SecuriteInfo[.]com[.]Win32[.]Malware-gen[.]22245[.]22356[.]dll

Sharing

Copy URL Twitter E-mail

General

Target

SecuriteInfo.com.Win32.Malware-gen.22245.22356.dll
Size

7.4MB
MD5

3f9c222b7d0e3b21be436fe950a1c137
SHA1

264ac5668d21fd84d263879a2a45490bbd02ad53
SHA256

e58c3f7894ac87262815466b5d9ae1cc59faffe272b4586124cb80ff3a3b22ac
SHA512

cf6911bf047566ea2f3a379cc04d1889391a244f3b3ecbe07a1379ad379331e67731d77caa6e28451fad04b585a53910ecc83b780f92658494ca083213c7e65b
SSDEEP

49152:MWi77JQ5SNqlKCON4kUOSAGo0PkqkH0ZdVaMvZo6BQMr9TAC/gG2jA7570Q6U5c7:MmScKVQoTIZdDZo6BQMrVACKjAStHO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
SecuriteInfo.com.Win32.Malware-gen.22245.22356.dll

Files

SecuriteInfo.com.Win32.Malware-gen.22245.22356.dll
.dll windows:6 windows x86 arch:x86

019f2c86ec0ee8416f2ab34dc3f12f92

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

Z:\proxy\target\release\deps\proxy.pdb

Imports

kernel32

WaitForMultipleObjectsEx
GlobalLock
GlobalSize
GlobalAlloc
SetThreadPriority
GlobalFree
GetCurrentThreadId
WideCharToMultiByte
MultiByteToWideChar
CreateEventA
SleepConditionVariableSRW
HeapAlloc
GetModuleFileNameW
LoadLibraryExA
GetProcAddress
AllocConsole
GetVolumeInformationA
TlsGetValue
GlobalUnlock
InitializeSListHead
GetProcessHeap
CreateFileW
WaitNamedPipeW
ReadFile
WriteFile
FlushFileBuffers
GetStdHandle
GetConsoleScreenBufferInfo
SetConsoleTextAttribute
GetModuleHandleA
CreateToolhelp32Snapshot
Module32First
Module32Next
IsDebuggerPresent
lstrlenW
UnhandledExceptionFilter
AcquireSRWLockShared
TlsSetValue
Sleep
GetLastError
SetUnhandledExceptionFilter
SetEvent
LoadLibraryExW
GetCurrentProcess
GetCurrentProcessId
ReleaseSRWLockShared
TryAcquireSRWLockExclusive
CloseHandle
GetTimeZoneInformationForYear
FormatMessageW
PeekNamedPipe
ReleaseSRWLockExclusive
HeapFree
WaitForSingleObject
GetTempPathW
SetHandleInformation
GetSystemTimeAsFileTime
QueryPerformanceFrequency
TlsFree
InitOnceComplete
TlsAlloc
InitOnceBeginInitialize
CreateThread
WriteConsoleW
GetFullPathNameW
ExitProcess
CreateIoCompletionPort
GetQueuedCompletionStatusEx
GetModuleHandleW
PostQueuedCompletionStatus
GetConsoleMode
SetFileCompletionNotificationModes
GetNativeSystemInfo
VirtualQuery
VirtualAlloc
VirtualFree
VirtualProtect
GetSystemInfo
CreateFileMappingW
MapViewOfFile
UnmapViewOfFile
CopyFileExW
SetThreadStackGuarantee
SwitchToThread
CreateWaitableTimerExW
SetWaitableTimer
GetCurrentThread
RtlCaptureContext
ReleaseMutex
SetLastError
GetCurrentDirectoryW
GetEnvironmentVariableW
AcquireSRWLockExclusive
GetFinalPathNameByHandleW
GetCommandLineW
SetFilePointerEx
TerminateProcess
WakeAllConditionVariable
WakeConditionVariable
QueryPerformanceCounter
HeapReAlloc
WaitForSingleObjectEx
LoadLibraryA
CreateMutexA
FindNextFileW
FindClose
GetFileInformationByHandle
GetFileInformationByHandleEx
CreateDirectoryW
FindFirstFileW
DeleteFileW
MoveFileExW
IsProcessorFeaturePresent

