SecuriteInfo[.]com[.]Trojan[.]Loader[.]1657[.]22144[.]9974[.]dll

Sharing

Copy URL Twitter E-mail

General

Target

SecuriteInfo.com.Trojan.Loader.1657.22144.9974.dll
Size

12KB
MD5

180db05e55985ec9b76f1c40cd91e008
SHA1

a69e9d1384dfe5891ab48085b9f3129aaf56379b
SHA256

cb17172b487bf4e118a6a243eb111628889efbf94844c9a57e80e73b9c51e9f6
SHA512

c7a3c35a1475ef448127185d8219eab88b7aeee5b3390e7b9eb863ab0221c868ce7303f54e8b51b9c885951d996c3c4b1358e8400dd4095bb53e8f0da9066046
SSDEEP

192:vcOMVONtmUVX1BpxmHxOqGgqEp4byOWmj+AdogYiUGRBQie:v3nyqlROxOcAOOWVcY0BQie

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
SecuriteInfo.com.Trojan.Loader.1657.22144.9974.dll

Files

SecuriteInfo.com.Trojan.Loader.1657.22144.9974.dll
.dll windows:5 windows x86

6b2143eb6bf3b6b18e23ff7de66e6891

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetCPInfoExW
MoveFileWithProgressA
GetVersionExA
GetFileAttributesExW
GetDefaultCommConfigA
Sleep
VirtualAlloc
IsProcessorFeaturePresent
lstrlen
GetModuleHandleW

mswsock

GetAddressByNameA
rexec
WSARecvEx
AcceptEx

crypt32

CertAddCRLContextToStore

mpr

WNetCancelConnection2A
WNetGetResourceParentA
WNetAddConnectionA
WNetGetLastErrorW
WNetOpenEnumA

setupapi

SetupDiClassGuidsFromNameExA
SetupGetInfFileListA
InstallHinfSectionA
SetupRemoveFromSourceListW
SetupGetSourceFileSizeA
SetupGetInfInformationW
SetupDiCallClassInstaller
SetupRenameErrorA
SetupInstallFileA

oleaut32

VarAnd
VarDecMul
VarI4FromDec
VarI4FromCy
VarR8FromI1
VarUI1FromUI4
VarDecFromStr

ws2_32

WSAStringToAddressA
WSARecvDisconnect
socket
WSANtohs
WSAGetOverlappedResult
getprotobynumber
WSASetServiceA
WSAHtons
__WSAFDIsSet

wlanapi

WlanFreeMemory
WlanConnect
WlanEnumInterfaces
WlanDisconnect
WlanQueryInterface
WlanOpenHandle
WlanCloseHandle

Exports

Exports

HvTkcoed
_wifi_cleanup@0
_wifi_connect@8
_wifi_disconnect@0
_wifi_get_signal_strength@0
_wifi_initialize@0

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 286B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6b2143eb6bf3b6b18e23ff7de66e6891

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

mswsock

crypt32

mpr

setupapi

oleaut32

ws2_32

wlanapi

Exports

Exports

Sections

.text Size: 2KB - Virtual size: 1KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 6KB - Virtual size: 5KB

.CRT Size: 512B - Virtual size: 4B

.reloc Size: 512B - Virtual size: 286B

.text
Size: 2KB - Virtual size: 1KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 6KB - Virtual size: 5KB

.CRT
Size: 512B - Virtual size: 4B

.reloc
Size: 512B - Virtual size: 286B