c:\LockOnSetup\SetupFix1.12\ReleaseEng\SetupFix1.12.pdb
Static task
static1
Behavioral task
behavioral1
Sample
SecuriteInfo.com.Malware-Cryptor.2LA.gen.4973.32615.exe
Resource
win7-20240419-en
Behavioral task
behavioral2
Sample
SecuriteInfo.com.Malware-Cryptor.2LA.gen.4973.32615.exe
Resource
win10v2004-20240426-en
General
-
Target
SecuriteInfo.com.Malware-Cryptor.2LA.gen.4973.32615.exe
-
Size
43.5MB
-
MD5
a168840844abc99e5e75d57e4de94ac2
-
SHA1
e41d42e992d44fec93456ce66037f42fa2ec42e8
-
SHA256
e0a62be50d2ce4d50cb324126003c5a0bbe409eff46fca20e2f19f3f75d2b4e6
-
SHA512
0f80ee6fafecda00e1739bdb90383ce1ea82cced77a02e1622c142daca878f43ef397f9f07a2fea25e0dbbd812ae5f54650986ee1d0f4a5850f4a7648ff72282
-
SSDEEP
786432:QmRWC5RcvGKG6XgAWjoskbzeXyv4gHS7kM/Kp2uLWVv7ucfqxuKbG8psB/3N6ODC:/RWCoeOOkbzeXyv4cvAvKcfqVbG8paQ3
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource SecuriteInfo.com.Malware-Cryptor.2LA.gen.4973.32615.exe
Files
-
SecuriteInfo.com.Malware-Cryptor.2LA.gen.4973.32615.exe.exe windows:4 windows x86 arch:x86
d198a7d79b612d6bfc15148eee852b0f
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
PDB Paths
Imports
comctl32
PropertySheetA
CreatePropertySheetPageA
kernel32
LocalFileTimeToFileTime
DosDateTimeToFileTime
GetFileTime
CreateFileA
SetEndOfFile
MultiByteToWideChar
SetFileTime
GetStringTypeA
LCMapStringW
LCMapStringA
GetSystemInfo
VirtualProtect
IsBadCodePtr
IsBadReadPtr
FlushFileBuffers
SetStdHandle
LoadLibraryA
SetEnvironmentVariableA
CompareStringW
CompareStringA
VirtualQuery
InterlockedExchange
GetCPInfo
SetCurrentDirectoryA
GetModuleFileNameA
MoveFileA
GetModuleHandleA
MoveFileExA
GetFileAttributesA
RemoveDirectoryA
GetStringTypeW
DeleteFileA
CreateDirectoryA
GetLastError
CloseHandle
GetLocaleInfoA
GetOEMCP
GetACP
InitializeCriticalSection
HeapSize
GetFileType
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
ReadFile
WriteFile
SetFilePointer
ExitProcess
HeapAlloc
HeapFree
GetSystemTimeAsFileTime
RtlUnwind
RaiseException
SetFileAttributesA
GetStartupInfoA
GetCommandLineA
GetVersionExA
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
WideCharToMultiByte
GetProcAddress
TerminateProcess
GetCurrentProcess
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
IsBadWritePtr
TlsAlloc
SetLastError
TlsFree
TlsSetValue
TlsGetValue
SetUnhandledExceptionFilter
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
user32
TranslateMessage
DrawTextA
PeekMessageA
LoadBitmapA
SetWindowTextA
GetWindowLongA
SetWindowLongA
GetDlgItem
EnableWindow
PostMessageA
BeginPaint
DispatchMessageA
EndPaint
SetDlgItemTextA
MessageBoxA
LoadStringA
SystemParametersInfoA
GetDC
ReleaseDC
GetDesktopWindow
GetWindowRect
CopyRect
OffsetRect
SetWindowPos
SendMessageA
GetParent
gdi32
CreateCompatibleDC
SelectObject
BitBlt
SetBkMode
SetTextColor
DeleteObject
GetDeviceCaps
CreateFontIndirectA
GetObjectA
advapi32
RegSetValueExA
RegCreateKeyExA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
shell32
ShellExecuteA
SHFileOperationA
SHGetSpecialFolderPathA
Sections
.text Size: 84KB - Virtual size: 82KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 24KB - Virtual size: 23KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 4KB - Virtual size: 10KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 476KB - Virtual size: 474KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