lcreat
_lwrite
_lclose
FreeResource
DeleteFileA
MoveFileA
WritePrivateProfileStringA
WinExec
GetPrivateProfileStringA
lstrcpyA
lstrcatA
LocalAlloc
FindFirstFileA
LocalFree

user32

SetFocus
CheckRadioButton
GetWindowTextA
CheckDlgButton
IsDlgButtonChecked
SetDlgItemTextA
GetDlgItemTextA
SendDlgItemMessageA
PostMessageA
GetParent
SendMessageA
SetWindowLongA
GetDlgItem
EnableWindow
FindWindowA
MessageBoxA

advapi32

RegCloseKey
RegQueryValueExA
RegOpenKeyA

comctl32

PropertySheetA

shell32

SHGetMalloc
SHBrowseForFolderA
SHGetPathFromIDListA
SHGetSpecialFolderLocation

ole32

CoCreateInstance
CoInitialize
CoUninitialize

Sections

.text
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3b2530a5792034a7a49cbd779820c9c9

Headers

File Characteristics

Imports

kernel32

user32

advapi32

comctl32

shell32

ole32

Sections

.text Size: 8KB - Virtual size: 5KB

.rdata Size: 4KB - Virtual size: 1KB

.data Size: 4KB - Virtual size: 1KB

.rsrc Size: 1.2MB - Virtual size: 1.2MB

.text
Size: 8KB - Virtual size: 5KB

.rdata
Size: 4KB - Virtual size: 1KB

.data
Size: 4KB - Virtual size: 1KB

.rsrc
Size: 1.2MB - Virtual size: 1.2MB