SecuriteInfo[.]com[.]Win32[.]TrojanX-gen[.]9435[.]13503[.]dll

Sharing

Copy URL

Twitter E-mail

General

Target

SecuriteInfo.com.Win32.TrojanX-gen.9435.13503.dll
Size

277KB
MD5

a40c4fa0a0b2a1dcdbb304b8c95be695
SHA1

1f88361aed446e71f9f7109aa969f1c0dedd0a6b
SHA256

b1f725a37e86104fedfb6ffce8489304ac7bfad96e800d798dcc799161d0a058
SHA512

c4ae2c3f234b31be678279ea857aa57e8c551ff8231cba948a7901c2a0c15ab1eb22071a82dee9b0aa3d1920175b749db83678ff4493ac9eccadc029a76f5958
SSDEEP

6144:jVHrXy5nd7p+xqmTuJtkMkVLRRB35XuCa/Pqf/:j9W5dN+xqmTuJtwfuCaHqf/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
SecuriteInfo.com.Win32.TrojanX-gen.9435.13503.dll

Files

SecuriteInfo.com.Win32.TrojanX-gen.9435.13503.dll
.dll windows x86

e294fadf32b7ab9b8fe68793ffdc975b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

StrCmpNA

kernel32

RtlUnwind
WriteConsoleW
FreeEnvironmentStringsA
AddAtomA
FillConsoleOutputAttribute
FindCloseChangeNotification
GetPrivateProfileSectionA
VirtualAlloc
VirtualProtect
VirtualFree
GetModuleHandleW
GetProcAddress
EnumSystemCodePagesW
CloseHandle
CreateFileW
OutputDebugStringW
ReadConsoleW
ReadFile
SetFilePointerEx
GetFileSizeEx
GetConsoleMode
GetConsoleOutputCP
WriteFile
FlushFileBuffers
SetStdHandle
HeapReAlloc
HeapSize
GetStringTypeW
SetConsoleCtrlHandler
GetFileType
GetStdHandle
GetProcessHeap
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
LCMapStringW
CompareStringW
GetTimeFormatW
GetDateFormatW
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
WideCharToMultiByte
MultiByteToWideChar
GetCommandLineW
GetCommandLineA
GetCPInfo
GetOEMCP
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetStartupInfoW
IsProcessorFeaturePresent
GetCurrentProcess
TerminateProcess
InterlockedPushEntrySList
InterlockedFlushSList
DecodePointer
GetLastError
SetLastError
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
LoadLibraryExW
EncodePointer
RaiseException
ExitProcess
GetModuleHandleExW
GetModuleFileNameW
GetCurrentThread
HeapAlloc
HeapFree
FindClose
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetACP

urlmon

FindMediaTypeClass
URLDownloadToFileW
RegisterFormatEnumerator
CoInternetCreateSecurityManager
GetSoftwareUpdateInfo
URLDownloadToFileA

resutils

ResUtilVerifyService
ResUtilEnumResources
ResUtilGetProperties
ResUtilSetMultiSzValue
ResUtilGetBinaryValue

mscms

SetStandardColorSpaceProfileA
InstallColorProfileW
GetColorProfileFromHandle
OpenColorProfileW
DeleteColorTransform
OpenColorProfileA
SetColorProfileElement
CreateProfileFromLogColorSpaceA

mpr

WNetAddConnection3A
WNetConnectionDialog1W
WNetUseConnectionW
WNetConnectionDialog1A

shell32

SHEmptyRecycleBinA
SHBrowseForFolderW

loadperf

LoadPerfCounterTextStringsA
LoadPerfCounterTextStringsW
UnloadPerfCounterTextStringsW
UnloadPerfCounterTextStringsA

Exports

Exports

JKbtgdfd
_AllocateExecutableMemory@4
_AllocateMemory@4
_AllocateReadOnlyMemory@4
_ChangeMemoryProtection@16
_CompareMemory@12
_FindPattern@16
_FreeMemory@4
_GCopyMemory@12
_GFillMemory@12
_GMoveMemory@12
_GZeroMemory@8
_ReadMemory@12
_WriteMemory@12

Sections

.text
Size: 227KB - Virtual size: 226KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 37KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e294fadf32b7ab9b8fe68793ffdc975b

Headers

DLL Characteristics

File Characteristics

Imports

shlwapi

kernel32

urlmon

resutils

mscms

mpr

shell32

loadperf

Exports

Exports

Sections

.text Size: 227KB - Virtual size: 226KB

.rdata Size: 37KB - Virtual size: 37KB

.data Size: 3KB - Virtual size: 7KB

.reloc Size: 8KB - Virtual size: 8KB

.text
Size: 227KB - Virtual size: 226KB

.rdata
Size: 37KB - Virtual size: 37KB

.data
Size: 3KB - Virtual size: 7KB

.reloc
Size: 8KB - Virtual size: 8KB