SecuriteInfo[.]com[.]Program[.]Unwanted[.]5511[.]6761[.]30518[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

SecuriteInfo.com.Program.Unwanted.5511.6761.30518.exe
Size

7.3MB
MD5

b6bbef382e492055b9425d6690d21603
SHA1

d07e297271a423334d9ae84545dc9388e7c1c68d
SHA256

6535e4aaa30f73c1f02a4d396a9a651fdc0aad1db9660e260f6f0f1cd7595b47
SHA512

13a522790a342f08dca7abb574a970331577d849584daaf8583429bd5042ffdea1c06272bd03f2e9ade9f7bc7706120e06bf52c20eed32ba6fe673d6ee7fe6a5
SSDEEP

98304:qDYtAK8acxE8Bx+mANFPGJJ+lEYsX+B3jN3Vg182imiK5EC5QSg+:1t1B0oFP+clTjB3dS189bK5jKY

Score

1^/10

Malware Config

Signatures

Files

SecuriteInfo.com.Program.Unwanted.5511.6761.30518.exe
.exe windows:6 windows x86 arch:x86

96ae2ed79ffb9010a489a016851887b3

Code Sign

77:bd:0e:05:b7:59:0b:b6:1d:47:61:53:1e:3f:75:ed
Certificate

Issuer

CN=GlobalSign Code Signing Root R45,O=GlobalSign nv-sa,C=BE

Not Before

28-07-2020 00:00

Not After

28-07-2030 00:00

Subject

CN=GlobalSign GCC R45 EV CodeSigning CA 2020,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

7f:16:e0:36:27:7b:43:f3:e5:8c:3c:a8
Certificate

Issuer

CN=GlobalSign GCC R45 EV CodeSigning CA 2020,O=GlobalSign nv-sa,C=BE

Not Before

18-10-2023 12:27

Not After

18-10-2024 12:27

Subject

SERIALNUMBER=1086168004669,CN=ОБЩЕСТВО С ОГРАНИЧЕННОЙ ОТВЕТСТВЕННОСТЬЮ РОСТПЭЙ,O=ОБЩЕСТВО С ОГРАНИЧЕННОЙ ОТВЕТСТВЕННОСТЬЮ РОСТПЭЙ,STREET=ПЕР. ДОЛОМАНОВСКИЙ\, Д.70 К.Д\, КВ.1(10 ЭТАЖ),L=Ростов-на-Дону,ST=Ростовская область,C=RU,1.2.840.113549.1.9.1=#0c12737570706f727440726f73747061792e7275,1.3.6.1.4.1.311.60.2.1.2=#130d526f73746f76204f626c617374,1.3.6.1.4.1.311.60.2.1.3=#13025255,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14-07-2023 00:00

Not After

13-10-2034 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23-03-2022 00:00

Not After

22-03-2037 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01-08-2022 00:00

Not After

09-11-2031 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

62:e9:2b:d2:f1:1e:d0:11:2a:87:56:54:fb:18:d1:fa:fd:55:4a:53:42:37:25:05:6e:3a:38:86:23:e3:29:6a
Signer

Actual PE Digest

62:e9:2b:d2:f1:1e:d0:11:2a:87:56:54:fb:18:d1:fa:fd:55:4a:53:42:37:25:05:6e:3a:38:86:23:e3:29:6a

