SecuriteInfo[.]com[.]BackDoor[.]Tordev[.]866[.]2452[.]20017[.]dll

Sharing

Copy URL Twitter E-mail

General

Target

SecuriteInfo.com.BackDoor.Tordev.866.2452.20017.dll
Size

4.3MB
MD5

9fed911957cafa06cb42bd85a06838dd
SHA1

f7e0cebe9cb2a29dc52d3e39bf5208fa0ce687e1
SHA256

cc7480bd5bacd2836a0e21bc74627d032f9d0eb9b630222606cd5fec9f982528
SHA512

17962e92438b2e933d7bf749f1334a36949a917df3e4b1f112ff92abf4d85e6168cf8368f4f49303f4ac7a3adffb9fd0e49a3121ce0153d9b9a63b8af6fb92be
SSDEEP

98304:KyKMaL/eXV1i/kDxkmcL/eXV1i/kaRWYL/eXV1i/kmeM1qj4iwiANvSo2/CAysyx:KyKnZrrLGA3PhsK7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
SecuriteInfo.com.BackDoor.Tordev.866.2452.20017.dll

Files

SecuriteInfo.com.BackDoor.Tordev.866.2452.20017.dll
.dll windows:6 windows x86

bb2ed76d276846ebda271332ca1302b8

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

ntdll

RtlUnwind
RtlSetLastWin32Error
NlsAnsiCodePage
_aulldvrm
_wtoi
_alldiv
wcsncpy_s
iswspace
qsort
LdrFlushAlternateResourceModules
RtlCheckRegistryKey
RtlMultiByteToUnicodeSize
RtlPcToFileHeader
wcsrchr
RtlImageNtHeader
NtRaiseHardError
wcsncat_s
RtlIsNameLegalDOS8Dot3
strrchr
sscanf_s
strcpy_s
RtlSizeHeap
RtlGetThreadLangIdByIndex
RtlRunEncodeUnicodeString
RtlRunDecodeUnicodeString
RtlReAllocateHeap
CsrAllocateMessagePointer
RtlAllocateAndInitializeSid
RtlFreeSid
CsrAllocateCaptureBuffer
CsrCaptureMessageBuffer
CsrFreeCaptureBuffer
RtlNtStatusToDosError
NtOpenThreadToken
NtOpenProcessToken
NtQueryInformationToken
CsrClientCallServer
memmove
NtCallbackReturn
_allmul
RtlUnicodeToMultiByteSize
RtlInitializeCriticalSection
NtQuerySystemInformation
RtlDeleteCriticalSection
RtlGetIntegerAtom
_stricmp
_wcsicmp
CsrClientConnectToServer
RtlIsThreadWithinLoaderCallout
NtYieldExecution
NtCreateKey
NtSetValueKey
NtDeleteValueKey
NtOpenDirectoryObject
wcstoul
NtVdmControl
_vsnwprintf
RtlQueryInformationActiveActivationContext
RtlCreateUnicodeStringFromAsciiz
RtlInitAnsiString
RtlAnsiStringToUnicodeString
RtlFreeUnicodeString
NtSetSecurityObject
NtQuerySecurityObject
NtQueryInformationProcess
wcstol
RtlActivateActivationContextUnsafeFast
RtlDeactivateActivationContextUnsafeFast
RtlFindActivationContextSectionString
RtlReleaseActivationContext
RtlMultiByteToUnicodeN
RtlUnicodeToMultiByteN
RtlLeaveCriticalSection
RtlEnterCriticalSection
memset
memcpy
RtlAllocateHeap
RtlFreeHeap
RtlOpenCurrentUser
NtEnumerateKey
wcscpy_s
wcscat_s
NtOpenKey
NtClose
NtQueryValueKey
swprintf_s
RtlInitUnicodeString
RtlUnicodeStringToInteger

gdi32

CreateFontIndirectW
GetClipRgn
ExtSelectClipRgn
GetHFONT
GetMapMode
SetGraphicsMode
GetClipBox
CreateRectRgn
CreateRectRgnIndirect
SetLayout
GetBoundsRect
ExcludeClipRect
PlayEnhMetaFile
Ellipse
CreateEllipticRgn
GdiFixUpHandle
CreatePen
Rectangle
GetTextCharacterExtra
SetTextCharacterExtra
GetCurrentObject
GetViewportOrgEx
SetViewportOrgEx
PolyPatBlt
CreateBrushIndirect
SetBoundsRect
CopyEnhMetaFileW
CopyMetaFileW
GetPaletteEntries
CreatePalette
SetPaletteEntries
GetPixel
ExtTextOutA
GetTextCharsetInfo
QueryFontAssocStatus
GetCharWidthInfo
GetCharWidthA
GetTextFaceW
GetCharABCWidthsA
GetCharABCWidthsW
SetBrushOrgEx
EnumFontsW
GetTextFaceAliasW
GetTextMetricsW
GetTextColor
GdiGetCodePage
GetTextCharset
GetBkMode
GetViewportExtEx
GetWindowExtEx
GdiGetCharDimensions
GdiPrinterThunk
GdiLoadType1Fonts
GdiAddFontResourceW
TranslateCharsetInfo
SaveDC
OffsetWindowOrgEx
RestoreDC
ExtTextOutW
GetDIBits
CreateDIBSection
SetStretchBltMode
SelectPalette
RealizePalette
SetDIBits
CreateDCW
CreateDIBitmap
CreateCompatibleBitmap
SetBitmapBits
DeleteDC
GdiValidateHandle
GdiDllInitialize
GdiProcessSetup
GetStockObject
CreateSolidBrush
CreateCompatibleDC
GdiConvertBitmapV5
GdiCreateLocalEnhMetaFile
GdiCreateLocalMetaFilePict
GetRgnBox
CombineRgn
OffsetRgn
MirrorRgn
EnableEUDC
GdiConvertToDevmodeW
GetTextExtentPointA
GetTextExtentPointW
CreateBitmap
SetLayoutWidth
PatBlt
TextOutA
TextOutW
SetTextAlign
GetTextAlign
IntersectClipRect
SelectObject
SetBkMode
GetBkColor
GetObjectW
SetTextColor
SetBkColor
GetLayout
StretchDIBits
GetDeviceCaps
GetDIBColorTable
GdiGetBitmapBitsSize
DeleteObject
DeleteMetaFile
DeleteEnhMetaFile
GdiConvertMetaFilePict
GdiConvertEnhMetaFile
GdiReleaseDC
StretchBlt
GetObjectType
GdiConvertAndCheckDC
SetRectRgn
BitBlt

kernel32

SetLastError
InterlockedDecrement
InterlockedIncrement
GetACP
LocalReAlloc
LocalLock
LocalUnlock
LocalSize
LoadAppInitDlls
GetCurrentThreadId
GetModuleHandleW
QueryActCtxSettingsW
RegisterWaitForInputIdle
SizeofResource
LoadResource
LoadStringBaseExW
FindResourceExW
FindResourceExA
DisableThreadLibraryCalls
IsDBCSLeadByteEx
GetSystemDirectoryW
SearchPathW
ExpandEnvironmentStringsW
LoadLibraryExW
GlobalAddAtomW
GetCurrentProcess
GetCurrentThread
ExitThread
GetExitCodeThread
CreateThread
GlobalHandle
FoldStringW
Sleep
GetStringTypeW
GetStringTypeA
GetCPInfo
CompareStringW
FindResourceW
CloseHandle
ReadFile
SetFileTime
EnumResourceNamesExW
CreateProcessW
GetSystemWindowsDirectoryW
AddAtomA
AddAtomW
GetAtomNameA
GetAtomNameW
IsValidLocale
ConvertDefaultLocale
GetCurrentDirectoryW
SetCurrentDirectoryW
lstrlenW
GetLogicalDrives
FindClose
FindNextFileW
FindFirstFileW
GetThreadLocale
MulDiv
ProcessIdToSessionId
GetCurrentProcessId
WerpNotifyUseStringResource
InterlockedCompareExchange
IsDBCSLeadByte
GetVersionExW
RegQueryValueExW
RegOpenKeyExW
RegEnumValueW
RegQueryInfoKeyW
GetSystemDefaultLangID
WerpNotifyLoadStringResource
UnmapViewOfFile
GetFileSize
MapViewOfFile
CreateFileMappingW
LCMapStringW
QueryPerformanceCounter
QueryPerformanceFrequency
GetTickCount
lstrlenA
GlobalFindAtomA
GetModuleFileNameA
GetModuleHandleA
GlobalAddAtomA
DelayLoadFailureHook
LoadLibraryExA
GetSystemTimeAsFileTime
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GlobalFindAtomW
GetPrivateProfileStringW
RegSetValueExW
RegCloseKey
RegCreateKeyExW
RegDeleteKeyExW
GetUserDefaultLCID
GlobalUnlock
GlobalLock
GlobalSize
LocalFree
GlobalDeleteAtom
LocalAlloc
DeleteAtom
FreeLibrary
GetProcAddress
LoadLibraryW
InterlockedExchange
GlobalGetAtomNameA
GlobalGetAtomNameW
GetModuleFileNameW
GlobalFree
GetLocaleInfoW
GlobalFlags
WideCharToMultiByte
GetLastError
GetOEMCP
GlobalReAlloc
MultiByteToWideChar
GlobalAlloc
WaitForMultipleObjectsEx
SetEvent
CreateFileW
lstrcmpiW
WritePrivateProfileStringW

