SecuriteInfo[.]com[.]Trojan-Downloader[.]Win32[.]Agent[.]17829[.]26584[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

SecuriteInfo.com.Trojan-Downloader.Win32.Agent.17829.26584.exe
Size

1.5MB
MD5

e8fb90a61ea453015893f6622fe782d9
SHA1

e5ef00070b2b3e8926e243ee030d9b8654300e7f
SHA256

724747836d7815f1003472a3caeb8a81d39a9c6cc7d8e7845795d5a32079f4b9
SHA512

762e3f9754ad5108e46df54bbbf4f09f9fe4c0c32faba25b970946f188b5a9eb5b8d174e9cd7bd25d6d9250c76d98102cb8f6de8dafa0cb2bc27d1ec6c36d078
SSDEEP

24576:IrcHBaY4+mty3KTtXOngaGf4Np8pgxmH9z99hxccgQ:iYFUy6TtegaGfwp8pMmHJ998c

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
SecuriteInfo.com.Trojan-Downloader.Win32.Agent.17829.26584.exe

Files

SecuriteInfo.com.Trojan-Downloader.Win32.Agent.17829.26584.exe
.exe windows:4 windows x86 arch:x86

9bbf25f270065f55f3be1ef16499162d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

malloc
free
realloc
memset
memmove
memcpy
memcmp
strlen
exit
fflush
sprintf
swprintf
qsort
ceil
floor
pow
sin
cos
tan
asin
acos
atan
atan2
ldexp
frexp
log10
log
sqrt
fabs
fmod
_setmode
_fileno
__iob_func
_strnicmp
_beginthreadex
_endthreadex
_wcsupr
_wrename
wcslen

kernel32

GetCommandLineW
SetErrorMode
SetUnhandledExceptionFilter
GetStdHandle
WriteFile
LocalFree
WideCharToMultiByte
SetConsoleTitleA
VirtualAlloc
VirtualFree
AllocConsole
FreeConsole
WriteConsoleW
GetConsoleMode
GetCurrentDirectoryW
SetCurrentDirectoryW
GetEnvironmentStringsW
GetEnvironmentVariableW
SetEnvironmentVariableW
FreeEnvironmentStringsW
FileTimeToSystemTime
GetSystemTimeAsFileTime
GetSystemTime
GetLocalTime
GetTimeZoneInformation
Sleep
lstrlenW
CreateProcessW
WaitForSingleObject
GetExitCodeProcess
CreatePipe
CreateFileW
CloseHandle
ReadFile
SetHandleInformation
GetLastError
MultiByteToWideChar
SetFilePointer
GetVersionExA
SetConsoleTextAttribute
SetConsoleCursorPosition
GetConsoleScreenBufferInfo
FillConsoleOutputCharacterW
FillConsoleOutputAttribute
SwitchToThread
TerminateThread
GetCurrentThreadId
GetExitCodeThread
GlobalAlloc
GlobalFree
GlobalLock
GlobalUnlock
GetFileAttributesW
GetFileAttributesExW
CreateFileA
CreateDirectoryW
DeleteFileW
RemoveDirectoryW
FindFirstFileW
FindNextFileW
FindClose
GetFileSize
GetLogicalDriveStringsW
GlobalSize
GetNativeSystemInfo
GetCurrentProcessId
GetModuleHandleW
GetVersionExW
LoadLibraryA
FreeLibrary
GetProcAddress
GetConsoleWindow
QueryPerformanceFrequency
QueryPerformanceCounter

shell32

CommandLineToArgvW
ShellExecuteW
DragQueryFileW
SHBrowseForFolderW
SHGetPathFromIDListW

ole32

CoInitializeEx
CoCreateInstance
CLSIDFromProgID
StgCreateDocfile
CreateStreamOnHGlobal
CoTaskMemFree

oleaut32

SysAllocString
SysFreeString
VariantInit
SafeArrayCreateVector
SafeArrayGetDim
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayAccessData
SafeArrayUnaccessData
SafeArrayDestroy

rpcrt4

UuidFromStringA

gdiplus

GdiplusStartup
GdiplusShutdown
GdipCreateBitmapFromScan0
GdipDisposeImage
GdipCreateHICONFromBitmap
GdipScaleWorldTransform
GdipDeleteStringFormat
GdipCreateStringFormat
GdipSetStringFormatAlign
GdipSetStringFormatLineAlign
GdipSetStringFormatTrimming
GdipCreateFontFromDC
GdipDeleteFont
GdipSetTextRenderingHint
GdipDrawImageRectI
GdipCreateFromHDC
GdipDeleteGraphics
GdipFillRectangleI
GdipCreateSolidFill
GdipDeleteBrush
GdipDrawString
GdipMeasureString