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

bcrypt

BCryptCreateHash
BCryptFinishHash
BCryptEncrypt
BCryptCloseAlgorithmProvider
BCryptHashData
BCryptOpenAlgorithmProvider
BCryptDestroyHash
BCryptGenRandom
BCryptDestroyKey
BCryptDeriveKeyPBKDF2
BCryptSetProperty
BCryptGetProperty
BCryptGenerateSymmetricKey

winhttp

WinHttpReceiveResponse
WinHttpQueryHeaders
WinHttpOpenRequest
WinHttpSendRequest
WinHttpSetOption
WinHttpQueryDataAvailable
WinHttpReadData
WinHttpConnect
WinHttpCloseHandle
WinHttpOpen

kernel32

WaitForSingleObjectEx
GetFileInformationByHandleEx
AreFileApisANSI
SetFileInformationByHandle
SetEndOfFile
GetFullPathNameW
FindFirstFileExW
CreateDirectoryW
GetCurrentDirectoryW
FormatMessageA
GetStringTypeW
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
InitializeCriticalSectionEx
InitializeConditionVariable
WakeConditionVariable
WakeAllConditionVariable
SleepConditionVariableCS
SleepConditionVariableSRW
InitOnceBeginInitialize
InitOnceComplete
FreeLibraryWhenCallbackReturns
CreateThreadpoolWork
SubmitThreadpoolWork
CloseThreadpoolWork
GetModuleHandleExW
GetUserDefaultUILanguage
EncodePointer
DecodePointer
CompareStringEx
LCMapStringEx
SetThreadLocale
IsBadStringPtrA
IsBadReadPtr
QueryPerformanceFrequency
QueryPerformanceCounter
GetLogicalDriveStringsW
GetDriveTypeW
FindNextFileW
CreateThread
WaitForMultipleObjects
CopyFileW
CreateEventW
SetEvent
GetCPInfo
IsValidCodePage
InitializeCriticalSectionAndSpinCount
ResetEvent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetStartupInfoW
InitializeSListHead
GetNativeSystemInfo
GetVersionExW
IsDebuggerPresent
GetEnvironmentVariableW
OutputDebugStringW
GetTempFileNameW
GetLongPathNameW
FindFirstFileW
FindClose
GetCurrentProcessId
GetTempPathW
GetCommandLineW
RtlUnwind
LoadLibraryExW
ExitThread
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
GetCurrentThread
Sleep
TryEnterCriticalSection
RaiseException
GetSystemTimeAsFileTime
CreateMutexW
GetThreadLocale
GetLocaleInfoW
GetACP
EnumResourceNamesW
FormatMessageW
SetErrorMode
SetCurrentDirectoryW
GlobalFree
GlobalHandle
GlobalSize
GlobalLock
GlobalUnlock
GlobalAlloc
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
LoadLibraryW
FreeLibrary
GetCurrentThreadId
ExitProcess
SetLastError
MulDiv
ReadConsoleOutputCharacterA
SetConsoleCursorPosition
InitializeSRWLock
GetConsoleScreenBufferInfo
FillConsoleOutputCharacterW
WriteConsoleW
WriteConsoleA
AttachConsole
FreeConsole
GetStdHandle
GetModuleFileNameW
WideCharToMultiByte
SetFilePointerEx
ReadFile
GetFileTime
GetFileSizeEx
LocalFree
GetTickCount
WriteFile
GetFileType
CreateFileW
GetFileAttributesW
SetFileAttributesW
GetFileAttributesExW
DeleteFileW
MoveFileExW
MultiByteToWideChar
Process32NextW
Process32FirstW
CreateToolhelp32Snapshot
QueryFullProcessImageNameW
OpenProcess
TerminateProcess
FindResourceW
SizeofResource
LockResource
LoadResource
ExpandEnvironmentStringsW
GetProcAddress
GetModuleHandleW
IsWow64Process
CreateProcessW
GetCurrentProcess
WaitForSingleObject
GetLastError
CloseHandle
FreeLibraryAndExitThread
GetTimeZoneInformation
SetStdHandle
FlushFileBuffers
GetConsoleMode
ReadConsoleW
GetConsoleOutputCP
HeapFree
HeapReAlloc
HeapAlloc
GetDateFormatW
GetTimeFormatW
CompareStringW
LCMapStringW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
GetOEMCP
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableW
GetCommandLineA
GetProcessHeap
IsProcessorFeaturePresent
HeapSize

