SecuriteInfo[.]com[.]Win32[.]PWSX-gen[.]13517[.]31470[.]dll

Sharing

Copy URL Twitter E-mail

General

Target

SecuriteInfo.com.Win32.PWSX-gen.13517.31470.dll
Size

76KB
MD5

08e7cd43df2af18b15766a607d97edaa
SHA1

7f3e0f96f12f0029dca7526e431c2b34923138c0
SHA256

8fa8350adae9c5f771b4ca06db18a2b785486656d130709fb66d8a460a4707fb
SHA512

613f3aa5031d55e9fad7d55c519ef8dc1ce5a442ed374f80fb78b7014245a2c2abb7de402675517837df421635201df384b220b4c6780e0078dc444a492684fb
SSDEEP

1536:2lpGQIgcORfb7u/lGbfRcfZit1dsW3cdmEbpRxIXzbem:+0ZOf2/lGbAU12mEdjIXf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
SecuriteInfo.com.Win32.PWSX-gen.13517.31470.dll

Files

SecuriteInfo.com.Win32.PWSX-gen.13517.31470.dll
.dll windows x86

1148116808daa700e5059fa51907e932

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

shlwapi

StrCmpNA
StrRChrW

kernel32

QueryPerformanceCounter
MoveFileExA
OutputDebugStringW
VirtualFree
GetModuleHandleW
GetProcAddress
GetModuleFileNameW
CreateFileW
SetFilePointerEx
GetConsoleMode
GetConsoleCP
WriteFile
FlushFileBuffers
SetStdHandle
HeapReAlloc
BuildCommDCBA
GetStringTypeW
GetFileType
GetStdHandle
GetProcessHeap
LCMapStringW
GetModuleHandleExW
ExitProcess
RaiseException
LoadLibraryExW
FreeLibrary
TlsFree
LockResource
GetConsoleCursorInfo
InterlockedExchange
IsBadHugeWritePtr
CloseHandle
WriteConsoleW
HeapSize
DecodePointer
FreeEnvironmentStringsW
GetEnvironmentStringsW
WideCharToMultiByte
MultiByteToWideChar
GetCommandLineW
GetCommandLineA
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
FindNextFileW
FindFirstFileExW
FindClose
HeapFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
SetLastError
HeapAlloc
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetStartupInfoW
IsProcessorFeaturePresent
GetCurrentProcess
TerminateProcess
InterlockedFlushSList
RtlUnwind
GetLastError

shell32

DoEnvironmentSubstA
WOWShellExecute

msi

ord11
ord133
ord91
ord111
ord171
ord132
ord148
ord158
ord95

wininet

HttpSendRequestExW
InternetGetCookieW
FtpFindFirstFileA
InternetLockRequestFile
FreeUrlCacheSpaceW
InternetCanonicalizeUrlA
InternetCombineUrlA
InternetConfirmZoneCrossing
ReadUrlCacheEntryStream
HttpAddRequestHeadersW

mpr

WNetGetNetworkInformationA
WNetGetUniversalNameW
WNetGetNetworkInformationW
WNetGetResourceParentA
WNetConnectionDialog1A
WNetEnumResourceW

comdlg32

FindTextA
ReplaceTextW
ChooseColorA
PrintDlgA
GetFileTitleW
ReplaceTextA
PageSetupDlgA

user32

IsClipboardFormatAvailable
AdjustWindowRectEx
IMPGetIMEA
SendInput
OemToCharW
IsDialogMessageA

pdh

PdhGetDefaultPerfObjectA
PdhEnumMachinesA
PdhLookupPerfNameByIndexA
PdhValidatePathA
PdhVbOpenQuery
PdhParseCounterPathA
PdhMakeCounterPathA
PdhBrowseCountersA

setupapi

SetupDiAskForOEMDisk
SetupSetDirectoryIdExA
SetupGetFieldCount
SetupDiRemoveDevice
SetupDiGetClassDescriptionExA
SetupDiSetSelectedDriverA
SetupPromptReboot
SetupDiClassNameFromGuidExA

Exports

Exports

Fosklcks

Sections

.text
Size: 41KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1148116808daa700e5059fa51907e932

Headers

DLL Characteristics

File Characteristics

Imports

shlwapi

kernel32

shell32

msi

wininet

mpr

comdlg32

user32

pdh

setupapi

Exports

Exports

Sections

.text Size: 41KB - Virtual size: 40KB

.rdata Size: 25KB - Virtual size: 24KB

.data Size: 2KB - Virtual size: 4KB

.rsrc Size: 6KB - Virtual size: 6KB

.text
Size: 41KB - Virtual size: 40KB

.rdata
Size: 25KB - Virtual size: 24KB

.data
Size: 2KB - Virtual size: 4KB

.rsrc
Size: 6KB - Virtual size: 6KB