Exports

Exports

ActivateKeyboardLayout
AddClipboardFormatListener
AdjustWindowRect
AdjustWindowRectEx
AlignRects
AllowForegroundActivation
AllowSetForegroundWindow
AnimateWindow
AnyPopup
AppendMenuA
AppendMenuW
ArrangeIconicWindows
AttachThreadInput
BeginDeferWindowPos
BeginPaint
BlockInput
BringWindowToTop
BroadcastSystemMessage
BroadcastSystemMessageA
BroadcastSystemMessageExA
BroadcastSystemMessageExW
BroadcastSystemMessageW
BuildReasonArray
CalcMenuBar
CalculatePopupWindowPosition
CallMsgFilter
CallMsgFilterA
CallMsgFilterW
CallNextHookEx
CallWindowProcA
CallWindowProcW
CancelShutdown
CascadeChildWindows
CascadeWindows
ChangeClipboardChain
ChangeDisplaySettingsA
ChangeDisplaySettingsExA
ChangeDisplaySettingsExW
ChangeDisplaySettingsW
ChangeMenuA
ChangeMenuW
ChangeWindowMessageFilter
ChangeWindowMessageFilterEx
CharLowerA
CharLowerBuffA
CharLowerBuffW
CharLowerW
CharNextA
CharNextExA
CharNextW
CharPrevA
CharPrevExA
CharPrevW
CharToOemA
CharToOemBuffA
CharToOemBuffW
CharToOemW
CharUpperA
CharUpperBuffA
CharUpperBuffW
CharUpperW
CheckDesktopByThreadId
CheckDlgButton
CheckMenuItem
CheckMenuRadioItem
CheckRadioButton
CheckWindowThreadDesktop
ChildWindowFromPoint
ChildWindowFromPointEx
CliImmSetHotKey
ClientThreadSetup
ClientToScreen
ClipCursor
CloseClipboard
CloseDesktop
CloseGestureInfoHandle
CloseTouchInputHandle
CloseWindow
CloseWindowStation
ConsoleControl
ControlMagnification
CopyAcceleratorTableA
CopyAcceleratorTableW
CopyIcon
CopyImage
CopyRect
CountClipboardFormats
CreateAcceleratorTableA
CreateAcceleratorTableW
CreateCaret
CreateCursor
CreateDesktopA
CreateDesktopExA
CreateDesktopExW
CreateDesktopW
CreateDialogIndirectParamA
CreateDialogIndirectParamAorW
CreateDialogIndirectParamW
CreateDialogParamA
CreateDialogParamW
CreateIcon
CreateIconFromResource
CreateIconFromResourceEx
CreateIconIndirect
CreateMDIWindowA
CreateMDIWindowW
CreateMenu
CreatePopupMenu
CreateSystemThreads
CreateWindowExA
CreateWindowExW
CreateWindowStationA
CreateWindowStationW
CsrBroadcastSystemMessageExW
CtxInitUser32
DdeAbandonTransaction
DdeAccessData
DdeAddData
DdeClientTransaction
DdeCmpStringHandles
DdeConnect
DdeConnectList
DdeCreateDataHandle
DdeCreateStringHandleA
DdeCreateStringHandleW
DdeDisconnect
DdeDisconnectList
DdeEnableCallback
DdeFreeDataHandle
DdeFreeStringHandle
DdeGetData
DdeGetLastError
DdeGetQualityOfService
DdeImpersonateClient
DdeInitializeA
DdeInitializeW
DdeKeepStringHandle
DdeNameService
DdePostAdvise
DdeQueryConvInfo
DdeQueryNextServer
DdeQueryStringA
DdeQueryStringW
DdeReconnect
DdeSetQualityOfService
DdeSetUserHandle
DdeUnaccessData
DdeUninitialize
DefDlgProcA
DefDlgProcW
DefFrameProcA
DefFrameProcW
DefMDIChildProcA
DefMDIChildProcW
DefRawInputProc
DefWindowProcA
DefWindowProcW
DeferWindowPos
DeleteMenu
DeregisterShellHookWindow
DestroyAcceleratorTable
DestroyCaret
DestroyCursor
DestroyIcon
DestroyMenu
DestroyReasons
DestroyWindow
DeviceEventWorker
DialogBoxIndirectParamA
DialogBoxIndirectParamAorW
DialogBoxIndirectParamW
DialogBoxParamA
DialogBoxParamW
DisableProcessWindowsGhosting
DispatchMessageA
DispatchMessageW
DisplayConfigGetDeviceInfo
DisplayConfigSetDeviceInfo
DisplayExitWindowsWarnings
DlgDirListA
DlgDirListComboBoxA
DlgDirListComboBoxW
DlgDirListW
DlgDirSelectComboBoxExA
DlgDirSelectComboBoxExW
DlgDirSelectExA
DlgDirSelectExW
DoSoundConnect
DoSoundDisconnect
DragDetect
DragObject
DrawAnimatedRects
DrawCaption
DrawCaptionTempA
DrawCaptionTempW
DrawEdge
DrawFocusRect
DrawFrame
DrawFrameControl
DrawIcon
DrawIconEx
DrawMenuBar
DrawMenuBarTemp
DrawStateA
DrawStateW
DrawTextA
DrawTextExA
DrawTextExW
DrawTextW
DwmGetDxSharedSurface
DwmStartRedirection
DwmStopRedirection
EditWndProc
EmptyClipboard
EnableMenuItem
EnableScrollBar
EnableWindow
EndDeferWindowPos
EndDialog
EndMenu
EndPaint
EndTask
EnterReaderModeHelper
EnumChildWindows
EnumClipboardFormats
EnumDesktopWindows
EnumDesktopsA
EnumDesktopsW
EnumDisplayDevicesA
EnumDisplayDevicesW
EnumDisplayMonitors
EnumDisplaySettingsA
EnumDisplaySettingsExA
EnumDisplaySettingsExW
EnumDisplaySettingsW
EnumPropsA
EnumPropsExA
EnumPropsExW
EnumPropsW
EnumThreadWindows
EnumWindowStationsA
EnumWindowStationsW
EnumWindows
EqualRect
ExcludeUpdateRgn
ExitWindowsEx
FillRect
FindWindowA
FindWindowExA
FindWindowExW
FindWindowW
FlashWindow
FlashWindowEx
FrameRect
FreeDDElParam
FrostCrashedWindow
GetActiveWindow
GetAltTabInfo
GetAltTabInfoA
GetAltTabInfoW
GetAncestor
GetAppCompatFlags
GetAppCompatFlags2
GetAsyncKeyState
GetCapture
GetCaretBlinkTime
GetCaretPos
GetClassInfoA
GetClassInfoExA
GetClassInfoExW
GetClassInfoW
GetClassLongA
GetClassLongW
GetClassNameA
GetClassNameW
GetClassWord
GetClientRect
GetClipCursor
GetClipboardData
GetClipboardFormatNameA
GetClipboardFormatNameW
GetClipboardOwner
GetClipboardSequenceNumber
GetClipboardViewer
GetComboBoxInfo
GetCursor
GetCursorFrameInfo
GetCursorInfo
GetCursorPos
GetDC
GetDCEx
GetDesktopWindow
GetDialogBaseUnits
GetDisplayConfigBufferSizes
GetDlgCtrlID
GetDlgItem
GetDlgItemInt
GetDlgItemTextA
GetDlgItemTextW
GetDoubleClickTime
GetFocus
GetForegroundWindow
GetGUIThreadInfo
GetGestureConfig
GetGestureExtraArgs
GetGestureInfo
GetGuiResources
GetIconInfo
GetIconInfoExA
GetIconInfoExW
GetInputDesktop
GetInputLocaleInfo
GetInputState
GetInternalWindowPos
GetKBCodePage
GetKeyNameTextA
GetKeyNameTextW
GetKeyState
GetKeyboardLayout
GetKeyboardLayoutList
GetKeyboardLayoutNameA
GetKeyboardLayoutNameW
GetKeyboardState
GetKeyboardType
GetLastActivePopup
GetLastInputInfo
GetLayeredWindowAttributes
GetListBoxInfo
GetMagnificationDesktopColorEffect
GetMagnificationDesktopMagnification
GetMagnificationLensCtxInformation
GetMenu
GetMenuBarInfo
GetMenuCheckMarkDimensions
GetMenuContextHelpId
GetMenuDefaultItem
GetMenuInfo
GetMenuItemCount
GetMenuItemID
GetMenuItemInfoA
GetMenuItemInfoW
GetMenuItemRect
GetMenuState
GetMenuStringA
GetMenuStringW
GetMessageA
GetMessageExtraInfo
GetMessagePos
GetMessageTime
GetMessageW
GetMonitorInfoA
GetMonitorInfoW
GetMouseMovePointsEx
GetNextDlgGroupItem
GetNextDlgTabItem
GetOpenClipboardWindow
GetParent
GetPhysicalCursorPos
GetPriorityClipboardFormat
GetProcessDefaultLayout
GetProcessWindowStation
GetProgmanWindow
GetPropA
GetPropW
GetQueueStatus
GetRawInputBuffer
GetRawInputData
GetRawInputDeviceInfoA
GetRawInputDeviceInfoW
GetRawInputDeviceList
GetReasonTitleFromReasonCode
GetRegisteredRawInputDevices
GetScrollBarInfo
GetScrollInfo
GetScrollPos
GetScrollRange
GetSendMessageReceiver
GetShellWindow
GetSubMenu
GetSysColor
GetSysColorBrush
GetSystemMenu
GetSystemMetrics
GetTabbedTextExtentA
GetTabbedTextExtentW
GetTaskmanWindow
GetThreadDesktop
GetTitleBarInfo
GetTopLevelWindow
GetTopWindow
GetTouchInputInfo
GetUpdateRect
GetUpdateRgn
GetUpdatedClipboardFormats
GetUserObjectInformationA
GetUserObjectInformationW
GetUserObjectSecurity
GetWinStationInfo
GetWindow
GetWindowCompositionAttribute
GetWindowCompositionInfo
GetWindowContextHelpId
GetWindowDC
GetWindowDisplayAffinity
GetWindowInfo
GetWindowLongA
GetWindowLongW
GetWindowMinimizeRect
GetWindowModuleFileName
GetWindowModuleFileNameA
GetWindowModuleFileNameW
GetWindowPlacement
GetWindowRect
GetWindowRgn
GetWindowRgnBox
GetWindowRgnEx
GetWindowTextA
GetWindowTextLengthA
GetWindowTextLengthW
GetWindowTextW
GetWindowThreadProcessId
GetWindowWord
GhostWindowFromHungWindow
GrayStringA
GrayStringW
HideCaret
HiliteMenuItem
HungWindowFromGhostWindow
IMPGetIMEA
IMPGetIMEW
IMPQueryIMEA
IMPQueryIMEW
IMPSetIMEA
IMPSetIMEW
ImpersonateDdeClientWindow
InSendMessage
InSendMessageEx
InflateRect
InitializeLpkHooks
InsertMenuA
InsertMenuItemA
InsertMenuItemW
InsertMenuW
InternalGetWindowIcon
InternalGetWindowText
IntersectRect
InvalidateRect
InvalidateRgn
InvertRect
IsCharAlphaA
IsCharAlphaNumericA
IsCharAlphaNumericW
IsCharAlphaW
IsCharLowerA
IsCharLowerW
IsCharUpperA
IsCharUpperW
IsChild
IsClipboardFormatAvailable
IsDialogMessage
IsDialogMessageA
IsDialogMessageW
IsDlgButtonChecked
IsGUIThread
IsHungAppWindow
IsIconic
IsMenu
IsProcessDPIAware
IsRectEmpty
IsSETEnabled
IsServerSideWindow
IsThreadDesktopComposited
IsTopLevelWindow
IsTouchWindow
IsWinEventHookInstalled
IsWindow
IsWindowEnabled
IsWindowInDestroy
IsWindowRedirectedForPrint
IsWindowUnicode
IsWindowVisible
IsWow64Message
IsZoomed
KillTimer
LoadAcceleratorsA
LoadAcceleratorsW
LoadBitmapA
LoadBitmapW
LoadCursorA
LoadCursorFromFileA
LoadCursorFromFileW
LoadCursorW
LoadIconA
LoadIconW
LoadImageA
LoadImageW
LoadKeyboardLayoutA
LoadKeyboardLayoutEx
LoadKeyboardLayoutW
LoadLocalFonts

Sections

.text
Size: 414KB - Virtual size: 413KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 361KB - Virtual size: 360KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bb2ed76d276846ebda271332ca1302b8

Headers

DLL Characteristics

File Characteristics

Imports

ntdll

gdi32

kernel32

Exports

Exports

Sections

.text Size: 414KB - Virtual size: 413KB

.data Size: 4KB - Virtual size: 3KB

.rsrc Size: 361KB - Virtual size: 360KB

.reloc Size: 12KB - Virtual size: 12KB

.text
Size: 414KB - Virtual size: 413KB

.data
Size: 4KB - Virtual size: 3KB

.rsrc
Size: 361KB - Virtual size: 360KB

.reloc
Size: 12KB - Virtual size: 12KB