SettingsTree[.]dll

Sharing

Copy URL Twitter E-mail

General

Target

SettingsTree.dll
Size

136KB
MD5

cf55500e9852c83933c78eb9fdc2ba39
SHA1

efbfc5f84aed713d74853b2415c1dbd0571ea88c
SHA256

26cce9ad4a8a2b44eb2a8a9c314accd3a67151ab1a7f9293e0a4f1d116293bcc
SHA512

ac34928dcb7b66dc279c8b3e7f646bb58629ca1e0b5d767893eca1bbaa43c22d7b6188953e97a40cfc4871b24445a2f6ec93b4cfe0c5ab90984acb3a1b7958bf
SSDEEP

3072:YkYDm7ersj7RiIR10GODhqourhPaMt4m9sRzu+jrAk/WRpM:esHySrsY4m9shu+jr7uLM

Score

N/A

Malware Config

Signatures

Files

SettingsTree.dll
.dll regsvr32 windows x86

970b4f08779fb41a0cc09e960685e189

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mfc71u

ord4480
ord3322
ord754
ord3985
ord2872
ord2870
ord2364
ord5829
ord577
ord1472
ord283
ord1058
ord258
ord870
ord2311
ord293
ord261
ord280
ord4320
ord2009
ord1007
ord5096
ord566
ord5398
ord2460
ord776
ord2895
ord1110
ord4100
ord2260
ord774
ord6094
ord2856
ord766
ord6063
ord3017
ord2261
ord866
ord5231
ord5229
ord2384
ord2394
ord2392
ord2390
ord2386
ord2409
ord2397
ord1647
ord1646
ord1590
ord5196
ord1955
ord5171
ord1353
ord765
ord315
ord1033
ord1197
ord1199
ord1093
ord371
ord1115
ord1192
ord1168
ord1170
ord1200
ord1087
ord1162
ord581
ord4961
ord3339
ord6275
ord3796
ord6273
ord1513
ord2163
ord2169
ord2399
ord2381
ord2379
ord2402
ord2407
ord2388
ord2404
ord931
ord927
ord929
ord925
ord920
ord5956
ord1591
ord4276
ord4716
ord3397
ord5210
ord4179
ord6271
ord5067
ord1899
ord5148
ord4238
ord1393
ord3940
ord1608
ord1611
ord5911
ord1589
ord1645
ord3674
ord427
ord572
ord3793
ord1281
ord4119
ord2366
ord1064
ord2861
ord1970
ord664
ord760
ord1908
ord1043
ord2239
ord3824
ord757
ord3327
ord4255
ord4475
ord3943
ord2638
ord3703
ord3713
ord3712
ord2527
ord2640
ord2534
ord2832
ord1182
ord2708
ord4301
ord2829
ord2725
ord2531
ord5562
ord5209
ord5226
ord4562
ord3942
ord5222
ord5220
ord2925
ord1911
ord3826
ord5378
ord6215
ord3800
ord5579
ord2054
ord6274
ord3795
ord6272
ord4008
ord4032
ord1079
ord3677
ord1000
ord762
ord314
ord416
ord1555
ord651
ord531
ord723
ord6282
ord5316
ord6293
ord5327
ord764
ord3249
ord1271
ord3155
ord1925
ord3204
ord1176
ord266
ord265
ord1571
ord2340
ord1178
ord3927

msvcr71

malloc
realloc
wcscat
_resetstkoflw
??1exception@@UAE@XZ
??0exception@@QAE@XZ
_wtoi
memmove
wcslen
free
__CxxFrameHandler
_purecall
_wtol
_except_handler3
swprintf
wcscpy
wcsrchr
??0exception@@QAE@ABV0@@Z
_CxxThrowException
memset
__security_error_handler
?terminate@@YAXXZ
__dllonexit
_onexit
??1type_info@@UAE@XZ
_initterm
_adjust_fdiv
__CppXcptFilter
_vscwprintf
iswdigit
vswprintf
iswspace
wcsstr
wcschr
wcsncpy

