SecuriteInfo[.]com[.]Variant[.]Fragtor[.]476124[.]15136[.]15420[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

SecuriteInfo.com.Variant.Fragtor.476124.15136.15420.exe
Size

13.2MB
MD5

ddfc679fbc2111b7ad47b235a4433459
SHA1

fe37a96f81e2033356dff55f1dcb722b10377fdd
SHA256

42fd096b546a3c79cb9d977f7e79ecf6feb39ae106379c9264da1c6ca9ac8226
SHA512

a9cfffc763f72c3c4d7f6c2b1bf24aa5f293a5b6aa9e457cfbd2cff90d6ef842d5a4c6d1857b21ff16ef6eb9f97ac532885b4817955025838d1300d1e9a73aa7
SSDEEP

393216:haPnO/08525SXU5J6h4T/NoQIvyXvPnO/03kwabvPnO/0k/Z/:8PqBXUChIlocvPqUkLPqJB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
SecuriteInfo.com.Variant.Fragtor.476124.15136.15420.exe

Files

SecuriteInfo.com.Variant.Fragtor.476124.15136.15420.exe
.exe windows:6 windows x86 arch:x86

50db59e748543f250c8499434df982bb

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

CustomSetupTool.pdb

Imports

ntdll

NtEnumerateValueKey
NtOpenKey
RtlDosPathNameToNtPathName_U_WithStatus
RtlConvertSidToUnicodeString
NtQuerySymbolicLinkObject
NtQuerySystemInformationEx
NtOpenProcess
NtSetInformationFile
NtDeleteValueKey
NtQueryAttributesFile
NtQueryDirectoryObject
NtCreateKey
NtCreateFile
NtQueryDirectoryFile
NtSetValueKey
NtQueryValueKey
NtCreateEvent
NtSetEvent
NtReleaseKeyedEvent
NtWaitForKeyedEvent
NtCreateKeyedEvent
RtlUnwind
NtOpenSymbolicLinkObject
NtOpenProcessToken
LdrAccessResource
RtlLeaveCriticalSection
RtlEnterCriticalSection
LdrFindResource_U
RtlExpandEnvironmentStrings_U
NtWaitForSingleObject
RtlCreateSecurityDescriptor
RtlCreateAcl
RtlQueryPerformanceCounter
RtlFindMessage
RtlAddAccessAllowedAce
NtDelayExecution
RtlQueryEnvironmentVariable_U
NtQueryInformationToken
RtlGetFullPathName_UEx
NtQueryPerformanceCounter
RtlFreeUnicodeString
RtlRandomEx
RtlSetDaclSecurityDescriptor
NtCreateDirectoryObject
RtlNtStatusToDosErrorNoTeb
RtlCreateHeap
RtlSetHeapInformation
RtlGetVersion
NtQueryInformationProcess
NtQuerySystemInformation
RtlInterlockedPopEntrySList
RtlUnicodeToUTF8N
RtlFreeHeap
RtlMultiByteToUnicodeSize
RtlMultiByteToUnicodeN
RtlUTF8ToUnicodeN
RtlReAllocateHeap
NtAllocateVirtualMemory
NtCreateThreadEx
RtlUpcaseUnicodeChar
RtlAllocateHeap
NtFreeVirtualMemory
RtlRaiseStatus
RtlInitializeSListHead
RtlInterlockedPushEntrySList
NtQueryMutant
NtQueryInformationFile
NtReadFile
NtWriteFile
NtDeleteKey
NtOpenMutant
NtTerminateProcess
NtClose
NtCreateMutant

kernel32

DecodePointer
GetProcessHeap
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
FindNextFileW
FindFirstFileExW
HeapSize
GetLastError
GetNativeSystemInfo
MoveFileExW
TlsSetValue
TlsAlloc
TlsGetValue
GetLocaleInfoW
MultiByteToWideChar
FormatMessageW
LocalFree
LoadLibraryExW
FreeLibrary
IsProcessorFeaturePresent
FindClose
WideCharToMultiByte
SetFilePointerEx
HeapReAlloc
FlushFileBuffers
GetTimeZoneInformation
SetStdHandle
LCMapStringW
CompareStringW
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetOEMCP
GetACP
IsValidCodePage
GetStringTypeW
GetCPInfo
HeapAlloc
HeapFree
GetModuleHandleExW
ExitProcess
GetModuleFileNameW
GetStdHandle
GetConsoleOutputCP
WriteFile
GetConsoleMode
CloseHandle
GetFileType
CreateFileW
TlsFree
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
EncodePointer
SetLastError
GetStartupInfoW
IsDebuggerPresent
InitializeSListHead
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
LoadLibraryExA
GetProcAddress
GetModuleHandleW
VirtualQuery
VirtualProtect
GetSystemInfo
RaiseException
WriteConsoleW

Sections

.text
Size: 248KB - Virtual size: 247KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 172KB - Virtual size: 171KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.didat
Size: 4KB - Virtual size: 188B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12.8MB - Virtual size: 12.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

50db59e748543f250c8499434df982bb

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

ntdll

kernel32

Sections

.text Size: 248KB - Virtual size: 247KB

.rdata Size: 172KB - Virtual size: 171KB

.data Size: 4KB - Virtual size: 8KB

.didat Size: 4KB - Virtual size: 188B

.rsrc Size: 12.8MB - Virtual size: 12.8MB

.reloc Size: 12KB - Virtual size: 9KB

.text
Size: 248KB - Virtual size: 247KB

.rdata
Size: 172KB - Virtual size: 171KB

.data
Size: 4KB - Virtual size: 8KB

.didat
Size: 4KB - Virtual size: 188B

.rsrc
Size: 12.8MB - Virtual size: 12.8MB

.reloc
Size: 12KB - Virtual size: 9KB