user32

CreateAcceleratorTableW
DestroyCursor
SetMenuItemInfoW
InsertMenuItemW
SetMenuInfo
RemoveMenu
ModifyMenuW
AppendMenuW
InsertMenuW
GetSubMenu
DestroyMenu
CreatePopupMenu
CreateMenu
GetMenuState
ValidateRect
PostThreadMessageW
GetMessageW
GetClassNameW
MessageBeep
GetWindowTextW
SetActiveWindow
HideCaret
GetWindowTextLengthW
DestroyAcceleratorTable
IsMenu
GetComboBoxInfo
DrawIconEx
SetRectEmpty
SetRect
DrawStateW
DestroyIcon
DrawFocusRect
DrawTextW
CreateIconIndirect
GetWindowDC
BeginPaint
EndPaint
UnionRect
GetDesktopWindow
ChildWindowFromPoint
DrawEdge
DrawFrameControl
CheckMenuItem
GetMenuItemID
CheckMenuRadioItem
RegisterClipboardFormatW
GetClipboardFormatNameW
wsprintfW
ChangeDisplaySettingsExW
EnumDisplaySettingsW
MonitorFromPoint
EnumDisplayMonitors
TranslateAcceleratorW
GetDoubleClickTime
GetCaretBlinkTime
ValidateRgn
keybd_event
IsRectEmpty
GetIconInfo
SetTimer
LoadIconW
LoadBitmapW
FindWindowExW
SetMenu
PostMessageW
RegisterWindowMessageW
GetMonitorInfoW
MonitorFromWindow
GetSysColorBrush
CopyRect
SetWindowRgn
GetDlgItem
CreateDialogParamW
SystemParametersInfoW
GetScrollInfo
SetScrollInfo
IsDialogMessageW
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExW
GetWindow
SetParent
GetParent
PtInRect
InflateRect
FillRect
GetSysColor
ChildWindowFromPointEx
WindowFromPoint
MapWindowPoints
ScreenToClient
ClientToScreen
GetCursorPos
SetCursor
SetCursorPos
GetWindowRect
GetClientRect
EnableScrollBar
ScrollWindow
RedrawWindow
InvalidateRect
IsClipboardFormatAvailable
AdjustWindowRectEx
ShowCursor
DdeInitializeW
DdeUninitialize
DdeConnect
DdeDisconnect
DdePostAdvise
DdeNameService
DdeClientTransaction
DdeCreateDataHandle
DdeGetData
DdeFreeDataHandle
DdeGetLastError
DdeCreateStringHandleW
DdeQueryStringW
DdeFreeStringHandle
GetUpdateRgn
UpdateWindow
GetMenuItemInfoW
TrackPopupMenu
GetMenuItemCount
GetSystemMetrics
IsWindowEnabled
EnableWindow
ReleaseCapture
SetCapture
GetCapture
MapVirtualKeyW
VkKeyScanW
GetAsyncKeyState
GetFocus
GetActiveWindow
SetFocus
IsWindowVisible
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
AnimateWindow
IsWindow
CallWindowProcW
PostQuitMessage
MsgWaitForMultipleObjects
GetMessageTime
GetMessagePos
UnregisterHotKey
RegisterHotKey
PeekMessageW
DispatchMessageW
TranslateMessage
ReleaseDC
GetDC
SetWindowLongW
GetWindowLongW
SetWindowTextW
SetForegroundWindow
EnableMenuItem
GetSystemMenu
DrawMenuBar
GetDialogBaseUnits
CreateDialogIndirectParamW
IsZoomed
BringWindowToTop
KillTimer
LoadImageW
IsIconic
GetWindowPlacement
SetWindowPos
MoveWindow
FlashWindowEx
SetLayeredWindowAttributes
ShowWindow
DestroyWindow
CreateWindowExW
DefWindowProcW
SendMessageW
LoadCursorW
GetProcessDefaultLayout
MessageBoxW
UnregisterClassW
RegisterClassW
GetKeyState
OffsetRect

