SecuriteInfo[.]com[.]Win32[.]PWSX-gen[.]32171[.]18245

Sharing

Copy URL Twitter E-mail

General

Target

SecuriteInfo.com.Win32.PWSX-gen.32171.18245
Size

84KB
MD5

71f46375b7692c07dc1ade0f68d8cbbc
SHA1

141a7e3943972cebb65fcf5c6fd1a80987ee4dcf
SHA256

9ca93dc242f83304539dbfd4874d20a5d3c3d478cff3707b8693af3ad10c137c
SHA512

91afba614de6feae54adeeeeece7726088fae278066eb28465bfa9624fadc9e385eccacb62e6a2df803c19a889c7dbe5baf9b24b9c47cd6b3fbf7c067693e605
SSDEEP

1536:U12llY1OB21PNYRkHpZTbxrXglLqqjRvQ3J3U5WfVGqzMmzJhuK6b20sWpI/9cdD:U80QkHDTbNqGZEBqzMi6yoDoLNuLC0j

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
SecuriteInfo.com.Win32.PWSX-gen.32171.18245

Files

SecuriteInfo.com.Win32.PWSX-gen.32171.18245
.exe windows x86

04d0ccf82cdfe258f1f6055098518373

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetFilePointerEx
GetConsoleMode
GetConsoleOutputCP
FlushFileBuffers
HeapReAlloc
HeapSize
GetProcessHeap
GetStringTypeW
GetFileType
SetStdHandle
FreeEnvironmentStringsW
GetEnvironmentStringsW
WideCharToMultiByte
MultiByteToWideChar
GetCommandLineW
GetCommandLineA
GetOEMCP
CreateFileW
CloseHandle
WriteConsoleW
EnumResourceTypesA
GetACP
IsValidCodePage
FindNextFileW
FindFirstFileExW
FindClose
DecodePointer
EncodePointer
LCMapStringW
HeapAlloc
HeapFree
CreateFileMappingA
lstrlenW
MapViewOfFile
VirtualAlloc
ExitProcess
GetCPInfo
CreateFileA
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetStartupInfoW
IsProcessorFeaturePresent
GetModuleHandleW
GetCurrentProcess
TerminateProcess
RtlUnwind
GetLastError
SetLastError
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
GetProcAddress
LoadLibraryExW
GetStdHandle
WriteFile
GetModuleFileNameW
GetModuleHandleExW
RaiseException

mswsock

WSARecvEx
EnumProtocolsW
rresvport
GetAddressByNameW
dn_expand
GetNameByTypeA
SetServiceA
MigrateWinsockConfiguration

mscms

GetStandardColorSpaceProfileW
IsColorProfileValid
GetColorDirectoryA
SetColorProfileHeader

ole32

SNB_UserMarshal
HBITMAP_UserUnmarshal
StgOpenStorage
HMETAFILEPICT_UserFree

winspool.drv

DeletePrintProcessorA
DeletePrinterIC
AddPrintProvidorW
GetPrinterDriverDirectoryA
EnumPrinterKeyW
EnumPrinterDataExA

comdlg32

PrintDlgExA
ReplaceTextW
ChooseFontA
ChooseColorW

msacm32

acmFilterTagEnumW
acmStreamOpen
acmFormatEnumW

user32

TranslateMessage
DispatchMessageW
DefWindowProcW
PostQuitMessage
RegisterClassExW
CreateWindowExW
ShowWindow
SetWindowPos
UpdateWindow
BeginPaint
EndPaint
GetClientRect
MessageBoxW
LoadCursorW
GetMessageW

gdi32

GetTextExtentPoint32W
SelectObject
SetTextColor
CreateFontW
DeleteObject
TextOutW

Sections

.text
Size: 54KB - Virtual size: 54KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 512B - Virtual size: 224B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

04d0ccf82cdfe258f1f6055098518373

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

mswsock

mscms

ole32

winspool.drv

comdlg32

msacm32

user32

gdi32

Sections

.text Size: 54KB - Virtual size: 54KB

.rdata Size: 24KB - Virtual size: 24KB

.data Size: 3KB - Virtual size: 5KB

.gfids Size: 512B - Virtual size: 224B

.rsrc Size: 512B - Virtual size: 480B

.text
Size: 54KB - Virtual size: 54KB

.rdata
Size: 24KB - Virtual size: 24KB

.data
Size: 3KB - Virtual size: 5KB

.gfids
Size: 512B - Virtual size: 224B

.rsrc
Size: 512B - Virtual size: 480B