SecuriteInfo[.]com[.]not-a-virus[.]Downloader[.]Win32[.]Snojan[.]hfau[.]22234[.]14407[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

SecuriteInfo.com.not-a-virus.Downloader.Win32.Snojan.hfau.22234.14407.exe
Size

1.7MB
MD5

06db3580d9182b9c1564b64c3bf17b4f
SHA1

0936963c4ca26cac9c3fe5914e8527f0047d4712
SHA256

c62241911d2a9500eb1c4fff6b76e781e83f844c74fd22ac305ba8b1ffcc0ecf
SHA512

cc581f7ca25e87a5d27e62cd6dd7ea2982aa5f6475bdd6a75cf9effe3da61b650e8ce0f2415ce4a5aaa4e8e7035185d12cdbd81c24b1b87f518d8d08238e766a
SSDEEP

49152:Nblzh8u8ceYKgdwcyqTM0vfkl1y76JXJe9Y1OkGqYN:NblzhvkYrPvfi1yMhOL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
SecuriteInfo.com.not-a-virus.Downloader.Win32.Snojan.hfau.22234.14407.exe

Files

SecuriteInfo.com.not-a-virus.Downloader.Win32.Snojan.hfau.22234.14407.exe
.exe windows:6 windows x86 arch:x86

ea768817f2f1a856d06a8e961c14af7d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FlushFileBuffers
CreateProcessW
lstrlenW
GlobalUnlock
GlobalLock
DeleteFileW
GlobalAlloc
GetPrivateProfileStringW
MultiByteToWideChar
WriteConsoleW
HeapSize
SetStdHandle
GetProcessHeap
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetOEMCP
GetACP
IsValidCodePage
FindNextFileW
FindFirstFileExW
GetTimeZoneInformation
HeapReAlloc
ReadConsoleW
GetConsoleMode
GetConsoleOutputCP
GetFileType
SetFilePointerEx
GetFileSizeEx
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
LCMapStringW
CompareStringW
GetTimeFormatW
GetDateFormatW
HeapAlloc
HeapFree
ExitProcess
GetModuleHandleExW
GetModuleFileNameW
FreeLibraryAndExitThread
ExitThread
GetCurrentThreadId
MulDiv
CloseHandle
OutputDebugStringW
GetLastError
CreateFileW
CreateThread
GetFileAttributesExW
LoadLibraryExW
SetLastError
SetEndOfFile
RtlUnwind
InitializeSListHead
GetStartupInfoW
IsDebuggerPresent
IsProcessorFeaturePresent
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
CreateIoCompletionPort
PostQueuedCompletionStatus
GetQueuedCompletionStatus
InterlockedExchange
RaiseException
TerminateThread
ResetEvent
SetEvent
CreateEventW
WaitForSingleObject
TlsFree
TlsGetValue
TlsAlloc
TlsSetValue
InitializeCriticalSectionAndSpinCount
VirtualQuery
GetStdHandle
GetCurrentProcess
FindClose
InterlockedCompareExchange
FreeLibrary
GetTempPathW
GetEnvironmentVariableW
GetFileSize
CreateDirectoryW
LocalFileTimeToFileTime
SystemTimeToFileTime
ReadFile
SetFilePointer
InterlockedDecrement
InterlockedIncrement
GetCurrentProcessId
GetModuleHandleA
GlobalSize
LoadLibraryW
SizeofResource
LoadResource
FindResourceW
GetCurrentDirectoryW
GlobalFree
GetFileAttributesW
GetTickCount
VerSetConditionMask
VerifyVersionInfoW
GetCPInfo
CompareStringEx
GetStringTypeW
GetLocaleInfoEx
LCMapStringEx
GetProcAddress
GetModuleHandleW
GetSystemTimeAsFileTime
WriteFile
DecodePointer
EncodePointer
QueryPerformanceFrequency
QueryPerformanceCounter
SleepConditionVariableSRW
WideCharToMultiByte
WaitForSingleObjectEx
Sleep
GetExitCodeThread
InitializeSRWLock
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionEx
TryEnterCriticalSection
DeleteCriticalSection
InitializeConditionVariable
WakeConditionVariable
WakeAllConditionVariable
SleepConditionVariableCS

