UWP_Executor[.]dll

Sharing

Copy URL Twitter E-mail

General

Target

UWP_Executor.dll
Size

525KB
MD5

715dc1dbf561a5eb3ca4010cf89bf4aa
SHA1

0997272617e63ef0e81ea8a3200383d426b15c71
SHA256

3e637c605873fb03aeea2b0e869d1b0350b5ca976fe7369613c96b4263ffddd9
SHA512

10a3f2d35db00808bec585ccee35d5ac88fb0e06bced2917bd542d4fd81252f2d37a4232afe0c0226a90cb579833f3684b9fe2b294942a25aac5e883aab2a280
SSDEEP

12288:c0Xf+TQj1dUyp8SucYxl2RAqxZw+xyBFwkV9bQoMbuBp9LAwoPs9cNzJ+t:DXf+TQj1dUyp8SucYxlPyxWwy9koT0o

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
UWP_Executor.dll

Files

UWP_Executor.dll
.dll windows:6 windows x86

de48f92eff23e4033543ea6f8f831550

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetModuleHandleW
DisableThreadLibraryCalls
EnterCriticalSection
WakeAllConditionVariable
LeaveCriticalSection
DeleteCriticalSection
WaitForSingleObject
GetLastError
CloseHandle
GetCurrentProcessId
QueryPerformanceCounter
IsDebuggerPresent
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
SleepConditionVariableSRW
AcquireSRWLockExclusive
ReleaseSRWLockExclusive
GetSystemTimeAsFileTime
InitializeSListHead
GetCurrentThreadId

msvcp140

_Thrd_detach
?_Xlength_error@std@@YAXPBD@Z
?_Throw_Cpp_error@std@@YAXH@Z
_Cnd_do_broadcast_at_thread_exit

vcruntime140

_except_handler4_common
__std_type_info_destroy_list
__CxxFrameHandler3
__std_exception_destroy
__std_exception_copy
_purecall
__std_terminate
_CxxThrowException
memchr
memcpy
memmove
memset

api-ms-win-crt-runtime-l1-1-0

_initialize_narrow_environment
_invalid_parameter_noinfo
_errno
_initterm_e
_initterm
_cexit
_crt_atexit
_execute_onexit_table
_register_onexit_function
_initialize_onexit_table
_configure_narrow_argv
_seh_filter_dll
_invalid_parameter_noinfo_noreturn
_beginthreadex
terminate

api-ms-win-crt-string-l1-1-0

strcpy_s
strnlen

api-ms-win-crt-heap-l1-1-0

malloc
free
_callnewh

api-ms-win-crt-math-l1-1-0

_CIfmod
_CIcosh
_CIatan2
_libm_sse2_exp_precise
_CIsinh
_CItanh
ldexp
_libm_sse2_log10_precise
_libm_sse2_acos_precise
_libm_sse2_log_precise
round
_libm_sse2_asin_precise
log2
_libm_sse2_cos_precise
_libm_sse2_pow_precise
_libm_sse2_sin_precise
_libm_sse2_sqrt_precise
_libm_sse2_tan_precise
ceil
floor
_libm_sse2_atan_precise
_dsign

api-ms-win-crt-convert-l1-1-0

atoi
strtod
strtoull

api-ms-win-crt-stdio-l1-1-0

__stdio_common_vsprintf

Sections

.text
Size: 452KB - Virtual size: 452KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 57KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 248B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

de48f92eff23e4033543ea6f8f831550

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

msvcp140

vcruntime140

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-convert-l1-1-0

api-ms-win-crt-stdio-l1-1-0

Sections

.text Size: 452KB - Virtual size: 452KB

.rdata Size: 57KB - Virtual size: 56KB

.data Size: 3KB - Virtual size: 4KB

.rsrc Size: 512B - Virtual size: 248B

.reloc Size: 11KB - Virtual size: 10KB

.text
Size: 452KB - Virtual size: 452KB

.rdata
Size: 57KB - Virtual size: 56KB

.data
Size: 3KB - Virtual size: 4KB

.rsrc
Size: 512B - Virtual size: 248B

.reloc
Size: 11KB - Virtual size: 10KB