SecuriteInfo[.]com[.]Win32[.]TrojanX-gen[.]13764[.]14744[.]exe | Triage

Sharing

General

Target

SecuriteInfo.com.Win32.TrojanX-gen.13764.14744.exe
Size

3.0MB
MD5

f99f4ee77fe954b37a79ebd2f2632a92
SHA1

46326d7b4e3874c31a669ce97c5250e44682e009
SHA256

d3c4150f1ec4bf5df0fb130924be8e9ac7c6cb1ed510173f9d09eb3ada3e5a11
SHA512

d33cbeb1a6b234d6afaac98879a5526c8afe489d041b3cc8ef602ee927cf4ebcdac6cc27d5e4eaba992c1262f6014e011b4c048a07838580d01aa02ac2b6775d
SSDEEP

24576:8oxI3KN2sTg2Pgk1WCWRCnqXfEYJS+a/6Ycsqq9kl5vsgrfCVYbc2gvOaDORrh1a:gKH3PgaWcn4/aTc3brs1yR1m8Xm7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
SecuriteInfo.com.Win32.TrojanX-gen.13764.14744.exe

Files

SecuriteInfo.com.Win32.TrojanX-gen.13764.14744.exe
.exe windows:6 windows x86 arch:x86

baa93d47220682c04d92f7797d9224ce

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpy

comctl32

InitCommonControls

Sections

Size: 573KB - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

imizdfet
Size: 2.4MB - Virtual size: 2.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

qymxgezc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE