SecuriteInfo[.]com[.]Trojan[.]Loader[.]1584[.]6714[.]17110[.]dll

Sharing

Copy URL

Twitter E-mail

General

Target

SecuriteInfo.com.Trojan.Loader.1584.6714.17110.dll
Size

277KB
MD5

6335f447e0555fca1d51629ae9a39f35
SHA1

a3c6efb1e8d5691f92036ef558a45e0f16ca9f9c
SHA256

94dcfc7778c2e65c6d565a5ea966a5774667e25c325a932a43cb3da0d97bd98a
SHA512

c987a6431663e9a82f27afda024731b667bc794cca7a6623efe4c4e55c74cc900d22795f8e78af83d12fc9d632e8ac129e41d406b54bba9b84276a11b2223cc4
SSDEEP

6144:7yL7uptL3AQZIODJuJXliwZ81A+ByuiKayolv:7yPutD1ZIODJuJXjuiKaBlv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
SecuriteInfo.com.Trojan.Loader.1584.6714.17110.dll

Files

SecuriteInfo.com.Trojan.Loader.1584.6714.17110.dll
.dll windows x86

5a7f7f5d7b3a25dbe6d2f859184a96f3

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAlloc
VirtualProtect
VirtualFree
GetModuleHandleW
GetProcAddress
EnumSystemCodePagesW
WriteConsoleW
CloseHandle
CreateFileW
OutputDebugStringW
ReadConsoleW
ReadFile
SetFilePointerEx
GetFileSizeEx
GetConsoleMode
GetConsoleOutputCP
WriteFile
FlushFileBuffers
SetStdHandle
HeapReAlloc
HeapSize
GetStringTypeW
SetConsoleCtrlHandler
GetFileType
GetStdHandle
GetProcessHeap
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
LCMapStringW
CompareStringW
GetTimeFormatW
GetDateFormatW
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
WideCharToMultiByte
MultiByteToWideChar
GetCommandLineW
GetCommandLineA
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
FindNextFileW
FindFirstFileExW
FindClose
HeapFree
HeapAlloc
GetCurrentThread
GetModuleFileNameW
GetModuleHandleExW
ExitProcess
RaiseException
EncodePointer
LoadLibraryExW
FreeLibrary
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
SetLastError
GetLastError
RtlUnwind
InterlockedFlushSList
InterlockedPushEntrySList
TerminateProcess
GetCurrentProcess
IsProcessorFeaturePresent
GetStartupInfoW
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsDebuggerPresent
InitializeSListHead
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
DecodePointer
QueryPerformanceCounter

msacm32

acmFormatEnumW
acmFilterTagEnumA
acmFilterChooseA
acmStreamOpen
acmFormatDetailsW
acmMetrics
acmFormatEnumA
acmDriverDetailsA
acmFilterDetailsW
acmFormatTagDetailsA

msi

ord163
ord44
ord63
ord152
ord104

oleaut32

SysFreeString
VarUI2FromBool
VarFix
VarUI4FromI4
SysAllocStringByteLen
VarR4FromI2

ole32

HMETAFILEPICT_UserMarshal
GetHookInterface
OleDuplicateData
HMETAFILE_UserFree
OleCreate
OleSetAutoConvert
CreateItemMoniker
MonikerRelativePathTo
StgOpenStorage
OleCreateDefaultHandler

mapi32

ord35
ord198
ord43
ord77
ord29
ord190
ord193

mswsock

s_perror
rexec
getnetbyname
NPLoadNameSpaces
TransmitFile
WSARecvEx

urlmon

IsLoggingEnabledA
MkParseDisplayNameEx
CreateAsyncBindCtx
CoInternetCreateZoneManager
URLOpenBlockingStreamA
HlinkGoForward
CoInternetQueryInfo
FindMimeFromData

winspool.drv

EnumJobsA
ord208
ResetPrinterW
DeletePrintProcessorW
GetPrinterDriverW
StartDocPrinterW
EnumMonitorsA
FreePrinterNotifyInfo

wsnmp32

ord220
ord503
ord606
ord906
ord203
ord201
ord101
ord603
ord500
ord200

Exports

Exports

JKbtgdfd
_AllocateExecutableMemory@4
_AllocateMemory@4
_AllocateReadOnlyMemory@4
_ChangeMemoryProtection@16
_CompareMemory@12
_FindPattern@16
_FreeMemory@4
_GCopyMemory@12
_GFillMemory@12
_GMoveMemory@12
_GZeroMemory@8
_ReadMemory@12
_WriteMemory@12

Sections

.text
Size: 227KB - Virtual size: 227KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 37KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5a7f7f5d7b3a25dbe6d2f859184a96f3

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

msacm32

msi

oleaut32

ole32

mapi32

mswsock

urlmon

winspool.drv

wsnmp32

Exports

Exports

Sections

.text Size: 227KB - Virtual size: 227KB

.rdata Size: 37KB - Virtual size: 37KB

.data Size: 3KB - Virtual size: 7KB

.reloc Size: 8KB - Virtual size: 8KB

.text
Size: 227KB - Virtual size: 227KB

.rdata
Size: 37KB - Virtual size: 37KB

.data
Size: 3KB - Virtual size: 7KB

.reloc
Size: 8KB - Virtual size: 8KB