UIAddinMgr[.]dll

Sharing

Copy URL Twitter E-mail

General

Target

UIAddinMgr.dll
Size

144KB
MD5

530dd6688b4a220e451f5739af0ff7b4
SHA1

b992f5b8cb95e97b415b7449f60a0499abace030
SHA256

eec9c56da321274fe7f5f659061e58a9afca26d3b4367049ff77d2697ee12afb
SHA512

f8e0e7b867b0cb7d83709401f46cf6fec749ecad9248a7c2456affeb0b7ec9de6ebb8c87601b9eaa5d20dcc3d8e5be271402163192ade49ba93feb8a2b476c4a
SSDEEP

1536:Gc99765gf89g//m1OC+utX3djiypAUkQClU5grETrrNcVVlaUJY7s0zZtwluk6h:G6Fcz9rTcyWnlU58ETrraVGUJbh6h

Score

N/A

Malware Config

Signatures

Files

UIAddinMgr.dll
.dll regsvr32 windows x86

2c63b83363cfb814793f4094bc92e969

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentThreadId
GetTickCount
RaiseException
LocalFree
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
ExitProcess
GetProcessHeap
HeapSize
HeapReAlloc
HeapFree
HeapAlloc
HeapDestroy
GetVersionExA
FindResourceExW
FindResourceW
LoadResource
LockResource
SizeofResource
Sleep
InterlockedDecrement
InterlockedIncrement
InterlockedExchange
DisableThreadLibraryCalls
GetModuleFileNameW
DeleteCriticalSection
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
GetVersionExW
GetThreadLocale
GetLocaleInfoA
GetACP

advapi32

RegQueryValueExW
RegSetValueExW
RegDeleteValueW
RegOpenKeyExW
RegCloseKey

ole32

CoTaskMemFree
StringFromCLSID
CoCreateInstance
CLSIDFromString
StringFromGUID2

oleaut32

SafeArrayCopy
SysAllocStringLen
SafeArrayAllocDescriptor
SafeArrayAllocData
SafeArrayGetUBound
SafeArrayDestroyData
SafeArrayDestroyDescriptor
SafeArrayPutElement
SafeArrayGetElement
SafeArrayUnlock
SafeArrayLock
VariantClear
VariantInit
SysStringByteLen
SysAllocStringByteLen
RegisterTypeLi
SysAllocString
SysFreeString

atl71

ord30
ord32
ord18
ord22
ord64
ord55
ord49
ord23
ord61
ord15
ord56

msvcp71

?_Nomemory@std@@YAXXZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z

msvcr71

_except_handler3
__CppXcptFilter
_adjust_fdiv
_initterm
_onexit
__dllonexit
?terminate@@YAXXZ
??1type_info@@UAE@XZ
__security_error_handler
_callnewh
malloc
memset
wcslen
memmove
wcsstr
wcscmp
wcscat
_purecall
wcsrchr
wcscpy
swprintf
free
??_V@YAXPAX@Z
_CxxThrowException
??0exception@@QAE@ABV0@@Z
??3@YAXPAX@Z
__CxxFrameHandler
??0exception@@QAE@XZ
??1exception@@UAE@XZ

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 68KB - Virtual size: 65KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 792B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 44KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2c63b83363cfb814793f4094bc92e969

Headers

File Characteristics

Imports

kernel32

advapi32

ole32

oleaut32

atl71

msvcp71

msvcr71

Exports

Exports

Sections

.text Size: 68KB - Virtual size: 65KB

.rdata Size: 16KB - Virtual size: 12KB

.data Size: 4KB - Virtual size: 792B

.rsrc Size: 44KB - Virtual size: 40KB

.reloc Size: 8KB - Virtual size: 7KB

.text
Size: 68KB - Virtual size: 65KB

.rdata
Size: 16KB - Virtual size: 12KB

.data
Size: 4KB - Virtual size: 792B

.rsrc
Size: 44KB - Virtual size: 40KB

.reloc
Size: 8KB - Virtual size: 7KB