ws2_32

connect
ioctlsocket
bind
closesocket
getsockname
getpeername
getsockopt
recv
WSASocketW
send
WSASend
setsockopt
WSAIoctl
WSAGetLastError
socket
WSAStartup
WSACleanup
freeaddrinfo
getaddrinfo

user32

MessageBoxW
CloseClipboard
GetWindowThreadProcessId
FlashWindowEx
EmptyClipboard
SetClipboardData
GetClipboardData
FindWindowExW
GetForegroundWindow
OpenClipboard
GetWindowLongW

shell32

SHGetKnownFolderPath

ole32

CoUninitialize
CoCreateInstance
CoTaskMemFree
CoInitializeEx

crypt32

CryptUnprotectData
CryptProtectData

dbghelp

ImageNtHeader

oleaut32

SysFreeString
GetErrorInfo
SysStringLen

iphlpapi

GetAdaptersAddresses

bcrypt

BCryptGenRandom

advapi32

RegGetValueA
SystemFunction036
RegCreateKeyExA
RegDeleteKeyExA
RegCloseKey
RegSetValueExA
RegOpenKeyExA

ntdll

NtCreateFile
NtCancelIoFileEx
RtlNtStatusToDosError
NtReadFile
NtWriteFile
NtDeviceIoControlFile

vcruntime140

__std_type_info_destroy_list
_CxxThrowException
memset
memcpy
__CxxFrameHandler3
memmove
_except_handler4_common
memcmp

api-ms-win-crt-string-l1-1-0

strlen

api-ms-win-crt-math-l1-1-0

atan
exp
exp2f
pow
exp2
roundf
ceil
floor
cos
sin

api-ms-win-crt-runtime-l1-1-0

_cexit
_execute_onexit_table
_initialize_onexit_table
_initialize_narrow_environment
_configure_narrow_argv
_seh_filter_dll
_initterm_e
_initterm
strerror

api-ms-win-crt-stdio-l1-1-0

fgetc
__acrt_iob_func

api-ms-win-crt-heap-l1-1-0

free

Exports

Exports

DllMain
pcre_ca_export_2
pcre_compile
pcre_compile2_export_4
pcre_compile2_export_5
pcre_compile2_export_6
pcre_compile2_export_7
pcre_compile2_export_8
pcre_exec
pcre_free

Sections

.text
Size: 5.7MB - Virtual size: 5.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 82KB - Virtual size: 122KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vftcrs
Size: 1024B - Virtual size: 528B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.vft_rs
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 231KB - Virtual size: 230KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

019f2c86ec0ee8416f2ab34dc3f12f92

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

ws2_32

user32

shell32

ole32

crypt32

dbghelp

oleaut32

iphlpapi

bcrypt

advapi32

ntdll

vcruntime140

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-heap-l1-1-0

Exports

Exports

Sections

.text Size: 5.7MB - Virtual size: 5.7MB

.rdata Size: 1.4MB - Virtual size: 1.4MB

.data Size: 82KB - Virtual size: 122KB

.vftcrs Size: 1024B - Virtual size: 528B

.vft_rs Size: 2KB - Virtual size: 2KB

.reloc Size: 231KB - Virtual size: 230KB

.text
Size: 5.7MB - Virtual size: 5.7MB

.rdata
Size: 1.4MB - Virtual size: 1.4MB

.data
Size: 82KB - Virtual size: 122KB

.vftcrs
Size: 1024B - Virtual size: 528B

.vft_rs
Size: 2KB - Virtual size: 2KB

.reloc
Size: 231KB - Virtual size: 230KB