SecuriteInfo[.]com[.]DeepScan[.]Generic[.]Trojan[.]Genesis[.]Marte[.]A[.]198AE9AC[.]5405[.]19147[.]dll

Sharing

Copy URL Twitter E-mail

General

Target

SecuriteInfo.com.DeepScan.Generic.Trojan.Genesis.Marte.A.198AE9AC.5405.19147.dll
Size

702KB
MD5

8e81361d4232909b7280877e0ca40eed
SHA1

fae684fc7b038ed8c0e78aadb42b5e87947f4dd0
SHA256

ba251cc0fd960b236d43ddedf956c770364914efcf8ebcaa421526d9b7c09f08
SHA512

bc9970a8a4641f64023c6a62cbdd5430d271cac4d015de9be518c1fd37fbcf0c7d8f0d4417a6dae92d24e73a4d9be8d0ec87cc2b7f6c3f4f1f6477f4a7f68554
SSDEEP

12288:cBtB3S+QBsZ7b73xLjmSKMQhjeNnvkH0wN7rp8wC3nMJWJ2IbZDA/N2dEcAK3sV9:cvB3S+QBaDUsSecVo9U4WVEM4H9hy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
SecuriteInfo.com.DeepScan.Generic.Trojan.Genesis.Marte.A.198AE9AC.5405.19147.dll

Files

SecuriteInfo.com.DeepScan.Generic.Trojan.Genesis.Marte.A.198AE9AC.5405.19147.dll
.dll windows x86