gdi32

SetPolyFillMode
StretchBlt
StretchDIBits
SetROP2
SetStretchBltMode
GetWorldTransform
SetWorldTransform
ModifyWorldTransform
ExtTextOutW
CreatePolygonRgn
DPtoLP
LPtoDP
Polygon
Polyline
PolyBezier
SetViewportExtEx
SetWindowExtEx
SetWindowOrgEx
GetBkColor
LineTo
MoveToEx
GetTextExtentPoint32W
CombineRgn
EqualRgn
GetRgnBox
PtInRegion
RectInRegion
CreatePalette
GetNearestPaletteIndex
SetPixel
CreateRectRgnIndirect
GetCharABCWidthsW
GetTextExtentExPointW
CreateICW
CreateDIBitmap
GetDIBits
CreateDIBSection
GetDIBColorTable
SetDIBColorTable
CreateDCW
GetSystemPaletteEntries
SetViewportOrgEx
CloseEnhMetaFile
CreateEnhMetaFileW
DeleteEnhMetaFile
GetEnhMetaFileW
GetEnhMetaFileHeader
PlayEnhMetaFile
EnumFontFamiliesExW
SetAbortProc
StartDocW
EndDoc
StartPage
EndPage
GetLayout
SetLayout
SetMapMode
SetGraphicsMode
ExtSelectClipRgn
RoundRect
SelectClipRgn
Rectangle
PolyPolygon
Pie
MaskBlt
GetPixel
GetObjectType
GetClipBox
ExtFloodFill
Ellipse
Arc
ExtCreatePen
CreatePen
CreateFontIndirectW
DeleteObject
GetDeviceCaps
GetOutlineTextMetricsW
SelectObject
GetTextMetricsW
CreateRectRgn
ExcludeClipRect
RealizePalette
SetBrushOrgEx
SelectPalette
GdiFlush
ExtCreateRegion
GetRegionData
OffsetRgn
GetObjectW
BitBlt
CreateBitmap
CreateBitmapIndirect
CreateCompatibleBitmap
CreateCompatibleDC
DeleteDC
SetBkColor
SetBkMode
SetTextColor
CreateSolidBrush
GetGraphicsMode
GetViewportExtEx
GetWindowExtEx
CreateHatchBrush
GetPaletteEntries
GetStockObject
CreatePatternBrush

comdlg32

GetOpenFileNameW
PageSetupDlgW
PrintDlgW
CommDlgExtendedError
ChooseFontW
GetSaveFileNameW

winspool.drv

GetPrinterW
DocumentPropertiesW
ClosePrinter
OpenPrinterW

shell32

SHGetFolderPathW
CommandLineToArgvW
ord6
SHGetFileInfoW
SHBrowseForFolderW
SHGetPathFromIDListW
SHGetMalloc
ExtractIconExW
ExtractIconW
DragAcceptFiles
DragFinish
DragQueryPoint
DragQueryFileW
SHGetKnownFolderPath
ShellExecuteExW
ShellExecuteW

shlwapi

SHAutoComplete
PathMatchSpecW
AssocQueryStringW

comctl32

ImageList_SetDragCursorImage
ImageList_DragMove
ImageList_DragLeave
ImageList_DragEnter
ImageList_EndDrag
ImageList_BeginDrag
ImageList_ReplaceIcon
ImageList_Copy
ImageList_GetImageInfo
ImageList_GetIconSize
ImageList_Remove
ImageList_Replace
ImageList_Draw
ImageList_SetBkColor
ImageList_Add
ImageList_GetImageCount
ImageList_Destroy
ImageList_Create
ord16
ord17

