SecuriteInfo[.]com[.]Win32[.]PWSX-gen[.]18899[.]5686[.]dll

Sharing

Copy URL Twitter E-mail

General

Target

SecuriteInfo.com.Win32.PWSX-gen.18899.5686.dll
Size

46KB
MD5

51df28ff4aa752c9ec3e7aa78fca32a6
SHA1

85dd02a685d6af1f65235c3d5fa099a6c6f80384
SHA256

f6f85660055449f6067caf1b7ac13ae1a689b0097c362c63667aba2e1f12f476
SHA512

8c68f1d9955c50af70103ee0f3cbdc4e3ff3dbcd8500115ac1f6746b47e9e40576f9bfeff18581984d30cf5243a0bd5a51780c20185c52d4f3f2401ee4465c2a
SSDEEP

768:MLS4WFkWFhTdW66YL36jOG7bYtEESAboWV2NKsEBsQyddjViPCZ:MLS4U9XbgdKQfu2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
SecuriteInfo.com.Win32.PWSX-gen.18899.5686.dll

Files

SecuriteInfo.com.Win32.PWSX-gen.18899.5686.dll
.dll windows x86

e16bd71cc52f8b2347f0367958a2caa0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
WriteConsoleW
GetProcAddress
GetModuleHandleW
SetFilePointerEx
VirtualFree
SetStdHandle
GetConsoleMode
VirtualAlloc
GetConsoleCP
FlushFileBuffers
LCMapStringEx
HeapSize
LoadLibraryW
OutputDebugStringW
GetStringTypeW
HeapReAlloc
HeapAlloc
RtlUnwind
LoadLibraryExW
GetModuleFileNameW
WriteFile
IsProcessorFeaturePresent
IsDebuggerPresent
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
LeaveCriticalSection
EnterCriticalSection
Sleep
TerminateProcess
GetCurrentProcess
FlsFree
FlsSetValue
FlsGetValue
FlsAlloc
SetUnhandledExceptionFilter
UnhandledExceptionFilter
WideCharToMultiByte
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetTickCount64
GetSystemTimeAsFileTime
QueryPerformanceCounter
HeapFree
GetCommandLineA
GetCurrentThreadId
GetLastError
SetLastError
InterlockedIncrement
InterlockedDecrement
EncodePointer
DecodePointer
ExitProcess
GetModuleHandleExW
MultiByteToWideChar
GetProcessHeap
GetStdHandle
GetFileType
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
InitOnceExecuteOnce
GetStartupInfoW
GetModuleFileNameA
CreateFileW

loadperf

LoadPerfCounterTextStringsW

avifil32

AVIStreamEndStreaming
AVIFileEndRecord
AVISaveV

msvfw32

DrawDibBegin
DrawDibDraw
DrawDibChangePalette

urlmon

CoInternetGetSession
FindMimeFromData
BindAsyncMoniker
ObtainUserAgentString

oleaut32

VarUI1FromUI4
VarDecFromUI1
VarBoolFromDate
LPSAFEARRAY_Marshal
VarI2FromBool
DispGetIDsOfNames
VarCyFromI4
VarDateFromStr

wininet

HttpSendRequestW
FtpFindFirstFileA
FindFirstUrlCacheEntryW
InternetGetCookieW
InternetReadFile
InternetSetOptionExA
InternetDial

mswsock

EnumProtocolsW
AcceptEx
GetServiceW
GetTypeByNameW
GetAddressByNameA
SetServiceW
rcmd
s_perror
rexec
GetTypeByNameA

odbc32

ord166
ord86
ord22
ord32
ord13
ord53
ord28
ord62

wsnmp32

ord201
ord204
ord502
ord220

Exports

Exports

Fosklcks

Sections

.text
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e16bd71cc52f8b2347f0367958a2caa0

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

loadperf

avifil32

msvfw32

urlmon

oleaut32

wininet

mswsock

odbc32

wsnmp32

Exports

Exports

Sections

.text Size: 25KB - Virtual size: 24KB

.rdata Size: 10KB - Virtual size: 9KB

.data Size: 4KB - Virtual size: 11KB

.rsrc Size: 6KB - Virtual size: 5KB

.text
Size: 25KB - Virtual size: 24KB

.rdata
Size: 10KB - Virtual size: 9KB

.data
Size: 4KB - Virtual size: 11KB

.rsrc
Size: 6KB - Virtual size: 5KB