SecuriteInfo[.]com[.]Win32[.]Evo-gen[.]7824[.]32731[.]exe | Triage

Sharing

General

Target

SecuriteInfo.com.Win32.Evo-gen.7824.32731.exe
Size

4.0MB
MD5

b1e139d753704b3e7e4bdea315ce310f
SHA1

7fa05d77ae40ab9bb464bc6da4a5d1ba6438197f
SHA256

0b6967f41a54cb499a30e44e1161f549684097d543a10907ad250e76b4dfa66d
SHA512

5ee8b40f53b8b05549b9ef87bb9bc9a2bc55cb9391e10b9f5bcfcc1d0a53b934679be63295ff7b8b28e42f8350b8224c124798caa8dac287f3f4715fab382423
SSDEEP

98304:4KlxGYCN6mG5FKk+znNWuwgmHwaUQ11c7vv2RgPOYi:HCYY6H3Kk+zNW4zHwc7eyi

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
SecuriteInfo.com.Win32.Evo-gen.7824.32731.exe

Files

SecuriteInfo.com.Win32.Evo-gen.7824.32731.exe
.exe windows:6 windows x86 arch:x86

2eabe9054cad5152567f0699947a2c5b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

lstrcpy

Sections

Size: 2.2MB - Virtual size: 5.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 3.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

hkzlbrsr
Size: 1.7MB - Virtual size: 1.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

sefyvpsj
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.taggant
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE