SecuriteInfo[.]com[.]Riskware[.]Application[.]21846[.]29869[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

SecuriteInfo.com.Riskware.Application.21846.29869.exe
Size

17.0MB
MD5

872579349de6ea7730ec09796bb5b652
SHA1

6c90a49abdd3a3be33e4fa800668c41c597faccb
SHA256

75f3977c89e871fbf7312242e59c9a16d1e4c3b7ae8a4d187af3c46ca29fba5c
SHA512

2ecd96c97253925505174bb4a2510beb870147f1ef258604a1c961ef43ac73856d726d02459ebaecfd4c11f29720750c5c8e30fb2ebc978942e113e222b90b94
SSDEEP

393216:YrvRCMoigraBag/XvHH4X6GaMek2xCL+kPaWFkod+AhC+:Q8MLna+4Xzoyi2Dkod+AJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
SecuriteInfo.com.Riskware.Application.21846.29869.exe

Files

SecuriteInfo.com.Riskware.Application.21846.29869.exe
.exe windows:5 windows x86 arch:x86

b89d06d723c943dba6353e5b3ff87198

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

InternetGetConnectedState

hid

HidD_FlushQueue

setupapi

SetupDiEnumDeviceInterfaces

kernel32

GetVersionExW
GetVersionExA
GetSystemTimeAsFileTime
LocalAlloc
LocalFree
GetModuleFileNameW
ExitProcess
LoadLibraryA
GetModuleHandleA
GetProcAddress

user32

EqualRect
CharUpperBuffW

gdi32

PtVisible

msimg32

TransparentBlt

winspool.drv

ClosePrinter

advapi32

OpenProcessToken

shell32

CommandLineToArgvW

comctl32

ImageList_ReplaceIcon

shlwapi

PathFileExistsW

uxtheme

SetWindowTheme

ole32

CoRevokeClassObject

oleaut32

SafeArrayCreate

oledlg

OleUIBusyW

gdiplus

GdipDeleteCustomLineCap

sensapi

IsNetworkAlive

netapi32

Netbios

oleacc

AccessibleObjectFromWindow

imm32

ImmAssociateContext

winmm

PlaySoundW

ws2_32

shutdown

Sections

.text
Size: - Virtual size: 5.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 1.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 360KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.?wr
Size: - Virtual size: 11.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.PG)
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.Ir$
Size: 16.6MB - Virtual size: 16.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 347KB - Virtual size: 347KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b89d06d723c943dba6353e5b3ff87198

Headers

DLL Characteristics

File Characteristics

Imports

wininet

hid

setupapi

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

uxtheme

ole32

oleaut32

oledlg

gdiplus

sensapi

netapi32

oleacc

imm32

winmm

ws2_32

Sections

.text Size: - Virtual size: 5.1MB

.rdata Size: - Virtual size: 1.5MB

.data Size: - Virtual size: 360KB

.?wr Size: - Virtual size: 11.7MB

.PG) Size: 5KB - Virtual size: 4KB

.Ir$ Size: 16.6MB - Virtual size: 16.6MB

.reloc Size: 1KB - Virtual size: 1KB

.rsrc Size: 347KB - Virtual size: 347KB

.text
Size: - Virtual size: 5.1MB

.rdata
Size: - Virtual size: 1.5MB

.data
Size: - Virtual size: 360KB

.?wr
Size: - Virtual size: 11.7MB

.PG)
Size: 5KB - Virtual size: 4KB

.Ir$
Size: 16.6MB - Virtual size: 16.6MB

.reloc
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 347KB - Virtual size: 347KB