ole32

CoInitializeEx
CoCreateInstance
CoTaskMemFree
CoTaskMemAlloc
OleInitialize
RevokeDragDrop
OleSetContainedObject
CoUninitialize
OleRun
OleLockRunning
CoLockObjectExternal
RegisterDragDrop
ReleaseStgMedium
OleSetClipboard
OleGetClipboard
OleFlushClipboard
OleIsCurrentClipboard
OleUninitialize

oleaut32

SysFreeString
SafeArrayCreate
SafeArrayDestroy
SafeArrayPtrOfIndex
VariantInit
SysStringLen
VariantClear
SafeArrayUnlock
SafeArrayLock
VarBstrFromCy
SafeArrayGetVartype
VariantTimeToSystemTime
SystemTimeToVariantTime
SysAllocString

rpcrt4

UuidToStringW
RpcStringFreeW

advapi32

GetUserNameW
RegEnumValueW
RegEnumKeyW
RegDeleteKeyW
GetSecurityInfo
RegSetValueExW
RegQueryValueExW
RegOpenKeyExW
RegEnumKeyExW
RegDeleteValueW
RegCreateKeyExW
RegCloseKey
FreeSid
CheckTokenMembership
AllocateAndInitializeSid

version

VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW

oleacc

LresultFromObject

uxtheme

GetThemeMargins
GetCurrentThemeName
GetThemeBackgroundExtent
IsThemePartDefined
SetWindowTheme
GetThemeSysFont
GetThemeSysColor
GetThemeInt
GetThemePartSize
GetThemeFont
IsAppThemed
IsThemeActive
CloseThemeData
DrawThemeParentBackground
GetThemeColor
IsThemeBackgroundPartiallyTransparent
GetThemeBackgroundContentRect
DrawThemeBackground
OpenThemeData

msimg32

AlphaBlend
GradientFill

Sections

.text
Size: 4.5MB - Virtual size: 4.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.8MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 101KB - Virtual size: 4.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 547KB - Virtual size: 546KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 351KB - Virtual size: 351KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

96ae2ed79ffb9010a489a016851887b3

Code Sign

77:bd:0e:05:b7:59:0b:b6:1d:47:61:53:1e:3f:75:edCertificate

Extended Key Usages

Key Usages

7f:16:e0:36:27:7b:43:f3:e5:8c:3c:a8Certificate

Extended Key Usages

Key Usages

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16Certificate

Extended Key Usages

Key Usages

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5bCertificate

Extended Key Usages

Key Usages

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5aCertificate

Key Usages

62:e9:2b:d2:f1:1e:d0:11:2a:87:56:54:fb:18:d1:fa:fd:55:4a:53:42:37:25:05:6e:3a:38:86:23:e3:29:6aSigner

Headers

DLL Characteristics

File Characteristics

Imports

bcrypt

winhttp

kernel32

user32

gdi32

comdlg32

winspool.drv

shell32

shlwapi

comctl32

ole32

oleaut32

rpcrt4

advapi32

version

oleacc

uxtheme

msimg32

Sections

.text Size: 4.5MB - Virtual size: 4.5MB

.rdata Size: 1.8MB - Virtual size: 1.8MB

.data Size: 101KB - Virtual size: 4.3MB

.rsrc Size: 547KB - Virtual size: 546KB

.reloc Size: 351KB - Virtual size: 351KB

77:bd:0e:05:b7:59:0b:b6:1d:47:61:53:1e:3f:75:ed
Certificate

7f:16:e0:36:27:7b:43:f3:e5:8c:3c:a8
Certificate

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

62:e9:2b:d2:f1:1e:d0:11:2a:87:56:54:fb:18:d1:fa:fd:55:4a:53:42:37:25:05:6e:3a:38:86:23:e3:29:6a
Signer

.text
Size: 4.5MB - Virtual size: 4.5MB

.rdata
Size: 1.8MB - Virtual size: 1.8MB

.data
Size: 101KB - Virtual size: 4.3MB

.rsrc
Size: 547KB - Virtual size: 546KB

.reloc
Size: 351KB - Virtual size: 351KB