SmartScreenSettings[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

SmartScreenSettings.exe
Size

71KB
MD5

09a0ea8cae050ca74e1fb2e42ed93766
SHA1

331f8e8550067f7c70b075812776a3fc11d173d3
SHA256

62feacfbf734f036283a8d38c6b5e0ba30c859e7cde95033284014cb5ed76ed8
SHA512

fb4809eba87d7571f860192a46ae1b8828209ef6f24ca16bb70f1fc28173c4652fc5115b51c65f7533851eb8f12a7aa9147d7da5706d15540729c2062f0f4507
SSDEEP

768:TChXC2G784CutpELtlASG/qsg75lAeAS4AsNzmdUCDRkV/L7p:TCY2G789YSG/qZ751sNz0UCdkV/L7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
SmartScreenSettings.exe

Files

SmartScreenSettings.exe
.exe windows x86

acb77b04c3025e988fc9f6a37621da34

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

EventUnregister
EventWrite
RegGetValueW
EventSetInformation
EventWriteTransfer
EventRegister

kernel32

GetModuleHandleExW
GetModuleFileNameA
LoadLibraryExW
GetProcAddress
GetLastError
OutputDebugStringW
CloseHandle
ReleaseSemaphore
ReleaseMutex
WaitForSingleObjectEx
HeapFree
GetProcessHeap
HeapAlloc
WaitForSingleObject
OpenSemaphoreW
CompareStringOrdinal
GetCurrentProcessId
CreateSemaphoreExW
SetLastError
CreateMutexExW
FormatMessageW
GetCurrentThreadId

user32

SendMessageW

msvcrt

memcpy_s
_XcptFilter
__p__commode
_except_handler4_common
_controlfp
?terminate@@YAXXZ
_onexit
__dllonexit
_unlock
_lock
_vsnwprintf
_amsg_exit
_initterm
__setusermatherr
__p__fmode
__wgetmainargs
_exit
exit
__set_app_type
_wcmdln
_cexit
memset

shell32

ShellExecuteW

api-ms-win-core-com-l1-1-1

CoInitializeEx
CoUninitialize

api-ms-win-core-synch-l1-2-0

Sleep

api-ms-win-core-processthreads-l1-1-2

TerminateProcess
GetCurrentProcess
GetStartupInfoW

api-ms-win-core-errorhandling-l1-1-1

SetUnhandledExceptionFilter
UnhandledExceptionFilter

api-ms-win-core-libraryloader-l1-2-0

GetModuleHandleA

api-ms-win-core-profile-l1-1-0

QueryPerformanceCounter

api-ms-win-core-sysinfo-l1-2-1

GetTickCount
GetSystemTimeAsFileTime

api-ms-win-core-registry-l1-1-0

RegOpenKeyExW
RegSetValueExW
RegCloseKey
RegCreateKeyExW

comctl32

ord345

Sections

.text
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 53KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 848B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

acb77b04c3025e988fc9f6a37621da34

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

kernel32

user32

msvcrt

shell32

api-ms-win-core-com-l1-1-1

api-ms-win-core-synch-l1-2-0

api-ms-win-core-processthreads-l1-1-2

api-ms-win-core-errorhandling-l1-1-1

api-ms-win-core-libraryloader-l1-2-0

api-ms-win-core-profile-l1-1-0

api-ms-win-core-sysinfo-l1-2-1

api-ms-win-core-registry-l1-1-0

comctl32

Sections

.text Size: 13KB - Virtual size: 12KB

.data Size: 512B - Virtual size: 1KB

.idata Size: 2KB - Virtual size: 2KB

.rsrc Size: 53KB - Virtual size: 52KB

.reloc Size: 1024B - Virtual size: 848B

.text
Size: 13KB - Virtual size: 12KB

.data
Size: 512B - Virtual size: 1KB

.idata
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 53KB - Virtual size: 52KB

.reloc
Size: 1024B - Virtual size: 848B