user32

IsClipboardFormatAvailable
GetDC
GetClientRect
IsRectEmpty
SetForegroundWindow
SystemParametersInfoW
GetForegroundWindow
AttachThreadInput
ShowWindow
SetWindowPos
GetWindowThreadProcessId
PostQuitMessage
SetClipboardData
LoadIconW
EmptyClipboard
CloseClipboard
OpenClipboard
SendMessageW
GetWindowLongW
ReleaseDC
MonitorFromPoint
OffsetRect
CharNextW
IntersectRect
PtInRect
UnionRect
SetCursor
LoadCursorW
DefWindowProcW
DestroyWindow
UnregisterClassW
WaitMessage
DispatchMessageW
SetTimer
RegisterClassW
PeekMessageW
MsgWaitForMultipleObjectsEx
CallMsgFilterW
GetQueueStatus
TranslateMessage
KillTimer
DrawTextW
GetClassInfoExW
MapWindowPoints
GetDesktopWindow
FindWindowW
InflateRect
MessageBoxW
SetWindowRgn
MonitorFromRect
GetWindowPlacement
IsZoomed
GetClipboardData
GetParent
GetAsyncKeyState
GetSysColor
ClientToScreen
UpdateLayeredWindow
GetUpdateRect
MoveWindow
EndPaint
BeginPaint
ReleaseCapture
SetCapture
GetFocus
GetCursorPos
GetKeyState
ScreenToClient
IsWindowVisible
InvalidateRect
SetWindowTextW
RegisterClassExW
GetPropW
SetPropW
CallWindowProcW
PostMessageW
GetSystemMetrics
IsIconic
MonitorFromWindow
GetMonitorInfoW
GetWindowRect
SetFocus
EnableWindow
SetWindowLongW
IsWindow
GetWindow
CreateWindowExW

advapi32

RegQueryValueExW
RegSetValueExW
RegCreateKeyExW
RegCloseKey
RegOpenKeyExW

shell32

SHFileOperationW
ShellExecuteW

version

VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW

uiautomationcore

UiaHostProviderFromHwnd
UiaClientsAreListening
UiaReturnRawElementProvider
UiaRaiseAutomationEvent
UiaRaiseAutomationPropertyChangedEvent

gdiplus

GdipGetImageHeight
GdipGetImageWidth
GdipCreateHBITMAPFromBitmap
GdipImageSelectActiveFrame
GdipGetPropertyItem
GdipGetPropertyItemSize
GdipImageGetFrameCount
GdipImageGetFrameDimensionsList
GdipImageGetFrameDimensionsCount
GdipCreateBitmapFromStream
GdipDisposeImage
GdipCloneImage
GdipAlloc
GdipFree
GdipCreateBitmapFromFile
GdipGetImagePalette
GdipCreateSolidFill
GdipDeleteBrush
GdipCloneBrush
GdipCreateBitmapFromScan0
GdipGetImageGraphicsContext
GdipDeleteGraphics
GdipCreateMatrix
GdipDeleteMatrix
GdipGetWorldTransform
GdipTranslateMatrix
GdipRotateMatrix
GdipSetWorldTransform
GdipDrawImage
GdipCreateFromHDC
GdipDrawImageRectRect
GdiplusStartup
GdiplusShutdown
GdipBitmapLockBits
GdipBitmapUnlockBits
GdipGetImagePaletteSize
GdipSetSmoothingMode
GdipCreatePen1
GdipDeletePen
GdipDrawArc
GdipCreateLineBrushFromRect
GdipSetLineBlend
GdipCreatePen2
GdipDrawImageRect
GdipImageRotateFlip
GdipLoadImageFromFile
GdipClonePen
GdipSetPenWidth
GdipGetPenWidth
GdipSetPenColor
GdipSetPenStartCap
GdipSetPenEndCap
GdipSetPenDashCap197819
GdipGetPenStartCap
GdipGetPenEndCap
GdipGetPenDashCap197819
GdipSetPenLineJoin
GdipGetPenLineJoin
GdipSetPenDashStyle
GdipGetPenDashStyle
GdipCreateBitmapFromHBITMAP
GdipCreateTexture
GdipCreatePath
GdipClonePath
GdipResetPath
GdipSetPathFillMode
GdipGetPathFillMode
GdipStartPathFigure
GdipClosePathFigure
GdipAddPathLineI
GdipAddPathLine2I
GdipAddPathBezierI
GdipAddPathCurveI
GdipAddPathRectangleI
GdipAddPathEllipseI
GdipAddPathArcI
GdipAddPathPieI
GdipAddPathPolygonI
GdipGetPathWorldBoundsI
GdipIsVisiblePathPointI
GdipIsOutlineVisiblePathPointI
GdipTransformPath
GdipDeletePath
GdipFillRectangle
GdipDrawLineI
GdipDrawBezierI
GdipDrawRectangleI
GdipDrawPath
GdipNewInstalledFontCollection
GdipGetFontCollectionFamilyCount
GdipCreateFontFromDC
GdipCreateFontFromLogfontA
GdipDeleteFont
GdipCloneStringFormat
GdipStringFormatGetGenericTypographic
GdipDeleteStringFormat
GdipSetStringFormatTrimming
GdipSetStringFormatFlags
GdipSetStringFormatAlign
GdipSetStringFormatLineAlign
GdipSetInterpolationMode
GdipSetTextRenderingHint
GdipDeleteFontFamily
GdipGetFamily
GdipAddPathString
GdipGetFontSize
GdipGetFontStyle
GdipFillPath
GdipDrawString
GdipDrawEllipseI
GdipFillEllipseI
ord1
GdipAddPathLine
GdipCreatePathGradientFromPath
GdipSetPathGradientWrapMode
GdipSetPathGradientPresetBlend
GdipCreateRegionPath
GdipDeleteRegion
GdipScaleMatrix
GdipMeasureString
ord619
ord617
GdipSetClipRegion
ord613
ord614
GdipGetImagePixelFormat

