SecuriteInfo[.]com[.]Trojan[.]Win64[.]Krypt[.]22458[.]12397[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

SecuriteInfo.com.Trojan.Win64.Krypt.22458.12397.exe
Size

862KB
MD5

0cf5030c9a297b27209f709adfe9fbf4
SHA1

7729225027bc2e541730844706671af4f92f537a
SHA256

ebb81c4597db39a4f3f1eb518eec00c46db22fffda0ca8c3236b5d8d56cc17cd
SHA512

9f46750c247a57a6a298ce242adba77f30634f2135bdd2c2e252bfd0e805fb28a9d47b83e11e16632c27845aa416de7ea89b19fb75d33c5c517e58578b895c39
SSDEEP

24576:hgZSDbofbDmWHcDwcWbU5X/55Hou5hZGKYnOiG:90mWHc83b+55HBKnOiG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
SecuriteInfo.com.Trojan.Win64.Krypt.22458.12397.exe

Files

SecuriteInfo.com.Trojan.Win64.Krypt.22458.12397.exe
.exe windows:6 windows x64 arch:x64

d6bde9231b7a0f9bfc8f18efefaa410f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\Users\epic\source\repos\autoclicker\x64\Release\autoclicker.pdb

Imports

d3d11

D3D11CreateDeviceAndSwapChain

d3dcompiler_47

D3DCompile

winmm

PlaySoundA

kernel32

QueryPerformanceCounter
CreateThread
GetModuleHandleA
GetConsoleWindow
GetModuleFileNameA
Process32First
WriteProcessMemory
GetConsoleScreenBufferInfo
SetPriorityClass
SetConsoleTitleA
GetCurrentProcess
SetConsoleScreenBufferSize
GetStdHandle
SetConsoleMode
GetConsoleCursorInfo
TerminateProcess
OpenProcess
CreateToolhelp32Snapshot
GetConsoleMode
GetLastError
SetConsoleCursorInfo
CloseHandle
ReadProcessMemory
CreateProcessA
VirtualQueryEx
GetProcAddress
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
IsDebuggerPresent
IsProcessorFeaturePresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
GetModuleHandleW
CreateEventW
WaitForSingleObjectEx
ResetEvent
SetEvent
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
EnterCriticalSection
QueryPerformanceFrequency
GlobalUnlock
WideCharToMultiByte
GlobalLock
GlobalFree
GlobalAlloc
MultiByteToWideChar
InitializeSListHead
LocalFree
FormatMessageA
Process32Next

user32

GetCapture
ClientToScreen
GetClipboardData
SetWindowPos
GetKeyNameTextA
SetWindowLongA
GetWindowLongA
MapVirtualKeyA
IsChild
DestroyWindow
GetWindowTextA
DefWindowProcA
CreateWindowExA
PeekMessageA
UnregisterClassA
PostQuitMessage
RegisterClassExA
UpdateWindow
GetMessageA
DispatchMessageA
CallNextHookEx
WindowFromPoint
ShowWindow
GetAsyncKeyState
GetCursorInfo
SetWindowsHookExA
UnhookWindowsHookEx
TranslateMessage
SendMessageA
FindWindowA
SendInput
GetKeyState
LoadCursorA
ScreenToClient
GetForegroundWindow
CloseClipboard
SetClipboardData
OpenClipboard
GetCursorPos
SetCursorPos
ReleaseCapture
GetClientRect
SetCursor
SetCapture
EmptyClipboard