gdi32

CreateBitmap
GetObjectW
CreateRectRgn
GetTextExtentPoint32W
CreateCompatibleDC
CreateCompatibleBitmap
DeleteDC
BitBlt
SelectObject
GetDeviceCaps
SetTextColor
SetBkColor
SetBkMode
GetStockObject
CreateSolidBrush
SetDCBrushColor
DeleteObject
CreateFontIndirectW
CreateFontW

advapi32

CryptAcquireContextW
CryptCreateHash
CryptHashData
CryptGetHashParam
CryptDestroyHash
CryptGenRandom

user32

SendMessageW
GetForegroundWindow
OpenClipboard
SetClipboardData
GetClipboardData
EmptyClipboard
CloseClipboard
RegisterClipboardFormatA
PeekMessageW
TrackMouseEvent
RedrawWindow
MonitorFromPoint
GetSystemMetrics
GetSysColor
SystemParametersInfoW
IsWindowVisible
SetTimer
KillTimer
GetKeyState
GetActiveWindow
SetForegroundWindow
SetWindowRgn
SetFocus
SetCapture
ReleaseCapture
SetLayeredWindowAttributes
UpdateLayeredWindow
GetWindowThreadProcessId
DrawTextW
GetDC
GetWindowDC
ReleaseDC
BeginPaint
EndPaint
MapWindowPoints
MapVirtualKeyW
ToUnicode
GetKeyboardState
GetSysColorBrush
RegisterClassExW
UnregisterClassW
LoadCursorW
SetCursor
CreateWindowExW
SetScrollInfo
GetScrollInfo
ShowScrollBar
ShowWindow
UpdateWindow
EnableWindow
IsWindowEnabled
InvalidateRect
GetParent
GetAncestor
WindowFromPoint
ChildWindowFromPointEx
DefWindowProcW
CallWindowProcW
GetMessageW
TranslateMessage
DispatchMessageW
PostQuitMessage
PostMessageW
GetMessagePos
SetWindowLongW
GetWindowLongW
GetClassInfoExW
GetWindowRect
GetClientRect
GetDesktopWindow
FillRect
AdjustWindowRectEx
BringWindowToTop
BeginDeferWindowPos
EndDeferWindowPos
DeferWindowPos
SetWindowPos
SetWindowTextW
CreateMenu
CreatePopupMenu
InsertMenuItemW
GetMenuItemInfoW
TrackPopupMenuEx
ClientToScreen
ScreenToClient
SetParent
DestroyMenu
SetMenu
GetMenu
DestroyWindow
LoadIconW
GetCapture
GetTabbedTextExtentW
CreateCaret
DestroyCaret
SetCaretPos
PrintWindow
GetGestureInfo
GetCaretBlinkTime

comdlg32

GetOpenFileNameW
GetSaveFileNameW
ChooseFontW

msimg32

AlphaBlend

comctl32

InitCommonControlsEx
ImageList_Create
ImageList_Destroy
ImageList_Add
LBItemFromPt

d3d11

D3D11CreateDevice

imm32

ImmGetContext
ImmReleaseContext
ImmSetCompositionWindow
ImmSetCompositionFontW

uxtheme

OpenThemeData
CloseThemeData
IsThemeActive
GetThemeSysFont
SetWindowTheme

dwmapi

DwmSetWindowAttribute

d2d1

D2D1CreateFactory
D2D1MakeRotateMatrix
D2D1MakeSkewMatrix
D2D1InvertMatrix

Sections

.text
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 246KB - Virtual size: 246KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9bbf25f270065f55f3be1ef16499162d

Headers

DLL Characteristics

File Characteristics

Imports

msvcrt

kernel32

shell32

ole32

oleaut32

rpcrt4

gdiplus

gdi32

advapi32

user32

comdlg32

msimg32

comctl32

d3d11

imm32

uxtheme

dwmapi

d2d1

Sections

.text Size: 1.3MB - Virtual size: 1.3MB

.data Size: 246KB - Virtual size: 246KB

.rdata Size: 7KB - Virtual size: 7KB

.idata Size: 1KB - Virtual size: 1KB

.rsrc Size: 17KB - Virtual size: 16KB

.text
Size: 1.3MB - Virtual size: 1.3MB

.data
Size: 246KB - Virtual size: 246KB

.rdata
Size: 7KB - Virtual size: 7KB

.idata
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 17KB - Virtual size: 16KB