SecuriteInfo[.]com[.]Win32[.]TrojanX-gen[.]15998[.]5489[.]dll

Sharing

Copy URL Twitter E-mail

General

Target

SecuriteInfo.com.Win32.TrojanX-gen.15998.5489.dll
Size

88KB
MD5

6733955f3ba57acfcf6cfffd01fc6fb4
SHA1

ea7e83d2ea4ea2b966dc7962329ced275555eb69
SHA256

6d340bfaee5a1ed696eb7a16d95c8b56d40292619b0e67bdc4d6dc666797f9e1
SHA512

5235e0f83379d186394f6001c287e4398c4074021c9db2ba58f1fbc3a16a088de4efefa18e5791e0a8a2c6caa3965ed62d4af902c95892a51d4ababe8086b6c7
SSDEEP

1536:sOG3J7Me+XlupP2ppGj8JiGVfWNhaQ34eWunuAcruCjRo1k:chM5TJifN0Q35ZuH3Ro

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
SecuriteInfo.com.Win32.TrojanX-gen.15998.5489.dll

Files

SecuriteInfo.com.Win32.TrojanX-gen.15998.5489.dll
.dll windows x86

f83538eccac01067213e02f4ca25b91d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
GetDateFormatA
GetTimeFormatA
RtlUnwind
InitializeCriticalSectionAndSpinCount
LoadLibraryA
InterlockedExchange
FreeLibrary
SetConsoleCtrlHandler
IsDebuggerPresent
SetUnhandledExceptionFilter
IsValidLocale
GetCurrentProcess
TerminateProcess
WriteFile
HeapReAlloc
GetStringTypeA
MultiByteToWideChar
GetStringTypeW
LCMapStringA
LCMapStringW
HeapSize
GetLocaleInfoW
GetTimeZoneInformation
CompareStringA
HeapAlloc
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
EnterCriticalSection
FatalAppExitA
LeaveCriticalSection
GetSystemTimeAsFileTime
GetCurrentProcessId
CompareStringW
GetModuleHandleW
GetProcAddress
EnumSystemCodePagesW
VirtualFree
VirtualProtect
UnhandledExceptionFilter
VirtualAlloc
GetTickCount
QueryPerformanceCounter
HeapDestroy
HeapCreate
GetEnvironmentStringsW
WideCharToMultiByte
FreeEnvironmentStringsW
GetEnvironmentStrings
SetEnvironmentVariableA
FreeEnvironmentStringsA
GetModuleFileNameA
DeleteCriticalSection
GetCurrentThreadId
GetCommandLineA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetLastError
InterlockedDecrement
GetCurrentThread
HeapFree
Sleep
ExitProcess
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA

msi

ord136
ord124
ord8
ord85

resutils

ResUtilEnumPrivateProperties
ResUtilSetPrivatePropertyList
ResUtilGetDwordValue
ResUtilResourcesEqual
ClusWorkerCheckTerminate
ResUtilStopResourceService

rtm

RtmAddRoute
RtmBlockDeleteRoutes
RtmGetFirstRoute
RtmRegisterClient
RtmEnumerateGetNextRoute

oleaut32

BSTR_UserMarshal
VarCyAbs
VarUI1FromCy
BSTR_UserSize
BSTR_UserFree
VarUI2FromDisp
VarUI1FromR4
VarDecDiv
VarI2FromDate
VarBstrCat

crypt32

CertAlgIdToOID
CertVerifySubjectCertificateContext
CryptInstallOIDFunctionAddress
CertFreeCTLContext
CertSaveStore
CryptDecryptMessage
CertSetEnhancedKeyUsage
CertNameToStrA

rtutils

RouterLogEventDataA
RouterGetErrorStringW
TraceDeregisterExW
RouterLogEventStringA
RouterLogDeregisterA
RouterLogRegisterA
LogEventA
TraceVprintfExA
TraceRegisterExA

gdi32

GetGlyphOutlineW
GetGraphicsMode
RealizePalette
GetCharABCWidthsA
SetMapperFlags
SetViewportOrgEx
GetDCBrushColor
FrameRgn

ws2_32

socket
WSAStringToAddressA
select
WSAIsBlocking
WSASetServiceA
WSAInstallServiceClassW

mpr

WNetCloseEnum
WNetGetResourceParentA
WNetGetResourceParentW
WNetGetUserA

Exports

Exports

JKbtgdfd
_AllocateExecutableMemory@4
_AllocateMemory@4
_AllocateReadOnlyMemory@4
_ChangeMemoryProtection@16
_CompareMemory@12
_FindPattern@16
_FreeMemory@4
_GCopyMemory@12
_GFillMemory@12
_GMoveMemory@12
_GZeroMemory@8
_ReadMemory@12
_WriteMemory@12

Sections

.text
Size: 68KB - Virtual size: 68KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f83538eccac01067213e02f4ca25b91d

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

msi

resutils

rtm

oleaut32

crypt32

rtutils

gdi32

ws2_32

mpr

Exports

Exports

Sections

.text Size: 68KB - Virtual size: 68KB

.rdata Size: 12KB - Virtual size: 11KB

.data Size: 3KB - Virtual size: 6KB

.reloc Size: 3KB - Virtual size: 3KB

.text
Size: 68KB - Virtual size: 68KB

.rdata
Size: 12KB - Virtual size: 11KB

.data
Size: 3KB - Virtual size: 6KB

.reloc
Size: 3KB - Virtual size: 3KB