SecuriteInfo[.]com[.]Win32[.]PWSX-gen[.]9628[.]8400[.]exe | Triage

Sharing

General

Target

SecuriteInfo.com.Win32.PWSX-gen.9628.8400.exe
Size

7.7MB
MD5

17043ad253ce5ac175e7f182d90fb17b
SHA1

87c47085ee4d8e949f5ef0a49fd5ead7fcb52c36
SHA256

a57f2d5d623439d54d5a8089426c6912e2e35b1087ce4b5615f2eae80730a814
SHA512

f57cde32ced224ef1b1d28c3ed9f2bd6d4f43d29104c934ac8e71d087b5fd852aa07f24a445a8f06afdf4a61517e417a9294bfcd2611fdc19b102c66bd56c9ea
SSDEEP

98304:imT3M7xrLMzrNDHf9OjEXIPJO8pC8sklHcNW2LVu5ROqRr+JLDsCTxkTcVoqBmgx:JJMvKu50Um

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
SecuriteInfo.com.Win32.PWSX-gen.9628.8400.exe

Files

SecuriteInfo.com.Win32.PWSX-gen.9628.8400.exe
.exe windows:6 windows x86 arch:x86

b76e0abc5c135fccfefff5d32b453ca5

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCommandLineA
GetLastError
HeapAlloc
HeapFree
GetProcessHeap
SetCriticalSectionSpinCount
Sleep
ExitProcess
GetSystemInfo
GetTickCount
GetModuleHandleW
GetProcAddress
LoadLibraryW
GlobalAlloc
GlobalFree
MultiByteToWideChar
ConvertDefaultLocale

user32

IsWindowVisible
GetWindowContextHelpId
MessageBoxA
GetWindowLongW
IsDialogMessageW
RegisterClassW

Sections

.text
Size: 6.9MB - Virtual size: 6.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 799KB - Virtual size: 799KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