_shfoldr[.]dll | Triage

Submit
Reports

Overview

overview

1

Static

static

1

_shfoldr.dll

windows7-x64

1

_shfoldr.dll

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

_shfoldr.dll

Resource

win7-20230220-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral2

Sample

_shfoldr.dll

Resource

win10v2004-20230220-en

windows10-2004-x64

1 signatures

150 seconds

General

Target

_shfoldr.dll
Size

22KB
MD5

92dc6ef532fbb4a5c3201469a5b5eb63
SHA1

3e89ff837147c16b4e41c30d6c796374e0b8e62c
SHA256

9884e9d1b4f8a873ccbd81f8ad0ae257776d2348d027d811a56475e028360d87
SHA512

9908e573921d5dbc3454a1c0a6c969ab8a81cc2e8b5385391d46b1a738fb06a76aa3282e0e58d0d2ffa6f27c85668cd5178e1500b8a39b1bbae04366ae6a86d3
SSDEEP

384:+Vm08QoKkiWZ76UJuP71W55iWHHoSHigH2euwsHTGHVb+VHHmnH+aHjHqLHxmoq1:2m08QotiCjJuPGw4

Score

1^/10

Malware Config

Signatures

Files

_shfoldr.dll
.dll windows x86

95f81563369971605fb978131e2f7f51

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

EnumResourceLanguagesW
EnumResourceNamesW
lstrcatA
lstrcpyA
CompareStringW
CreateDirectoryA
CreateDirectoryW
GetLastError
FindResourceExW
GetSystemDefaultLangID
GetFileAttributesA
GetFileAttributesW
GetSystemDirectoryA
GetSystemDirectoryW
IsBadWritePtr
DisableThreadLibraryCalls
GlobalAlloc
GlobalFree
GetWindowsDirectoryW
LoadResource
LockResource
lstrlenA
GetWindowsDirectoryA
ExpandEnvironmentStringsW
GetVersionExA
lstrlenW
MultiByteToWideChar
GetProcAddress
LoadLibraryA
FreeLibrary
ExpandEnvironmentStringsA
WideCharToMultiByte
lstrcpynW

advapi32

InitializeSecurityDescriptor
SetSecurityDescriptorDacl
InitializeAcl
GetAce
SetFileSecurityW
AddAccessAllowedAce
RegSetValueExA
LookupAccountSidW
RegCreateKeyExA
RegOpenKeyA
RegSetValueExW
RegQueryValueExA
RegCloseKey
RegQueryValueExW

Exports

Exports

SHGetFolderPathA
SHGetFolderPathW

Sections

.text
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 92B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 476B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy