SecuriteInfo[.]com[.]Trojan[.]Win32[.]Sasfis[.]29679[.]86[.]dll | Triage

Sharing

Copy URL Twitter E-mail

General

Target

SecuriteInfo.com.Trojan.Win32.Sasfis.29679.86.dll
Size

2.2MB
MD5

22f272522cd3f367f332985987eb7488
SHA1

d8dd99b63e06525e2a14da46dc8ac12600410066
SHA256

51f8d9f00d44e561dced4a75baa285f0dafed6f176dc0d446731e18597b7eb53
SHA512

777c0686d93f2004b5badca6c0d3e983ad620912eb8e51a86df096e8534fd80de3e21d1db10515172d4db6dd0c796249826e7196a097138a4ac0a9645e6e5613
SSDEEP

49152:cAdf809jidYC2tHqPDVbm+s8KuqGaX0ToIBAUZLYkHgAfOyG:cAdf809jidYC2tHqPDXJBAUZL6AO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
SecuriteInfo.com.Trojan.Win32.Sasfis.29679.86.dll

Files

SecuriteInfo.com.Trojan.Win32.Sasfis.29679.86.dll
.dll windows:5 windows x86

63bc622ddbb364868c646ebb5f982ffe

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LocalFree
LocalAlloc
DisableThreadLibraryCalls
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter

Exports

Exports

Compress
CreateCompression
CreateDecompression
DeInitCompression
DeInitDecompression
Decompress
DestroyCompression
DestroyDecompression
InitCompression
InitDecompression
ResetCompression
ResetDecompression

Sections

.text
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 992B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 448B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