SecuriteInfo[.]com[.]Win32[.]PWSX-gen[.]31947[.]12518

Sharing

Copy URL

Twitter E-mail

General

Target

SecuriteInfo.com.Win32.PWSX-gen.31947.12518
Size

77KB
MD5

bee196a3b95f6e1a6eb37c56b41bc271
SHA1

fff29a2baa7eb4a8b784140071275863b6ae3c61
SHA256

018f22c7760b32d5d936d02cb62df9bb29242ed2c1820385844cb751f4425d61
SHA512

de2c39610ff1d3bc25449bc56647af59d782296eb9374aa2a2fd3a43beb118a8350d34aa1d5256f39671c7bb74eceae4788739835278337a153232a5540bc6af
SSDEEP

1536:lHvsoKpy9d0dJSgwXdt7iWkrS9GA6Fp/lNuOsW4cdbW/YER:ODxdQ5dfkrVdMKb6R

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
SecuriteInfo.com.Win32.PWSX-gen.31947.12518

Files

SecuriteInfo.com.Win32.PWSX-gen.31947.12518
.dll windows x86

586d0fe3e109a6211399a8a8b04c8000

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateFileMappingA
WriteConsoleW
CreateFileW
SetFilePointerEx
lstrcatA
GetConsoleOutputCP
FlushFileBuffers
SetStdHandle
HeapReAlloc
HeapSize
GetStringTypeW
GetFileType
MapViewOfFile
VirtualAlloc
ExitProcess
CloseHandle
WriteFile
ReadFile
GetFileSize
GetFileAttributesA
CreateFileA
GetConsoleMode
GetEnvironmentVariableA
GetStdHandle
GetProcessHeap
LCMapStringW
FreeEnvironmentStringsW
GetEnvironmentStringsW
WideCharToMultiByte
MultiByteToWideChar
GetCommandLineW
GetCommandLineA
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
FindNextFileW
FindFirstFileExW
FindClose
HeapAlloc
HeapFree
GetModuleFileNameW
GetModuleHandleExW
RaiseException
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetStartupInfoW
IsProcessorFeaturePresent
GetModuleHandleW
GetCurrentProcess
TerminateProcess
InterlockedFlushSList
RtlUnwind
GetLastError
SetLastError
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
GetProcAddress
LoadLibraryExW
EncodePointer
DecodePointer

user32

CloseClipboard
GetDlgItemInt
HideCaret
GetClipboardSequenceNumber
SetClassLongW
OpenClipboard

odbc32

ord54
ord253
ord208
ord13
ord160
ord167

comdlg32

PrintDlgExA
GetSaveFileNameW
ReplaceTextA
ReplaceTextW
FindTextW
GetSaveFileNameA
GetOpenFileNameW

crypt32

CryptRegisterOIDFunction
CryptInstallOIDFunctionAddress

msacm32

acmDriverID
acmStreamSize
acmFormatChooseA
acmFormatDetailsA
acmDriverDetailsW
acmFormatChooseW

winmm

waveOutPause
mmioRead
midiOutGetID
midiInGetNumDevs
midiOutGetErrorTextA
mmTaskSignal
midiOutSetVolume

setupapi

SetupDiGetSelectedDriverA
SetupDiRegisterDeviceInfo
SetupQueueDefaultCopyA
SetupDiDestroyClassImageList

mpr

WNetAddConnectionA
MultinetGetConnectionPerformanceA
WNetGetUserA
WNetAddConnectionW
WNetCancelConnectionA

loadperf

LoadPerfCounterTextStringsW
UnloadPerfCounterTextStringsA
UnloadPerfCounterTextStringsW

Exports

Exports

HvDeclY
_FileExists@4
_ReadFileContents@12
_WriteToFile@12

Sections

.text
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

586d0fe3e109a6211399a8a8b04c8000

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

odbc32

comdlg32

crypt32

msacm32

winmm

setupapi

mpr

loadperf

Exports

Exports

Sections

.text Size: 48KB - Virtual size: 47KB

.rdata Size: 25KB - Virtual size: 25KB

.data Size: 2KB - Virtual size: 4KB

.text
Size: 48KB - Virtual size: 47KB

.rdata
Size: 25KB - Virtual size: 25KB

.data
Size: 2KB - Virtual size: 4KB