2b464709f4b94c4bc043fd735f7d08f5

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetConsoleScreenBufferSize
SetProcessAffinityMask
GetProcessDEPPolicy
EnumCalendarInfoW
EnumResourceTypesW
GetCPInfo
SetDynamicTimeZoneInformation
WriteFile
GetThreadIdealProcessorEx
DeleteTimerQueue
RemoveDllDirectory
ExpandEnvironmentStringsW
GetSystemDefaultUILanguage
GetAppContainerNamedObjectPath
SetConsoleMode
SetCurrentConsoleFontEx
GetTimeFormatEx
SetFileBandwidthReservation
VirtualAlloc
GetProfileIntW
GetProcessAffinityMask
WakeAllConditionVariable
HeapLock
SetThreadpoolWaitEx
DisassociateCurrentThreadFromCallback
SetFileTime
GetModuleFileNameW
OpenPrivateNamespaceW
CreateThreadpoolIo
ReOpenFile
DeleteFiber
CreateNamedPipeW
WaitForMultipleObjects
GetCommModemStatus
RequestWakeupLatency
GetConsoleHistoryInfo
GetThreadLocale
SetEnvironmentVariableW
AddScopedPolicyIDAce
SetThreadUILanguage
SetConsoleWindowInfo
GetUserDefaultLocaleName
LocalHandle
GetProcessId
SignalObjectAndWait
DeleteTimerQueueEx
GetUserDefaultUILanguage
GetNamedPipeClientComputerNameW
CompareStringOrdinal
GetThreadPreferredUILanguages
DeleteAtom
GetProcessVersion
GetConsoleAliasExesW
InitializeCriticalSection
SetFilePointer
GetProcessMitigationPolicy
EnumUILanguagesW
GetQueuedCompletionStatus
GetCompressedFileSizeW
GetConsoleTitleW
FlsGetValue
OpenFileById
WriteFileEx
FindFirstFileTransactedW
EnumResourceNamesW
UnlockFileEx
CreateBoundaryDescriptorW
PeekNamedPipe
EnumCalendarInfoExW
CreateMutexW
OpenFile
GetLargePageMinimum
CreateHardLinkW
ResetWriteWatch
GetVolumePathNameW
GetCommMask
LocalAlloc
CreateFileW
GetDateFormatEx
GetFileAttributesW
GetTapePosition
FreeLibraryAndExitThread
GetCurrentThreadId
UnregisterBadMemoryNotification
GetFileAttributesTransactedW
DebugActiveProcessStop
OpenEventW
EnumSystemCodePagesW
GetPrivateProfileSectionNamesW
ReleaseMutex
WriteTapemark
GetCommTimeouts
GetSystemDirectoryW
SetSearchPathMode
IsSystemResumeAutomatic
FreeEnvironmentStringsW
IsBadCodePtr
GetAtomNameW
HeapValidate
GetSystemDefaultLangID
GetACP
PrepareTape
RtlCaptureStackBackTrace
FreeResource
GlobalAddAtomW
FindFirstChangeNotificationW
SetProcessMitigationPolicy
GetNamedPipeInfo
SwitchToFiber
PostQueuedCompletionStatus
CancelWaitableTimer
GetVolumeNameForVolumeMountPointW
GetLogicalDriveStringsW
EndUpdateResourceW
RemoveSecureMemoryCacheCallback
MultiByteToWideChar
CloseThreadpoolCleanupGroupMembers
GetPrivateProfileStringW
ResolveLocaleName
SetVolumeLabelW
QueryThreadProfiling
WritePrivateProfileStructW
LocalFileTimeToFileTime
SetConsoleScreenBufferInfoEx
EnumSystemLanguageGroupsW
GetDevicePowerState
GetTickCount64
VerifyScripts
OpenWaitableTimerW
MoveFileWithProgressW
SetCalendarInfoW
Wow64RevertWow64FsRedirection
GetLastError
GetCurrencyFormatEx
WaitForThreadpoolWaitCallbacks
EnumSystemLocalesEx
CreateFileTransactedW
GetCalendarInfoW
EscapeCommFunction
GetFileAttributesA
GetLogicalProcessorInformationEx
SetCriticalSectionSpinCount
GetConsoleProcessList
OutputDebugStringW
WaitCommEvent
ReadConsoleInputW
FlushViewOfFile
GetThreadUILanguage
CreateFileA
GetUserDefaultLCID
FileTimeToSystemTime
GetNamedPipeHandleStateW
OfferVirtualMemory
GetCurrentThread
ReadConsoleOutputW
InterlockedFlushSList
TerminateThread
GetActiveProcessorGroupCount
LoadLibraryA
lstrcatW
WaitForSingleObjectEx
ReclaimVirtualMemory
QueryPerformanceFrequency
DeleteFileW
OpenSemaphoreW
lstrcpyA
GlobalFree
CloseHandle
SetProcessPreferredUILanguages
WriteConsoleOutputAttribute
CreateThreadpoolCleanupGroup
GetProcessIoCounters
GetNativeSystemInfo
AllocateUserPhysicalPagesNuma
CompareStringEx
FreeConsole
GetSystemInfo
CreateSymbolicLinkTransactedW
GetProcessHeaps
WriteProfileSectionW
BindIoCompletionCallback
SetThreadpoolWait
CreateThreadpoolTimer
LoadLibraryW
CancelIoEx
HeapSetInformation
GetThreadIOPendingFlag
FindNLSString
SetComputerNameW
GetActiveProcessorCount
FindResourceW
HeapAlloc
WriteConsoleInputW
Wow64SuspendThread
ClearCommError
FileTimeToLocalFileTime
GetLocalTime
GetDefaultCommConfigW
GetUserGeoID
GetQueuedCompletionStatusEx
GetCurrentDirectoryW
GetProcessPreferredUILanguages
SetStdHandle
UpdateResourceW
GetCurrentConsoleFontEx
