SecuriteInfo[.]com[.]Win32[.]RATX-gen[.]9691[.]30421[.]dll

Sharing

Copy URL

Twitter E-mail

General

Target

SecuriteInfo.com.Win32.RATX-gen.9691.30421.dll
Size

43KB
MD5

181929bb4cc45d3583ea4452612bfa64
SHA1

6e70dddc36940eed54a667ce78aa3e472588bf69
SHA256

a556e576a196de79eb772e958dd89208d946cd08e1b74d7faa5dc1d910f31e69
SHA512

b36e65c2d1ec713bfcde32eb3adfd38d965f7a71b62b60c3c02723924770b6f809a197ee78f1cc443b596fc5398f304c0b1f8b33a0f7a8ea8563cf52eddba63e
SSDEEP

768:lPQWf8Yz6SjdpZ4mKbYAhEpAxPzsWXNK/3Y0Ic6Ify150L7cW:lIxYuSxT4mgBs/h6ayn0L7cW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
SecuriteInfo.com.Win32.RATX-gen.9691.30421.dll

Files

SecuriteInfo.com.Win32.RATX-gen.9691.30421.dll
.dll windows x86

9f2a044c5a9b147f9099a1ace064f9a2

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

VirtualAlloc
Process32First
GetShortPathNameA
MoveFileWithProgressA
FlushViewOfFile
CloseHandle
WriteConsoleW
SetFilePointerEx
SetStdHandle
GetConsoleMode
GetConsoleCP
FlushFileBuffers
InitOnceExecuteOnce
GetFileType
LCMapStringEx
LoadLibraryW
OutputDebugStringW
GetStringTypeW
WideCharToMultiByte
RtlUnwind
HeapAlloc
LoadLibraryExW
GetModuleFileNameW
WriteFile
GetStdHandle
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
Sleep
MultiByteToWideChar
GetModuleHandleExW
ExitProcess
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
EnterCriticalSection
GetProcAddress
GetModuleHandleW
GetStartupInfoW
TerminateProcess
GetCurrentProcess
GetLastError
HeapFree
IsProcessorFeaturePresent
IsDebuggerPresent
EncodePointer
DecodePointer
SetLastError
InterlockedIncrement
InterlockedDecrement
GetCurrentThreadId
UnhandledExceptionFilter
SetUnhandledExceptionFilter
FlsGetValue
FlsSetValue
CreateFileW

comdlg32

PageSetupDlgW
FindTextA
PrintDlgW
CommDlgExtendedError
ChooseFontA
PrintDlgExW

shell32

SHGetFileInfo
ExtractIconA
SHBrowseForFolderW

resutils

ClusWorkerCreate
ResUtilEnumProperties
ResUtilGetAllProperties
ResUtilGetSzValue

user32

GetMenuStringW
CallMsgFilterW
DdeEnableCallback
PackDDElParam
DdeGetLastError
GetAltTabInfoA
DestroyIcon
TabbedTextOutW
CharToOemBuffA
GetDlgItemTextW
CheckRadioButton
GetTitleBarInfo
CreateCaret
DdeInitializeA
DeferWindowPos

oleaut32

VarFormat
VarI4FromDisp
VarBoolFromStr
VarDateFromDisp
VarI2FromDec
VarI2FromDate
VarBstrFromI1
VarCyFromUI1
VarDecFromUI2
VarI2FromStr
VarFix

winmm

DrvGetModuleHandle
joyReleaseCapture
midiInOpen
waveInGetDevCapsA
waveInGetID
midiOutCacheDrumPatches

ws2_32

WSACancelAsyncRequest
WSADuplicateSocketA
WSALookupServiceBeginW
connect
WSAAsyncGetServByName
setsockopt

Exports

Exports

HvTkcoed

Sections

.text
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9f2a044c5a9b147f9099a1ace064f9a2

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

comdlg32

shell32

resutils

user32

oleaut32

winmm

ws2_32

Exports

Exports

Sections

.text Size: 20KB - Virtual size: 19KB

.rdata Size: 12KB - Virtual size: 11KB

.data Size: 9KB - Virtual size: 16KB

.rsrc Size: 512B - Virtual size: 480B

.text
Size: 20KB - Virtual size: 19KB

.rdata
Size: 12KB - Virtual size: 11KB

.data
Size: 9KB - Virtual size: 16KB

.rsrc
Size: 512B - Virtual size: 480B