SecuriteInfo[.]com[.]Win32[.]PWSX-gen[.]24106[.]24902

Sharing

Copy URL Twitter E-mail

General

Target

SecuriteInfo.com.Win32.PWSX-gen.24106.24902
Size

75KB
MD5

6527c67785f7f845c419eafa42fcac80
SHA1

a84761d96f8be76fe112b92384d776a5d37c8a1f
SHA256

5052c5afbe6ab1a3d27606c985848cb3ab2da75eb5f338b9daf5d91f5b36622b
SHA512

16e1580c78a2cd1fafc123531c5df99843540b5d4e5ffce5fd9b3e95177644cb87890a0b03d54853314f57d0d001f7a779832b81d2d0a78140a4823347451544
SSDEEP

1536:flpGQIgcORfb7u/lGbfRcfZit1dsW3cdmibplg:d0ZOf2/lGbAU12midW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
SecuriteInfo.com.Win32.PWSX-gen.24106.24902

Files

SecuriteInfo.com.Win32.PWSX-gen.24106.24902
.dll windows x86

1148116808daa700e5059fa51907e932

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

shlwapi

StrCmpNA
StrRChrW

kernel32

QueryPerformanceCounter
MoveFileExA
OutputDebugStringW
VirtualFree
GetModuleHandleW
GetProcAddress
GetModuleFileNameW
CreateFileW
SetFilePointerEx
GetConsoleMode
GetConsoleCP
WriteFile
FlushFileBuffers
SetStdHandle
HeapReAlloc
BuildCommDCBA
GetStringTypeW
GetFileType
GetStdHandle
GetProcessHeap
LCMapStringW
GetModuleHandleExW
ExitProcess
RaiseException
LoadLibraryExW
FreeLibrary
TlsFree
LockResource
GetConsoleCursorInfo
InterlockedExchange
IsBadHugeWritePtr
CloseHandle
WriteConsoleW
HeapSize
DecodePointer
FreeEnvironmentStringsW
GetEnvironmentStringsW
WideCharToMultiByte
MultiByteToWideChar
GetCommandLineW
GetCommandLineA
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
FindNextFileW
FindFirstFileExW
FindClose
HeapFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
SetLastError
HeapAlloc
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetStartupInfoW
IsProcessorFeaturePresent
GetCurrentProcess
TerminateProcess
InterlockedFlushSList
RtlUnwind
GetLastError

shell32

DoEnvironmentSubstA
WOWShellExecute

msi

ord11
ord133
ord91
ord111
ord171
ord132
ord148
ord158
ord95

wininet

HttpSendRequestExW
InternetGetCookieW
FtpFindFirstFileA
InternetLockRequestFile
FreeUrlCacheSpaceW
InternetCanonicalizeUrlA
InternetCombineUrlA
InternetConfirmZoneCrossing
ReadUrlCacheEntryStream
HttpAddRequestHeadersW

mpr

WNetGetNetworkInformationA
WNetGetUniversalNameW
WNetGetNetworkInformationW
WNetGetResourceParentA
WNetConnectionDialog1A
WNetEnumResourceW

comdlg32

FindTextA
ReplaceTextW
ChooseColorA
PrintDlgA
GetFileTitleW
ReplaceTextA
PageSetupDlgA

user32

IsClipboardFormatAvailable
AdjustWindowRectEx
IMPGetIMEA
SendInput
OemToCharW
IsDialogMessageA

pdh

PdhGetDefaultPerfObjectA
PdhEnumMachinesA
PdhLookupPerfNameByIndexA
PdhValidatePathA
PdhVbOpenQuery
PdhParseCounterPathA
PdhMakeCounterPathA
PdhBrowseCountersA

setupapi

SetupDiAskForOEMDisk
SetupSetDirectoryIdExA
SetupGetFieldCount
SetupDiRemoveDevice
SetupDiGetClassDescriptionExA
SetupDiSetSelectedDriverA
SetupPromptReboot
SetupDiClassNameFromGuidExA

Exports

Exports

Fosklcks

Sections

.text
Size: 41KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1148116808daa700e5059fa51907e932

Headers

DLL Characteristics

File Characteristics

Imports

shlwapi

kernel32

shell32

msi

wininet

mpr

comdlg32

user32

pdh

setupapi

Exports

Exports

Sections

.text Size: 41KB - Virtual size: 40KB

.rdata Size: 25KB - Virtual size: 24KB

.data Size: 2KB - Virtual size: 4KB

.rsrc Size: 6KB - Virtual size: 5KB

.text
Size: 41KB - Virtual size: 40KB

.rdata
Size: 25KB - Virtual size: 24KB

.data
Size: 2KB - Virtual size: 4KB

.rsrc
Size: 6KB - Virtual size: 5KB