SecuriteInfo[.]com[.]Variant[.]Cerbu[.]181806[.]24975[.]16516[.]dll

Sharing

Copy URL Twitter E-mail

General

Target

SecuriteInfo.com.Variant.Cerbu.181806.24975.16516.dll
Size

90KB
MD5

2c3446810e658ef2d584e8d9ebd57b57
SHA1

bdfdf1b9f705ec239825a1bbbd13488c75e021ce
SHA256

9c04badf89fa766885ad05082de8e91f69676e83eb41f8c6206623f4019394c6
SHA512

a2d6924b335f40e1873398e5d575f6d03af234234a21f062ae85140a082fe2d87e3ab07c6667e09b33b618d09438cb73c2b0ee57649987861c1823db7b74c431
SSDEEP

1536:olHRGZPvU5tww+9uyads7t9qKgb5Y62ur7oPUmT8tYu8K698tsWrnwcdbS+998mW:oRHfwdadsbqLbB7oPe56ybS+9mmgr90s

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
SecuriteInfo.com.Variant.Cerbu.181806.24975.16516.dll

Files

SecuriteInfo.com.Variant.Cerbu.181806.24975.16516.dll
.dll windows x86

fb8a80b0fe085dc3c95842d94bc1ac66

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

imm32

ImmGetRegisterWordStyleA
ImmIsIME
ImmGetRegisterWordStyleW
ImmSetCompositionStringA
ImmGetDescriptionA
ImmGetGuideLineW
ImmGetIMCCSize
ImmReleaseContext

kernel32

LCMapStringW
GetThreadTimes
FindAtomA
GetProfileStringA
SetErrorMode
DosDateTimeToFileTime
VirtualAlloc
VirtualFree
GetModuleHandleExW
LoadResource
LockResource
SizeofResource
FindResourceW
DecodePointer
EncodePointer
WriteConsoleW
CloseHandle
CreateFileW
SetFilePointerEx
GetConsoleMode
GetConsoleOutputCP
WriteFile
FlushFileBuffers
SetStdHandle
HeapReAlloc
HeapSize
GetStringTypeW
GetFileType
GetStdHandle
GetProcessHeap
FreeEnvironmentStringsW
GetEnvironmentStringsW
WideCharToMultiByte
MultiByteToWideChar
GetCommandLineW
GetCommandLineA
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
FindNextFileW
FindFirstFileExW
FindClose
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetStartupInfoW
IsProcessorFeaturePresent
GetModuleHandleW
GetCurrentProcess
TerminateProcess
InterlockedFlushSList
RtlUnwind
GetLastError
SetLastError
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
GetProcAddress
LoadLibraryExW
ExitProcess
GetModuleFileNameW
HeapFree
HeapAlloc
RaiseException

urlmon

CoInternetGetSecurityUrl
CoInternetParseUrl
URLOpenPullStreamW
IsLoggingEnabledA
BindAsyncMoniker
RegisterFormatEnumerator
RegisterBindStatusCallback
URLOpenStreamA

wininet

CreateUrlCacheContainerA
InternetSetOptionW
InternetOpenW
InternetSetStatusCallback
InternetAttemptConnect
HttpSendRequestW
InternetAutodialHangup
FtpDeleteFileA

pdh

PdhGetDllVersion
PdhGetDefaultPerfCounterA
PdhGetCounterInfoW
PdhOpenQuery
PdhGetDefaultPerfCounterW
PdhOpenLogW
PdhSelectDataSourceW

wsnmp32

ord105
ord400
ord220
ord606
ord501
ord600
ord202
ord401
ord906

msacm32

acmFilterTagDetailsW
acmDriverDetailsW
acmDriverID
acmDriverAddW
acmFormatSuggest
acmFormatTagEnumW
acmFormatEnumW

Exports

Exports

HvTkcoed

Sections

.text
Size: 51KB - Virtual size: 50KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 512B - Virtual size: 208B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fb8a80b0fe085dc3c95842d94bc1ac66

Headers

DLL Characteristics

File Characteristics

Imports

imm32

kernel32

urlmon

wininet

pdh

wsnmp32

msacm32

Exports

Exports

Sections

.text Size: 51KB - Virtual size: 50KB

.rdata Size: 24KB - Virtual size: 24KB

.data Size: 2KB - Virtual size: 4KB

.gfids Size: 512B - Virtual size: 208B

.rsrc Size: 7KB - Virtual size: 6KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 51KB - Virtual size: 50KB

.rdata
Size: 24KB - Virtual size: 24KB

.data
Size: 2KB - Virtual size: 4KB

.gfids
Size: 512B - Virtual size: 208B

.rsrc
Size: 7KB - Virtual size: 6KB

.reloc
Size: 4KB - Virtual size: 3KB