kernel32

GetLastError
GlobalAlloc
GlobalLock
GlobalUnlock
HeapAlloc
GetCurrentProcess
FlushInstructionCache
lstrlenA
MultiByteToWideChar
SetLastError
InterlockedDecrement
InterlockedIncrement
lstrlenW
Sleep
GetProcessHeap
HeapFree
GetModuleFileNameW
DeleteCriticalSection
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
FindResourceExW
FindResourceW
LoadResource
LockResource
SizeofResource
GetVersionExW
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
lstrcpynW
MulDiv
FreeLibrary
LoadLibraryW
RaiseException
GetProcAddress
LoadLibraryA
GetCurrentThreadId
GetTickCount
LocalFree
LocalAlloc
ExitProcess
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
OutputDebugStringW
GetVersionExA
HeapDestroy
HeapReAlloc
HeapSize

user32

DestroyWindow
DrawTextW
GetSysColor
SetWindowLongW
SystemParametersInfoW
SendDlgItemMessageW
IsChild
SetPropW
GetParent
GetFocus
SetFocus
GetWindow
IsWindow
GetKeyState
GetDlgItem
ShowWindow
EnumChildWindows
SetWindowPos
SetWindowContextHelpId
MapDialogRect
CreateWindowExW
PtInRect
UnionRect
SetWindowRgn
OffsetRect
EqualRect
IntersectRect
IsDialogMessageW
CopyAcceleratorTableW
GetNextDlgTabItem
SendMessageW
InvalidateRect
ScreenToClient
RedrawWindow
GetDialogBaseUnits
ReleaseDC
GetDC
MoveWindow
CallWindowProcW
MapVirtualKeyW
GetPropW
GetClassNameW
GetWindowLongW
MessageBoxW
EnableWindow
GetCursorPos
RemovePropW
LoadBitmapW

gdi32

CreateFontIndirectW
GetTextMetricsW
GetTextExtentPointW
CreateMetaFileW
SetWindowExtEx
CloseMetaFile
DeleteMetaFile
CreateRectRgnIndirect
CreateSolidBrush
GetObjectW
SetBkColor
LPtoDP
SaveDC
SetMapMode
SetWindowOrgEx
SetViewportOrgEx
DeleteDC
RestoreDC
DeleteObject
GetStockObject
SelectObject
Rectangle
SetTextColor
SetBkMode
GetDeviceCaps

advapi32

RegQueryValueExA
RegCloseKey
RegQueryValueExW
RegSetValueExW
RegDeleteValueW
RegOpenKeyExW
RegOpenKeyExA

comctl32

ImageList_AddMasked

ole32

CreateOleAdviseHolder
CreateDataAdviseHolder
CoTaskMemAlloc
OleRegGetMiscStatus
OleRegGetUserType
OleRegEnumVerbs
CreateStreamOnHGlobal
CoCreateInstance
StringFromCLSID
CoTaskMemFree

oleaut32

SafeArrayCopy
SafeArrayLock
SafeArrayRedim
SafeArrayGetElement
SafeArrayPutElement
SafeArrayAllocData
SafeArrayAllocDescriptor
SysReAllocStringLen
OleCreatePropertyFrame
SysAllocStringLen
OleTranslateColor
LoadRegTypeLi
LoadTypeLi
RegisterTypeLi
SafeArrayDestroyData
SafeArrayDestroyDescriptor
SafeArrayUnlock
SysAllocString
VariantChangeType
VariantCopy
VariantClear
VarCmp
VariantInit
SysStringByteLen
SysAllocStringByteLen
SysFreeString
SysStringLen
VarBstrCmp

atl71

ord54
ord10
ord37
ord43
ord44
ord42
ord48
ord60
ord11
ord50
ord51
ord58
ord31
ord28
ord56
ord49
ord55
ord64
ord47
ord27
ord26
ord32
ord15
ord61
ord30
ord22
ord18
ord66
ord65
ord23

msvcp71

??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 88KB - Virtual size: 87KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

970b4f08779fb41a0cc09e960685e189

Headers

File Characteristics

Imports

mfc71u

msvcr71

kernel32

user32

gdi32

advapi32

comctl32

ole32

oleaut32

atl71

msvcp71

Exports

Exports

Sections

.text Size: 88KB - Virtual size: 87KB

.rdata Size: 20KB - Virtual size: 19KB

.data Size: 4KB - Virtual size: 9KB

.rsrc Size: 8KB - Virtual size: 6KB

.reloc Size: 12KB - Virtual size: 10KB

.text
Size: 88KB - Virtual size: 87KB

.rdata
Size: 20KB - Virtual size: 19KB

.data
Size: 4KB - Virtual size: 9KB

.rsrc
Size: 8KB - Virtual size: 6KB

.reloc
Size: 12KB - Virtual size: 10KB