SecuriteInfo[.]com[.]Win32[.]PWSX-gen[.]20302[.]26535

Sharing

Copy URL Twitter E-mail

General

Target

SecuriteInfo.com.Win32.PWSX-gen.20302.26535
Size

86KB
MD5

0329ad0ec581cf3cfbb4aafa6f7f64c7
SHA1

bd8364451ec038bea0d1e840a18e71c5ed3a6bf6
SHA256

1e1b4481ba7d52b87ebb7d57e8421d9fd26912ce371f389f5e30955da7764a6c
SHA512

93e430153a2f792a7478db091f97b6ff784a331b54384102eb6b9468a8de06247fd816d1d6fd18795671e52952850b7a158074486ab1e227cc634c9d87f89722
SSDEEP

1536:4qK6tA+BrbP1ATlcm/GWneYp2C8TUH000yoh8FihG7lsWkcdb1wefqCKMS6:4GR2TlcnWnkTUHAei0bGefWx6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
SecuriteInfo.com.Win32.PWSX-gen.20302.26535

Files

SecuriteInfo.com.Win32.PWSX-gen.20302.26535
.dll windows x86

511ba0baedaf264bc97c76c3c4d2b936

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

shlwapi

PathAddExtensionA
PathMakePrettyA
StrRChrW
PathStripPathW

kernel32

VirtualAlloc
VirtualFree
GetModuleHandleExW
LoadResource
LockResource
SizeofResource
FindResourceW
CreateFileW
SetFilePointerEx
GetConsoleMode
GetConsoleOutputCP
WriteFile
FlushFileBuffers
SetStdHandle
HeapReAlloc
CloseHandle
GetStringTypeW
GetFileType
GetStdHandle
GetProcessHeap
LCMapStringW
FreeEnvironmentStringsW
GetEnvironmentStringsW
WideCharToMultiByte
MultiByteToWideChar
GetCommandLineW
GetCommandLineA
WriteConsoleW
EncodePointer
DecodePointer
HeapSize
SetUnhandledExceptionFilter
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
FindNextFileW
FindFirstFileExW
FindClose
HeapAlloc
HeapFree
GetModuleFileNameW
ExitProcess
LoadLibraryExW
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
UnhandledExceptionFilter
RaiseException
GetStartupInfoW
IsProcessorFeaturePresent
GetModuleHandleW
GetCurrentProcess
TerminateProcess
InterlockedFlushSList
RtlUnwind
GetLastError
SetLastError
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
GetProcAddress

pdh

PdhMakeCounterPathA
PdhGetDllVersion
PdhVbOpenQuery
PdhGetRawCounterArrayA

wsnmp32

ord905
ord900
ord101
ord103
ord906
ord904
ord200

mswsock

GetAddressByNameW
GetNameByTypeA
s_perror
SetServiceA
EnumProtocolsW

mscms

OpenColorProfileW
GetColorDirectoryA
GetPS2ColorSpaceArray
TranslateBitmapBits
CheckBitmapBits
CreateColorTransformA
CreateProfileFromLogColorSpaceW
AssociateColorProfileWithDeviceW

msacm32

acmFilterChooseA
acmFilterTagDetailsW
acmMessage32
acmDriverEnum

comdlg32

GetSaveFileNameW
GetOpenFileNameA
ChooseColorW
PageSetupDlgW

oleaut32

ClearCustData
VarI4FromCy
VarI4FromStr
VarBoolFromR8
VarR4FromI2
VarCyMul

winmm

wid32Message
timeGetTime
mixerClose
waveInClose
waveInMessage

Exports

Exports

HvTkcoed

Sections

.text
Size: 51KB - Virtual size: 50KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 512B - Virtual size: 208B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

511ba0baedaf264bc97c76c3c4d2b936

Headers

DLL Characteristics

File Characteristics

Imports

shlwapi

kernel32

pdh

wsnmp32

mswsock

mscms

msacm32

comdlg32

oleaut32

winmm

Exports

Exports

Sections

.text Size: 51KB - Virtual size: 50KB

.rdata Size: 24KB - Virtual size: 24KB

.data Size: 2KB - Virtual size: 4KB

.gfids Size: 512B - Virtual size: 208B

.rsrc Size: 7KB - Virtual size: 6KB

.text
Size: 51KB - Virtual size: 50KB

.rdata
Size: 24KB - Virtual size: 24KB

.data
Size: 2KB - Virtual size: 4KB

.gfids
Size: 512B - Virtual size: 208B

.rsrc
Size: 7KB - Virtual size: 6KB