SecuriteInfo[.]com[.]Trojan[.]Win32[.]Hider[.]26435[.]18457[.]dll | Triage

Sharing

Copy URL Twitter E-mail

General

Target

SecuriteInfo.com.Trojan.Win32.Hider.26435.18457.dll
Size

746KB
MD5

d4534ef21b2f4b8ec360905c0ce2614f
SHA1

811786051909c1268e8acade9146e6f199ba2211
SHA256

b9ff2b1a0f93eae86c8323cd59bdad6b4e94c1bc4a4289632a084a98bc55e2a9
SHA512

0e948b5ff46b73b3a39e664c228bba7c190686c22e3f67d7a33daf7fa4b771a419ffdbac3378549b9ccd8bdf49240b6be7e7546143aad49170cba0cf747b99cb
SSDEEP

3072:r7KeDoesgOZqPHYD6SvxHBobVBAK9c1TOtXPmbJOpYxKJ6uLD7E8ZubYLhxv44Cw:roe2qP4uS5HBobVWK4T/uGMxaED6W

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
SecuriteInfo.com.Trojan.Win32.Hider.26435.18457.dll

Files

SecuriteInfo.com.Trojan.Win32.Hider.26435.18457.dll
.dll windows x86

63bc622ddbb364868c646ebb5f982ffe

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LocalFree
LocalAlloc
DisableThreadLibraryCalls
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter

Exports

Exports

Compress
CreateCompression
CreateDecompression
DeInitCompression
DeInitDecompression
Decompress
DestroyCompression
DestroyDecompression
InitCompression
InitDecompression
ResetCompression
ResetDecompression

Sections

.text
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 992B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 448B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