SecuriteInfo[.]com[.]Win32[.]PWSX-gen[.]6286[.]9067

Sharing

Copy URL Twitter E-mail

General

Target

SecuriteInfo.com.Win32.PWSX-gen.6286.9067
Size

147KB
MD5

38c434e4f3d922c6614f000e052080e1
SHA1

ee913091ecbd8c9815e4c4d05cb62e187117fdd1
SHA256

8672533e265fca8c53d58cf7d64753a5dc1596a705ece819897df03e6cc16d57
SHA512

02b72a85ddc04fe54a7fdd0bac04e50b7c10b605bfcd5b93193ebc03b2bf119eccefe9762b66b018dc0e2aec587a6fc8b46475f2ec8a556e1343d317f61513e4
SSDEEP

3072:jyCId32Q5MsDxVxb95Xwy/S83pRSxMl1vUhAd:jyCId32QH595Xwy/N3zqy

Score

1^/10

Malware Config

Signatures

Files

SecuriteInfo.com.Win32.PWSX-gen.6286.9067
.exe windows x86

e93b0fa594d670a466cb6a5c504e254c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ImageList_AddMasked
ImageList_Create
ImageList_Destroy
ImageList_SetBkColor
PropertySheetW

kernel32

lstrcmpW
lstrcpyW
lstrcatW
lstrlenW
FileTimeToSystemTime
GetDateFormatW
GetLocaleInfoW
GetConsoleWindow
IsValidLocaleName
LCMapStringEx
GetUserDefaultLocaleName
GetLocaleInfoEx
CompareStringEx
GetDateFormatEx
GetTimeFormatEx
HeapSize
GetStringTypeW
WriteConsoleW
LoadLibraryW
OutputDebugStringW
SetConsoleCtrlHandler
LoadLibraryExW
FreeLibrary
InterlockedExchange
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
GetConsoleCP
FlushFileBuffers
SetStdHandle
Sleep
FatalAppExitA
GetModuleHandleW
TerminateProcess
HeapAlloc
FlsFree
FlsSetValue
FlsGetValue
FlsAlloc
SetUnhandledExceptionFilter
UnhandledExceptionFilter
WideCharToMultiByte
FreeEnvironmentStringsW
FormatMessageW
GetTickCount64
GetSystemTimeAsFileTime
QueryPerformanceCounter
GetModuleFileNameA
SetLastError
GetLastError
CloseHandle
CreateFileW
CompareFileTime
GetModuleFileNameW
WriteFile
AreFileApisANSI
VirtualLock
GetProcAddress
EndUpdateResourceA
HeapReAlloc
GetModuleHandleExW
ExitProcess
GetCurrentThreadId
GetCurrentThread
InterlockedDecrement
InterlockedIncrement
GetStartupInfoW
InitOnceExecuteOnce
DeleteCriticalSection
GetFileType
GetStdHandle
EnumSystemLocalesEx
SetFilePointerEx
SetFilePointer
ReadConsoleW
GetConsoleMode
RtlUnwind
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
EnterCriticalSection
DecodePointer
EncodePointer
IsDebuggerPresent
IsProcessorFeaturePresent
GetCommandLineA
SetEndOfFile
MultiByteToWideChar
FindCloseChangeNotification
GetStringTypeExA
MulDiv
LocalFree
VirtualAlloc
DisableThreadLibraryCalls
GetProcessHeap
GetEnvironmentStringsW
HeapFree
ReadFile
GetExitCodeThread
GetCurrentProcess

resutils

ResUtilResourcesEqual
ClusWorkerCheckTerminate
ResUtilGetPrivateProperties
ResUtilGetBinaryProperty
ResUtilGetProperty
ResUtilGetPropertiesToParameterBlock

wsock32

ord1109
htons
WSACancelAsyncRequest
MigrateWinsockConfiguration
ord1141
ord1142
ord1105
ord1113
ord1107
ord1112
ord1100
ord1116
bind
WSAAsyncGetProtoByName

msacm32

acmStreamClose
acmFormatTagEnumA
acmFormatChooseA
acmMetrics
acmStreamConvert
acmStreamUnprepareHeader
acmDriverRemove

rtm

MgmDeRegisterMProtocol
RtmAddRoute
RtmEnumerateGetNextRoute
MgmReleaseInterfaceOwnership
RtmDeleteRouteTable
RtmIsRoute
MgmInitialize
RtmGetNetworkCount
RtmDeleteRoute
RtmDequeueRouteChangeMessage

avicap32

AppCleanup
videoThunk32

avifil32

AVIStreamGetFrameOpen
AVIStreamLength
EditStreamSetNameA
AVIFileInit

msvfw32

ICLocate
DrawDibClose
DrawDibRealize
ICRemove

winmm

waveOutUnprepareHeader
mmioRenameW
midiOutGetErrorTextA
waveInGetID
joyGetDevCapsW
midiOutGetErrorTextW
mixerSetControlDetails
sndPlaySoundA

user32

LoadStringW
PostMessageW
ShowWindow
DialogBoxParamW
EndDialog
GetDlgItem
IsDlgButtonChecked
SetFocus
EnableWindow
GetDC
ReleaseDC
GetWindowRect
MessageBoxW
GetWindowLongW
SetWindowLongW
GetParent
LoadBitmapW
SendMessageW

gdi32

DeleteObject
CreateFontW
GetDeviceCaps

comdlg32

GetOpenFileNameW
GetSaveFileNameW

advapi32

RegDeleteValueA
CryptReleaseContext
RegSetValueExA
RegQueryValueExA
RegCloseKey
RegCreateKeyExW

Sections

.text
Size: 123KB - Virtual size: 122KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

e93b0fa594d670a466cb6a5c504e254c

Headers

DLL Characteristics

File Characteristics

Imports

comctl32

kernel32

resutils

wsock32

msacm32

rtm

avicap32

avifil32

msvfw32

winmm

user32

gdi32

comdlg32

advapi32

Sections

.text Size: 123KB - Virtual size: 122KB

.rdata Size: 18KB - Virtual size: 17KB

.data Size: 5KB - Virtual size: 12KB

.text
Size: 123KB - Virtual size: 122KB

.rdata
Size: 18KB - Virtual size: 17KB

.data
Size: 5KB - Virtual size: 12KB