SecuriteInfo[.]com[.]Win32[.]TrojanX-gen[.]11021[.]29362[.]dll

Sharing

Copy URL

Twitter E-mail

General

Target

SecuriteInfo.com.Win32.TrojanX-gen.11021.29362.dll
Size

277KB
MD5

fe8d97766d43cb2325e30421ccd9583e
SHA1

53ff473d6b9dbc624e8fdb4575e680658cff41cc
SHA256

61e8097de8efef06b7510abffb5e8be94f70c8c8e00c5ac8c3dc00e8be45f740
SHA512

294cccc6ec23970607ad60112c27abe3cb58d855efada0f6e015380536106e0fa210bd0117afa73beeb14a763e4bdf986734c7170d0473e36699226d07578694
SSDEEP

6144:EVYSZj97f6GjeZpoZ01LFRAE1HuyaRPqf/:uZhz6GjeZpl7uyaRqf/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
SecuriteInfo.com.Win32.TrojanX-gen.11021.29362.dll

Files

SecuriteInfo.com.Win32.TrojanX-gen.11021.29362.dll
.dll windows x86

e294fadf32b7ab9b8fe68793ffdc975b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

StrCmpNA

kernel32

RtlUnwind
WriteConsoleW
FreeEnvironmentStringsA
AddAtomA
FillConsoleOutputAttribute
FindCloseChangeNotification
GetPrivateProfileSectionA
VirtualAlloc
VirtualProtect
VirtualFree
GetModuleHandleW
GetProcAddress
EnumSystemCodePagesW
CloseHandle
CreateFileW
OutputDebugStringW
ReadConsoleW
ReadFile
SetFilePointerEx
GetFileSizeEx
GetConsoleMode
GetConsoleOutputCP
WriteFile
FlushFileBuffers
SetStdHandle
HeapReAlloc
HeapSize
GetStringTypeW
SetConsoleCtrlHandler
GetFileType
GetStdHandle
GetProcessHeap
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
LCMapStringW
CompareStringW
GetTimeFormatW
GetDateFormatW
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
WideCharToMultiByte
MultiByteToWideChar
GetCommandLineW
GetCommandLineA
GetCPInfo
GetOEMCP
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetStartupInfoW
IsProcessorFeaturePresent
GetCurrentProcess
TerminateProcess
InterlockedPushEntrySList
InterlockedFlushSList
DecodePointer
GetLastError
SetLastError
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
LoadLibraryExW
EncodePointer
RaiseException
ExitProcess
GetModuleHandleExW
GetModuleFileNameW
GetCurrentThread
HeapAlloc
HeapFree
FindClose
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetACP

urlmon

FindMediaTypeClass
URLDownloadToFileW
RegisterFormatEnumerator
CoInternetCreateSecurityManager
GetSoftwareUpdateInfo
URLDownloadToFileA

resutils

ResUtilVerifyService
ResUtilEnumResources
ResUtilGetProperties
ResUtilSetMultiSzValue
ResUtilGetBinaryValue

mscms

SetStandardColorSpaceProfileA
InstallColorProfileW
GetColorProfileFromHandle
OpenColorProfileW
DeleteColorTransform
OpenColorProfileA
SetColorProfileElement
CreateProfileFromLogColorSpaceA

mpr

WNetAddConnection3A
WNetConnectionDialog1W
WNetUseConnectionW
WNetConnectionDialog1A

shell32

SHEmptyRecycleBinA
SHBrowseForFolderW

loadperf

LoadPerfCounterTextStringsA
LoadPerfCounterTextStringsW
UnloadPerfCounterTextStringsW
UnloadPerfCounterTextStringsA

Exports

Exports

JKbtgdfd
_AllocateExecutableMemory@4
_AllocateMemory@4
_AllocateReadOnlyMemory@4
_ChangeMemoryProtection@16
_CompareMemory@12
_FindPattern@16
_FreeMemory@4
_GCopyMemory@12
_GFillMemory@12
_GMoveMemory@12
_GZeroMemory@8
_ReadMemory@12
_WriteMemory@12

Sections

.text
Size: 227KB - Virtual size: 226KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 37KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e294fadf32b7ab9b8fe68793ffdc975b

Headers

DLL Characteristics

File Characteristics

Imports

shlwapi

kernel32

urlmon

resutils

mscms

mpr

shell32

loadperf

Exports

Exports

Sections

.text Size: 227KB - Virtual size: 226KB

.rdata Size: 37KB - Virtual size: 37KB

.data Size: 3KB - Virtual size: 7KB

.reloc Size: 8KB - Virtual size: 8KB

.text
Size: 227KB - Virtual size: 226KB

.rdata
Size: 37KB - Virtual size: 37KB

.data
Size: 3KB - Virtual size: 7KB

.reloc
Size: 8KB - Virtual size: 8KB