FindNextChangeNotification
VirtualProtectEx
SetVolumeMountPointW
FindNextFileNameW
HeapDestroy
GetNamedPipeClientSessionId
QueryIdleProcessorCycleTimeEx
IsThreadAFiber
LocalSize
GetCurrentProcessorNumber
GetThreadContext
SubmitThreadpoolWork
DeleteFileTransactedW
SetLocaleInfoW
SetThreadGroupAffinity
InitAtomTable
WriteConsoleW
GetErrorMode
SetProcessDEPPolicy
Beep
GetProcAddress
VirtualAllocEx
CreateMutexExW
LocalFree
GetTimeFormatW
MoveFileExW
GetThreadId
GetOverlappedResultEx
SetFileApisToOEM
ReplaceFileW
LockFileEx
GetFileSize
SetDefaultCommConfigW
CreateMemoryResourceNotification
ExitProcess
SetProtectedPolicy
DisableThreadProfiling
SetConsoleCP
FindFirstStreamW
GetProcessHeap
GetNumberOfConsoleInputEvents
SetThreadExecutionState
FreeLibrary
SetFirmwareEnvironmentVariableExW
TransactNamedPipe
CopyFileW
FlushInstructionCache
GetProfileStringW
SetThreadpoolStackInformation
GetNumaProximityNode
WideCharToMultiByte
SetCommBreak
GetVolumePathNamesForVolumeNameW
lstrcpyW
GetLongPathNameTransactedW
WinExec
RemoveVectoredContinueHandler
LocaleNameToLCID
WritePrivateProfileSectionW
GetThreadTimes
FreeUserPhysicalPages
QueryFullProcessImageNameW
ReadConsoleOutputCharacterW
LocalReAlloc
GetTempFileNameW
CreateProcessA
GetSystemTimeAsFileTime
AddAtomW
EnumSystemGeoID
TerminateJobObject
EnumSystemFirmwareTables
SetFileApisToANSI
Wow64GetThreadSelectorEntry
GetThreadGroupAffinity
VirtualFreeEx
CopyFileExW
CreateWaitableTimerExW
SetProcessWorkingSetSize
BackupRead
InterlockedPushEntrySList
MapViewOfFile
GetProcessPriorityBoost
GetNumaNodeProcessorMaskEx
FindNextVolumeW
IsValidLocaleName
lstrcmpiW
BackupSeek
QueryPerformanceCounter
GetNLSVersion
GetSystemRegistryQuota
CreateMailslotW
GetStringTypeW
GetSystemPreferredUILanguages
FreeLibraryWhenCallbackReturns
SetCommTimeouts
WaitNamedPipeW
GetTimeZoneInformationForYear
FlsFree
SetDllDirectoryW
SetCommConfig
GetCalendarInfoEx
GetStringTypeA
GetProcessHandleCount
MulDiv
InitializeSynchronizationBarrier
LocalUnlock
GetFirmwareEnvironmentVariableW
MoveFileW
VirtualQuery
GetVolumeInformationByHandleW
GetProcessTimes
GetFileTime
GlobalReAlloc
AddIntegrityLabelToBoundaryDescriptor
LoadLibraryExW
GenerateConsoleCtrlEvent
GetConsoleSelectionInfo
IsDebuggerPresent
VirtualQueryEx
DebugSetProcessKillOnExit
SetUnhandledExceptionFilter
IsBadStringPtrW
FileTimeToDosDateTime
CreateThreadpoolWork
HeapSize
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetOEMCP
IsValidCodePage
FindNextFileW
FindClose
HeapReAlloc
ReadConsoleW
EnumSystemLocalesW
IsValidLocale
GetLocaleInfoW
LCMapStringW
GetConsoleMode
GetConsoleOutputCP
FlushFileBuffers
GetFileType
GetStdHandle
SetFilePointerEx
GetFileSizeEx
GetModuleHandleExW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSectionAndSpinCount
RaiseException
TerminateProcess
GetCurrentProcess
InitializeSListHead
GetCurrentProcessId
GetModuleHandleW
GetStartupInfoW
UnhandledExceptionFilter
IsProcessorFeaturePresent
LCMapStringEx
DecodePointer
EncodePointer
DeleteCriticalSection
InitializeCriticalSectionEx
LeaveCriticalSection
QueryProtectedPolicy
IsThreadpoolTimerSet
GetLongPathNameW
SetConsoleActiveScreenBuffer
GetSystemTimeAdjustment
VirtualFree
EnterCriticalSection
FindFirstFileNameW
SetConsoleTextAttribute
SetDefaultDllDirectories
SetLastError
HeapFree
CreateSemaphoreExW
GetConsoleScreenBufferInfo
CopyFileTransactedW
VirtualProtect
GetSystemDefaultLCID
FindFirstVolumeW
MapUserPhysicalPagesScatter
LoadModule
RtlUnwind
NeedCurrentDirectoryForExePathW
FindFirstFileExW
WritePrivateProfileStringW
HeapCreate
WriteProcessMemory
GetProcessShutdownParameters
GetNumaAvailableMemoryNodeEx
InitOnceExecuteOnce
GlobalHandle
CompareFileTime
EnumTimeFormatsEx
CloseThreadpool
GetNamedPipeServerSessionId
LocalLock
CancelIo
GetThreadPriorityBoost
SetInformationJobObject
RemoveVectoredExceptionHandler
AddVectoredContinueHandler
GetConsoleAliasExesLengthW
SetConsoleCtrlHandler
QueryDosDeviceW
PowerSetRequest
SizeofResource
QueryUnbiasedInterruptTime
IsValidNLSVersion
ReadFile
EnterSynchronizationBarrier
GetPrivateProfileStructW
GetSystemFirmwareTable
SetProcessPriorityBoost
ResetEvent
GetNumaHighestNodeNumber
SetEndOfFile

