SecuriteInfo[.]com[.]Win32[.]TrojanX-gen[.]10998[.]27573

Sharing

Copy URL

Twitter E-mail

General

Target

SecuriteInfo.com.Win32.TrojanX-gen.10998.27573
Size

67KB
MD5

abb094354dfc0d3301195dbce5818d0d
SHA1

e1af2adcadfd3682fc6f7e400bc1ae00c8ac54a1
SHA256

5dc124b58c8844d7300c1f2fececad54bea84cf930443e3639cbe669367e692c
SHA512

cea758a845656bc0d5236222d5153f1d091817261a1de7e8c0ae95360fd2fffdc6ecc059cd7834a3612c5d038ca85ab02a084905c58a28ae8a68acf88916bdcd
SSDEEP

1536:wKdHN/yjGAMA0+IlzSxDyqPnas96z+XcvjQ/6rnIpFW:wYN/yGAWlz5qPnas96z+XRUnIpFW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
SecuriteInfo.com.Win32.TrojanX-gen.10998.27573

Files

SecuriteInfo.com.Win32.TrojanX-gen.10998.27573
.exe windows:4 windows x86 arch:x86

952b4a312ae4a10956b144111c92b824

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcr80

_controlfp_s
_invoke_watson
_except_handler4_common
_decode_pointer
_onexit
_lock
__dllonexit
vswprintf_s
_unlock
?terminate@@YAXXZ
__set_app_type
_encode_pointer
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_configthreadlocale
_initterm_e
_initterm
__CxxUnregisterExceptionObject
__CxxDetectRethrow
__CxxRegisterExceptionObject
__CxxExceptionFilter
__CxxQueryExceptionSize
swprintf_s
sscanf
_encoded_null
__FrameUnwindFilter
__winitenv
exit
_XcptFilter
_exit
_cexit
__wgetmainargs
_amsg_exit
_crt_debugger_hook

kernel32

ReadFile
CreateFileA
CloseHandle
GetVersion
GetPrivateProfileIntA
DeviceIoControl
WriteFile
GetCurrentProcess
GetModuleFileNameW
GetLastError
IsDebuggerPresent
UnhandledExceptionFilter
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
SetUnhandledExceptionFilter
InterlockedCompareExchange
InterlockedExchange
Sleep
GetPrivateProfileStringA

advapi32

CryptReleaseContext
CryptGetHashParam
CryptHashData
CryptCreateHash
CryptAcquireContextW
CryptDestroyHash

msvcm80

?RegisterModuleUninitializer@<CrtImplementationDetails>@@YAXP$AAVEventHandler@System@@@Z
?ThrowModuleLoadException@<CrtImplementationDetails>@@YAXP$AAVString@System@@@Z
?ThrowNestedModuleLoadException@<CrtImplementationDetails>@@YAXP$AAVException@System@@0@Z
?DoCallBackInDefaultDomain@<CrtImplementationDetails>@@YAXP6GJPAX@Z0@Z
?DoDllLanguageSupportValidation@<CrtImplementationDetails>@@YAXXZ
?ThrowModuleLoadException@<CrtImplementationDetails>@@YAXP$AAVString@System@@P$AAVException@3@@Z

mscoree

_CorExeMain

Sections

.text
Size: 35KB - Virtual size: 34KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 928B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

952b4a312ae4a10956b144111c92b824

Headers

File Characteristics

Imports

msvcr80

kernel32

advapi32

msvcm80

mscoree

Sections

.text Size: 35KB - Virtual size: 34KB

.rdata Size: 28KB - Virtual size: 27KB

.data Size: 512B - Virtual size: 1KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 1024B - Virtual size: 928B

.text
Size: 35KB - Virtual size: 34KB

.rdata
Size: 28KB - Virtual size: 27KB

.data
Size: 512B - Virtual size: 1KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 1024B - Virtual size: 928B