SecuriteInfo[.]com[.]Win32[.]RATX-gen[.]12603[.]26916

General

Target

SecuriteInfo.com.Win32.RATX-gen.12603.26916
Size

5KB
MD5

746106eaa684bec69cd7e6a7e706ec85
SHA1

749adbfaf4830cf658e5e7e0aeeddef2723b0c36
SHA256

f4ad1130a000eef80b3786a74fa4245304dc0e32be32029a58d1f96f4d51a358
SHA512

4b2bc376e9091c035e0de1e424b84bfc1ff387e30d353c3c95683e34ea04ade480df0a5453104e3b58a2e072e61c720c3f304a5136d6b200018d4040217ffd7f
SSDEEP

48:ibHDpPUrytMKTQuXKVTXKgOUXRaR59nIP8g9wb22aEBmn5y:0yrpOoT1BR89nSd226Bo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
SecuriteInfo.com.Win32.RATX-gen.12603.26916

Files

SecuriteInfo.com.Win32.RATX-gen.12603.26916
.dll windows x86

344afbbe7c4c790e27fd2250fb876b91

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
VirtualAlloc
GetProcAddress
EnumResourceTypesA

gdi32

EnumFontFamiliesA
BeginPath
GetRasterizerCaps
Chord
GetMetaFileA
GetFontResourceInfoW
MaskBlt
AbortPath
EnumFontFamiliesExW

msacm32

acmDriverAddA
acmDriverOpen
acmDriverEnum
acmFilterTagDetailsA
acmFormatTagEnumA
acmDriverMessage
acmStreamUnprepareHeader
acmFilterChooseA
acmFormatSuggest
acmFormatChooseW

comdlg32

GetSaveFileNameW
FindTextW
CommDlgExtendedError
ChooseFontW

pdh

PdhLookupPerfIndexByNameA
PdhMakeCounterPathW
PdhUpdateLogA
PdhGetDefaultPerfObjectW
PdhLookupPerfNameByIndexW
PdhUpdateLogW
PdhConnectMachineW
PdhSelectDataSourceA

oleaut32

VarFix
VarDecMul
VarI1FromDisp
VarUI2FromBool
VarDecFromI4
SafeArrayGetUBound
VarUI1FromR8
VarUI1FromI1
LPSAFEARRAY_Marshal
DispGetIDsOfNames

winspool.drv

DeviceCapabilitiesA
DeleteFormA
ord202
GetPrinterDataA
PrinterProperties
AddPrinterDriverA
GetFormA
DeletePrintProvidorW
SetFormA

Exports

Exports

eIxo

Sections

.text
Size: 1024B - Virtual size: 646B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 128B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 278B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

344afbbe7c4c790e27fd2250fb876b91

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

gdi32

msacm32

comdlg32

pdh

oleaut32

winspool.drv

Exports

Exports

Sections

.text Size: 1024B - Virtual size: 646B

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 512B - Virtual size: 128B

.reloc Size: 512B - Virtual size: 278B

.text
Size: 1024B - Virtual size: 646B

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 512B - Virtual size: 128B

.reloc
Size: 512B - Virtual size: 278B