SecuriteInfo[.]com[.]Win32[.]TrojanX-gen[.]20599[.]28039[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

SecuriteInfo.com.Win32.TrojanX-gen.20599.28039.exe
Size

67KB
MD5

52b0702444cb17ca5eca88cb89a3e8dd
SHA1

a77b46d9e306f11267dd05b0ea01d0daed8e877d
SHA256

e25da810a35adcb3923025484671821ffbae7b6ddeebf93de21beb53696d8e71
SHA512

a08f7424e762e44e6194bd5fd7f8e6cd1601b1b09a633f20aeab1fcbcab579eee10658e1aecae532c47653e74075a4b064cc6ec956b01a40440262e96bf4e87a
SSDEEP

1536:wKdHN/yjGAMA0+IlzSxDyqPnas96z+XcvjQ/6rnIpF5:wYN/yGAWlz5qPnas96z+XRUnIpF5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
SecuriteInfo.com.Win32.TrojanX-gen.20599.28039.exe

Files

SecuriteInfo.com.Win32.TrojanX-gen.20599.28039.exe
.exe windows:4 windows x86 arch:x86

952b4a312ae4a10956b144111c92b824

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcr80

_controlfp_s
_invoke_watson
_except_handler4_common
_decode_pointer
_onexit
_lock
__dllonexit
vswprintf_s
_unlock
?terminate@@YAXXZ
__set_app_type
_encode_pointer
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_configthreadlocale
_initterm_e
_initterm
__CxxUnregisterExceptionObject
__CxxDetectRethrow
__CxxRegisterExceptionObject
__CxxExceptionFilter
__CxxQueryExceptionSize
swprintf_s
sscanf
_encoded_null
__FrameUnwindFilter
__winitenv
exit
_XcptFilter
_exit
_cexit
__wgetmainargs
_amsg_exit
_crt_debugger_hook

kernel32

ReadFile
CreateFileA
CloseHandle
GetVersion
GetPrivateProfileIntA
DeviceIoControl
WriteFile
GetCurrentProcess
GetModuleFileNameW
GetLastError
IsDebuggerPresent
UnhandledExceptionFilter
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
SetUnhandledExceptionFilter
InterlockedCompareExchange
InterlockedExchange
Sleep
GetPrivateProfileStringA

advapi32

CryptReleaseContext
CryptGetHashParam
CryptHashData
CryptCreateHash
CryptAcquireContextW
CryptDestroyHash

msvcm80

?RegisterModuleUninitializer@<CrtImplementationDetails>@@YAXP$AAVEventHandler@System@@@Z
?ThrowModuleLoadException@<CrtImplementationDetails>@@YAXP$AAVString@System@@@Z
?ThrowNestedModuleLoadException@<CrtImplementationDetails>@@YAXP$AAVException@System@@0@Z
?DoCallBackInDefaultDomain@<CrtImplementationDetails>@@YAXP6GJPAX@Z0@Z
?DoDllLanguageSupportValidation@<CrtImplementationDetails>@@YAXXZ
?ThrowModuleLoadException@<CrtImplementationDetails>@@YAXP$AAVString@System@@P$AAVException@3@@Z

mscoree

_CorExeMain

Sections

.text
Size: 35KB - Virtual size: 34KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 928B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

952b4a312ae4a10956b144111c92b824

Headers

File Characteristics

Imports

msvcr80

kernel32

advapi32

msvcm80

mscoree

Sections

.text Size: 35KB - Virtual size: 34KB

.rdata Size: 28KB - Virtual size: 27KB

.data Size: 512B - Virtual size: 1KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 1024B - Virtual size: 928B

.text
Size: 35KB - Virtual size: 34KB

.rdata
Size: 28KB - Virtual size: 27KB

.data
Size: 512B - Virtual size: 1KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 1024B - Virtual size: 928B