SecuriteInfo[.]com[.]Heuristic[.]HEUR[.]AGEN[.]1302310[.]14380[.]28500[.]dll

General

Target

SecuriteInfo.com.Heuristic.HEUR.AGEN.1302310.14380.28500.dll
Size

80KB
MD5

b8231adde8a2a1b2e9bcafdeaf012903
SHA1

e5a9ca1f66d2d20e5404a9a656afc01646bc41be
SHA256

11b008f9aafa427ce8446ed6570bb0bdca189444f54a951ddf490a096fffbb24
SHA512

51aa1f65ce3753761582313436c8fdb85d1660e8ecb9b03d17a0efe8e3b6863bdfaed04ec2f078ae1c8269373aecb3fae1d5fd8459222a5b591d2e1ed7128856
SSDEEP

1536:U36bYl4hZW9lW8UzggJ75lLxsEQ3REW1qhm0:UqbY2hZW9la7rlLxCRECs

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
SecuriteInfo.com.Heuristic.HEUR.AGEN.1302310.14380.28500.dll

Files

SecuriteInfo.com.Heuristic.HEUR.AGEN.1302310.14380.28500.dll
.dll windows:5 windows x86 arch:x86

9187ea7233ce43df92f3905e97884ba6

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CreateFileW
GetFileSize
CreateFileMappingW
MapViewOfFile
UnmapViewOfFile
CloseHandle
VirtualProtect
lstrcmpiW
GetVersionExW
GetModuleHandleW
GetProcAddress
LoadLibraryW
GetModuleFileNameW
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
InterlockedExchange
HeapCreate
HeapFree
GetCurrentProcess
InterlockedCompareExchange
Thread32Next
Thread32First
GetCurrentThreadId
SuspendThread
ResumeThread
CreateToolhelp32Snapshot
Sleep
HeapReAlloc
HeapAlloc
HeapDestroy
GetThreadContext
GetCurrentProcessId
FlushInstructionCache
SetThreadContext
OpenThread
VirtualFree
VirtualAlloc
VirtualQuery
IsProcessorFeaturePresent

shell32

SHGetFolderPathA
SHGetFolderPathW

Exports

Exports

SHGetFolderPathA
SHGetFolderPathW

Sections

.text
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9187ea7233ce43df92f3905e97884ba6

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

shell32

Exports

Exports

Sections

.text Size: 7KB - Virtual size: 6KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 1024B - Virtual size: 1KB

.rsrc Size: 512B - Virtual size: 480B

.reloc Size: 512B - Virtual size: 480B

.text
Size: 7KB - Virtual size: 6KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 1024B - Virtual size: 1KB

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 512B - Virtual size: 480B