user32

VkKeyScanExW
MapVirtualKeyW
SendMessageTimeoutW
GrayStringW
SetClipboardViewer
MessageBoxW
GetClipboardOwner
SetWindowRgn
GetGuiResources
ScreenToClient
GetScrollInfo
GetClassInfoW
InvalidateRgn
GetCapture
SetTimer
DdeConnect
GetMonitorInfoW
RegisterClassW
BroadcastSystemMessageExW
SetCoalescableTimer
SetMenuInfo
DrawStateW
IsProcessDPIAware
IsWinEventHookInstalled
MessageBoxA
GetSysColor
DdeQueryConvInfo
SetProcessWindowStation
UnhookWindowsHookEx
CreateAcceleratorTableW
IsRectEmpty
SetLayeredWindowAttributes
IntersectRect
CharNextW
ScrollWindowEx
IsWow64Message
DestroyCaret
IsCharAlphaW
GetTabbedTextExtentW
GetKeyNameTextW
DdeDisconnect
DdeFreeStringHandle
DdeQueryNextServer
GetAncestor
IsCharUpperW
GetCursorPos
GetWindowTextW
SendDlgItemMessageW

gdi32

FillPath
CreateBitmapIndirect
FrameRgn
GetColorAdjustment
GetBitmapDimensionEx
GetPaletteEntries
PlgBlt
EnumFontsW
PaintRgn
GetCharWidth32W
SetEnhMetaFileBits
SetLayout
GetStockObject
GetFontLanguageInfo
PolyBezierTo
PathToRegion
ExtFloodFill
GetDeviceCaps
PolyTextOutW
OffsetRgn
CreateRectRgn
GetBoundsRect
DeleteDC
AddFontResourceExW
SelectPalette
DrawEscape
SetViewportOrgEx
SelectClipRgn
CreatePalette
CombineTransform
ResizePalette
CreatePenIndirect
GetGlyphOutlineW
InvertRgn
ArcTo
SwapBuffers
GetBrushOrgEx
CreateBitmap
CreateFontIndirectW
GetRandomRgn
GetMapMode
GetMetaFileBitsEx
PtVisible
SetTextCharacterExtra
StartDocW
GetCharWidthW
UnrealizeObject
SetWorldTransform
SetBkMode
SetBrushOrgEx
GdiSetBatchLimit

crypt32

CryptStringToBinaryA

Exports

Exports

Ffoaefiokaejifd
UpdateDriverForPlugAndPlayDevicesW
Weoosafiawiogdui
libvlc_add_intf
libvlc_new
libvlc_playlist_play
libvlc_release
libvlc_set_app_id
libvlc_set_user_agent
libvlc_wait

Sections

.text
Size: 386KB - Virtual size: 385KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 230KB - Virtual size: 234KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.odata
Size: 72KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2b464709f4b94c4bc043fd735f7d08f5

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

crypt32

Exports

Exports

Sections

.text Size: 386KB - Virtual size: 385KB

.data Size: 230KB - Virtual size: 234KB

.odata Size: 72KB - Virtual size: 71KB

.reloc Size: 12KB - Virtual size: 10KB

.text
Size: 386KB - Virtual size: 385KB

.data
Size: 230KB - Virtual size: 234KB

.odata
Size: 72KB - Virtual size: 71KB

.reloc
Size: 12KB - Virtual size: 10KB