SecuriteInfo[.]com[.]W32[.]Threat-HLLSI-based[.]32649[.]13006[.]exe

General

Target

SecuriteInfo.com.W32.Threat-HLLSI-based.32649.13006.exe
Size

5KB
MD5

6adb8ce999d011e6122f1cbe3c9233c8
SHA1

5eb02de8c213965ea94e2062cb2fcc4f4a3a3c94
SHA256

5c60f5f76ad3548d84fcd758a5ec107ef350e20c00c1c601bedc8d7e3949b18b
SHA512

3241730e54d0a74c60c3e1e49cf2c91a1a78d0e62c0b33ce598d105b4949d4872b2ea5ea3f86c5de517ee635716e4c53f8cee5d3d0267aa5dbff398228ebab63
SSDEEP

48:S3AjfWmYxUco37Jbh9zyMuLCUqBUcJnZHSJ98wuq97aT1mftIJRT31vRuqS:vjf7YxUfoMmNqBUMnBSLROBmftIJlDx

Score

N/A

Malware Config

Signatures

Files

SecuriteInfo.com.W32.Threat-HLLSI-based.32649.13006.exe
.exe windows x86

cdd5cf3ed74d9fddff018409190078e7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFileSize
ReadFile
GetTempPathA
VirtualAlloc
lstrcatA
EnumSystemCodePagesW
CreateFileA

resutils

ResUtilIsPathValid
ClusWorkerTerminate
ResUtilGetPropertySize
ResUtilResourceTypesEqual

shell32

Shell_NotifyIconA
ShellHookProc

ws2_32

WSAAsyncGetServByName
WSAGetOverlappedResult
WSALookupServiceEnd
WSASendDisconnect
send
WSALookupServiceBeginA
getprotobyname
WSAUnhookBlockingHook
WSARecvFrom

mapi32

ord181
ord41
ord65
ord24
ord144
ord164
ord59
ord160
ord135

winspool.drv

DeletePrinterDriverW
EnumPrinterKeyA
EnumPortsA
DeleteMonitorA

msi

ord144
ord46
ord79
ord109
ord86

mswsock

rresvport
getnetbyname
rexec
rcmd
inet_network
s_perror

rtm

RtmGetNetworkCount
MgmDeRegisterMProtocol
RtmDeregisterClient
RtmRegisterClient
MgmReleaseInterfaceOwnership

ole32

DllGetClassObjectWOW
CreateStdProgressIndicator
OleCreateEx
OleMetafilePictFromIconAndLabel
OleIsCurrentClipboard
HBRUSH_UserUnmarshal
OleUninitialize
OleCreateLinkToFile
OleNoteObjectVisible

Sections

.text
Size: 1024B - Virtual size: 515B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cdd5cf3ed74d9fddff018409190078e7

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

resutils

shell32

ws2_32

mapi32

winspool.drv

msi

mswsock

rtm

ole32

Sections

.text Size: 1024B - Virtual size: 515B

.rdata Size: 2KB - Virtual size: 2KB

.rsrc Size: 512B - Virtual size: 480B

.text
Size: 1024B - Virtual size: 515B

.rdata
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 512B - Virtual size: 480B