comctl32

ord17
_TrackMouseEvent

shlwapi

PathFileExistsW
PathIsRelativeW

imm32

ImmGetOpenStatus
ImmSetOpenStatus
ImmReleaseContext
ImmSetCompositionWindow
ImmGetContext

winmm

timeKillEvent
timeSetEvent
timeGetTime

msimg32

AlphaBlend

winhttp

WinHttpAddRequestHeaders
WinHttpQueryHeaders
WinHttpOpen
WinHttpOpenRequest
WinHttpCloseHandle
WinHttpReceiveResponse
WinHttpConnect
WinHttpCrackUrl
WinHttpReadData
WinHttpSendRequest
WinHttpSetTimeouts
WinHttpQueryDataAvailable

gdi32

CreateDCW
DeleteObject
GetObjectW
GetStockObject
CreateFontIndirectW
SelectObject
BitBlt
GetDeviceCaps
ExtSelectClipRgn
CreateRectRgnIndirect
GetTextExtentPoint32W
GetObjectA
SetTextColor
SetBkMode
SetStretchBltMode
SetWindowOrgEx
GetWindowOrgEx
RestoreDC
SaveDC
CreateCompatibleDC
StretchBlt
AddFontResourceExW
AddFontMemResourceEx
CreateDIBSection
DeleteDC
GetDIBits
CreateRoundRectRgn

ole32

CreateStreamOnHGlobal
CoCreateInstance

oleaut32

SafeArrayDestroy
SysAllocString
SafeArrayCreateVector
SafeArrayPutElement
SafeArrayGetElement
SafeArrayGetElemsize

Sections

.text
Size: 937KB - Virtual size: 937KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 204KB - Virtual size: 204KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 32KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 561KB - Virtual size: 561KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 51KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ea768817f2f1a856d06a8e961c14af7d

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

shell32

version

uiautomationcore

gdiplus

comctl32

shlwapi

imm32

winmm

msimg32

winhttp

gdi32

ole32

oleaut32

Sections

.text Size: 937KB - Virtual size: 937KB

.rdata Size: 204KB - Virtual size: 204KB

.data Size: 32KB - Virtual size: 37KB

.rsrc Size: 561KB - Virtual size: 561KB

.reloc Size: 51KB - Virtual size: 51KB

.text
Size: 937KB - Virtual size: 937KB

.rdata
Size: 204KB - Virtual size: 204KB

.data
Size: 32KB - Virtual size: 37KB

.rsrc
Size: 561KB - Virtual size: 561KB

.reloc
Size: 51KB - Virtual size: 51KB