imm32

ImmReleaseContext
ImmGetContext
ImmSetCompositionWindow

xinput1_4

ord2
ord4

msvcp140

?out@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEAD3AEAPEAD@Z
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IEAA@XZ
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXXZ
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAA@XZ
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JXZ
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEAD_J@Z
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEBD_J@Z
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UEAA@XZ
??1?$basic_istream@DU?$char_traits@D@std@@@std@@UEAA@XZ
?always_noconv@codecvt_base@std@@QEBA_NXZ
??Bid@locale@std@@QEAA_KXZ
?_Pninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAPEADXZ
?in@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEAD3AEAPEAD@Z
?unshift@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEAD1AEAPEAD@Z
?getloc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEBA?AVlocale@2@XZ
?_Xlength_error@std@@YAXPEBD@Z
_Query_perf_frequency
?cout@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
_Thrd_sleep
_Query_perf_counter
_Xtime_get_ticks
?widen@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBADD@Z
?put@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@D@Z
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@XZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAV01@AEAV01@@Z@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@H@Z
?_Xout_of_range@std@@YAXPEBD@Z
??1_Lockit@std@@QEAA@XZ
??0_Lockit@std@@QEAA@H@Z
?_Getgloballocale@locale@std@@CAPEAV_Locimp@12@XZ
?_Xinvalid_argument@std@@YAXPEBD@Z
?_Winerror_map@std@@YAHH@Z
?id@?$codecvt@DDU_Mbstatet@@@std@@2V0locale@2@A
?_Fiopen@std@@YAPEAU_iobuf@@PEBDHH@Z
?_Random_device@std@@YAIXZ
?_Syserror_map@std@@YAPEBDH@Z
?_Ipfx@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA_N_N@Z
?snextc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
?_Getcat@?$codecvt@DDU_Mbstatet@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?sbumpc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
?sgetc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAA@XZ

vcruntime140_1

__CxxFrameHandler4

vcruntime140

memset
__C_specific_handler
memmove
memcpy
__current_exception_context
memcmp
_CxxThrowException
__current_exception
__std_exception_copy
__std_exception_destroy
strstr
__std_terminate
memchr

api-ms-win-crt-stdio-l1-1-0

_fseeki64
fsetpos
ungetc
fgetpos
_get_stream_buffer_pointers
ftell
fgetc
fputc
__p__commode
_set_fmode
__acrt_iob_func
__stdio_common_vsscanf
fread
__stdio_common_vsprintf
_wfopen
fwrite
fflush
fseek
fclose
setvbuf

api-ms-win-crt-string-l1-1-0

toupper
strcmp
strncpy

api-ms-win-crt-utility-l1-1-0

qsort

api-ms-win-crt-heap-l1-1-0

_callnewh
_set_new_mode
free
malloc

api-ms-win-crt-convert-l1-1-0

strtol
atof

api-ms-win-crt-runtime-l1-1-0

__p___argc
__p___argv
_c_exit
_register_thread_local_exe_atexit_callback
_exit
_initterm_e
exit
system
_initterm
_get_initial_narrow_environment
_set_app_type
_seh_filter_exe
_errno
_cexit
_crt_atexit
_invalid_parameter_noinfo_noreturn
_register_onexit_function
_initialize_onexit_table
_initialize_narrow_environment
_configure_narrow_argv
terminate

api-ms-win-crt-filesystem-l1-1-0

_lock_file
_unlock_file

api-ms-win-crt-environment-l1-1-0

getenv

api-ms-win-crt-math-l1-1-0

fmodf
log2f
sqrtf
sinf
acosf
atan2f
cosf
__setusermatherr
pow
powf
floorf
ceilf

api-ms-win-crt-locale-l1-1-0

_configthreadlocale

Sections

.text
Size: 280KB - Virtual size: 279KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 566KB - Virtual size: 565KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 412B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d6bde9231b7a0f9bfc8f18efefaa410f

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

d3d11

d3dcompiler_47

winmm

kernel32

user32

imm32

xinput1_4

msvcp140

vcruntime140_1

vcruntime140

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-utility-l1-1-0

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-convert-l1-1-0

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-filesystem-l1-1-0

api-ms-win-crt-environment-l1-1-0

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-locale-l1-1-0

Sections

.text Size: 280KB - Virtual size: 279KB

.rdata Size: 566KB - Virtual size: 565KB

.data Size: 2KB - Virtual size: 13KB

.pdata Size: 12KB - Virtual size: 12KB

.rsrc Size: 512B - Virtual size: 480B

.reloc Size: 512B - Virtual size: 412B

.text
Size: 280KB - Virtual size: 279KB

.rdata
Size: 566KB - Virtual size: 565KB

.data
Size: 2KB - Virtual size: 13KB

.pdata
Size: 12KB - Virtual size: 12KB

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 512B - Virtual size: 412B