SecuriteInfo[.]com[.]PUA[.]Adstantinko[.]9616[.]6257

Sharing

Copy URL Twitter E-mail

General

Target

SecuriteInfo.com.PUA.Adstantinko.9616.6257
Size

142KB
MD5

9853155dadf1092b2c6c93a7fcba241a
SHA1

29ee3e925339eac8ba80eeebbc7ffc7f86d5bb79
SHA256

5dce23221c5c4ce62fb33f2de5438ae15b86d796c39091cfb495ca01f8eb04c2
SHA512

7695b7ad99833f4e1f61e0cac83e84f8ee96e84c5645831164e62209603ee53fad285cea8aa8c18027d0ff029593771d445de0a142b9a39efb80f866c8645efe
SSDEEP

3072:AN2lDKBApWugqRjDJdrijIY/ApAvYy9eUyRzPg:ANOWudTdreN4pkD8/o

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
SecuriteInfo.com.PUA.Adstantinko.9616.6257

Files

SecuriteInfo.com.PUA.Adstantinko.9616.6257
.dll windows:5 windows x86

18fd1b1ec5b58182b9186e8627d5abfb

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
GetLocalTime
DeleteCriticalSection
TlsGetValue
QueryPerformanceCounter
SetEvent
TlsSetValue
TerminateThread
Sleep
GetProcAddress
ResetEvent
LoadLibraryA
CreateEventW
WaitForMultipleObjects
QueryPerformanceFrequency
GetCurrentThreadId
TlsAlloc
CloseHandle
GetModuleFileNameA
GetFullPathNameA
CreateFileW
HeapSize
GetProcessHeap
SetEndOfFile
GetStringTypeW
LCMapStringW
WriteConsoleW
LoadLibraryW
HeapReAlloc
GetCurrentProcessId
GetTickCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
RaiseException
CreateFileA
SetStdHandle
SetFilePointer
ReadFile
MultiByteToWideChar
GetModuleFileNameW
HeapDestroy
HeapCreate
IsProcessorFeaturePresent
GetTimeZoneInformation
SetLastError
GetLastError
GetFileAttributesA
CreateDirectoryA
GetTimeFormatA
GetDateFormatA
GetSystemTimeAsFileTime
HeapFree
HeapAlloc
ExitThread
ResumeThread
CreateThread
GetFileType
SetEnvironmentVariableA
DecodePointer
GetCommandLineA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
EncodePointer
SetHandleCount
GetStdHandle
InitializeCriticalSectionAndSpinCount
GetStartupInfoW
GetModuleHandleW
ExitProcess
WriteFile
WideCharToMultiByte
GetConsoleCP
GetConsoleMode
FlushFileBuffers
RtlUnwind
GetCPInfo
InterlockedIncrement
InterlockedDecrement
GetACP
GetOEMCP
IsValidCodePage
TlsFree
CompareStringW

winmm

timeGetTime

ws2_32

connect
WSAStartup
inet_addr
select
WSAGetLastError
htons
setsockopt
WSACleanup
recv
socket
__WSAFDIsSet
closesocket
gethostbyname
send
ioctlsocket

Exports

Exports

CreateQueryObject

Sections

.text
Size: 109KB - Virtual size: 109KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

18fd1b1ec5b58182b9186e8627d5abfb

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

winmm

ws2_32

Exports

Exports

Sections

.text Size: 109KB - Virtual size: 109KB

.rdata Size: 16KB - Virtual size: 16KB

.data Size: 6KB - Virtual size: 18KB

.rsrc Size: 512B - Virtual size: 436B

.reloc Size: 8KB - Virtual size: 8KB

.text
Size: 109KB - Virtual size: 109KB

.rdata
Size: 16KB - Virtual size: 16KB

.data
Size: 6KB - Virtual size: 18KB

.rsrc
Size: 512B - Virtual size: 436B

.reloc
Size: 8KB - Virtual size: 8KB