SecuriteInfo[.]com[.]Win32[.]InjectorX-gen[.]6276[.]30276

Sharing

Copy URL Twitter E-mail

General

Target

SecuriteInfo.com.Win32.InjectorX-gen.6276.30276
Size

104KB
MD5

f1951897153595d6bf6a50b053515237
SHA1

e9c38c8178fd846d627e5844ef6fff4805f99919
SHA256

00c9545290056629ca7684a471ffdde3df70c25f7cbec9e1ac047e58577f83e9
SHA512

0e4f659439d288f3d3f2944b1dd3e586393d202c63c7386b032b82687de14f8b7495fd77c8a4aec63099df0c32092f0a242bb257145b20318f5644d037600743
SSDEEP

1536:YWHCQJBdtmToYN0s3Asw6ttlg76w2RAk28Jid7UUfq0Q11jfmVYGiAMc5:/Zs3Akt6aJiKUfa2YiMc5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
SecuriteInfo.com.Win32.InjectorX-gen.6276.30276

Files

SecuriteInfo.com.Win32.InjectorX-gen.6276.30276
.dll windows x86

7172f97c2413b1e82fd101bf278d9e25

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

SHEnumValueW
PathIsURLA
SHRegDeleteUSValueW
StrRChrA
StrCmpNIA

kernel32

GetCurrentProcessId
GetProcAddress
LoadLibraryA
GetTickCount
QueryPerformanceCounter
GetEnvironmentStringsW
GetSystemTimeAsFileTime
GetEnvironmentStrings
FreeEnvironmentStringsA
GetTimeZoneInformation
SetStdHandle
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
GetLocaleInfoW
CreateFileA
CompareStringA
CompareStringW
FreeEnvironmentStringsW
GetModuleHandleW
GetCommandLineA
CloseHandle
HeapSize
SetFilePointer
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
GetDateFormatA
GetTimeFormatA
GetStringTypeW
GetStringTypeA
LCMapStringW
MultiByteToWideChar
LCMapStringA
FlushFileBuffers
GetConsoleMode
GetConsoleCP
InterlockedExchange
FreeLibrary
SetConsoleCtrlHandler
GetModuleFileNameA
WriteFile
VirtualAlloc
EnterCriticalSection
LeaveCriticalSection
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
Sleep
GetLastError
HeapFree
SetEnvironmentVariableA
ExitProcess
FatalAppExitA
GetCPInfo
InterlockedIncrement
InterlockedDecrement
GetACP
GetOEMCP
IsValidCodePage
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
GetCurrentThreadId
GetCurrentThread
WideCharToMultiByte
RtlUnwind
InitializeCriticalSectionAndSpinCount
HeapAlloc
HeapReAlloc
HeapCreate
HeapDestroy
VirtualFree

winspool.drv

DeleteMonitorA
DeviceCapabilitiesA
EXTDEVICEMODE
ord203

mscms

UnregisterCMMA
EnumColorProfilesW
GetCMMInfo
SetColorProfileElement
SetStandardColorSpaceProfileW
CreateMultiProfileTransform

crypt32

CertAddCRLContextToStore
CryptSetOIDFunctionValue
CertAddEncodedCertificateToSystemStoreW
CertSerializeCTLStoreElement

ws2_32

ntohs
WSASetServiceA
WSCInstallProvider
WSADuplicateSocketW
htonl
WSALookupServiceNextW
__WSAFDIsSet

loadperf

LoadPerfCounterTextStringsA
UnloadPerfCounterTextStringsA
LoadPerfCounterTextStringsW

ole32

HBITMAP_UserSize
OleLoad
WriteClassStm
OleDestroyMenuDescriptor
OleRegEnumFormatEtc
HMETAFILE_UserMarshal
OleRegGetMiscStatus

shell32

SHGetFileInfoA
ShellExecuteA
SHQueryRecycleBinW

Exports

Exports

HvDeclY
_Gckeis@0

Sections

.text
Size: 87KB - Virtual size: 86KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

7172f97c2413b1e82fd101bf278d9e25

Headers

DLL Characteristics

File Characteristics

Imports

shlwapi

kernel32

winspool.drv

mscms

crypt32

ws2_32

loadperf

ole32

shell32

Exports

Exports

Sections

.text Size: 87KB - Virtual size: 86KB

.rdata Size: 12KB - Virtual size: 12KB

.data Size: 4KB - Virtual size: 10KB

.text
Size: 87KB - Virtual size: 86KB

.rdata
Size: 12KB - Virtual size: 12KB

.data
Size: 4KB - Virtual size: 10KB