LicenseManagerShellext[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

LicenseManagerShellext.exe
Size

22KB
MD5

31d22cc6394d516e852552c7f6c62056
SHA1

b39c3c69d65f8fde72edec982c93733b87702556
SHA256

0bdf58e65e0f537b322798e2b10c5fadb1175c1ec383401d7700d509b7c102fd
SHA512

2ce18946a7c1d45ed554a6b38567e2295447c7d9f1740e7f226859ed2da851d3b1199195c1b2f8474a52e1072195e9f7c7eddc74054e0595fbe46a4569c5a9c8
SSDEEP

384:gAkcuponyL5Zhul0988XUAMwkEkUQ2C/XL//0d6UgbbfWW9qWwli:gnOnG5Zh/T62C/z/dUgv9n

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
LicenseManagerShellext.exe

Files

LicenseManagerShellext.exe
.exe windows:10 windows x86

ab8da9be75486ba12f5249e94cfe8806

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

exit
__wgetmainargs
_exit
_cexit
_amsg_exit
__p__commode
??3@YAXPAX@Z
_XcptFilter
??0exception@@QAE@ABV0@@Z
??0exception@@QAE@ABQBDH@Z
??0exception@@QAE@ABQBD@Z
??1exception@@UAE@XZ
__p__fmode
__setusermatherr
_initterm
_wcmdln
__CxxFrameHandler3
?terminate@@YAXXZ
??1type_info@@UAE@XZ
_controlfp
_except_handler4_common
?what@exception@@UBEPBDXZ
_purecall
__set_app_type
malloc
_callnewh
_CxxThrowException

api-ms-win-core-processenvironment-l1-2-0

GetCommandLineW

api-ms-win-core-com-l1-1-1

CoWaitForMultipleHandles
CoCreateInstance
CoCreateFreeThreadedMarshaler

api-ms-win-core-winrt-string-l1-1-0

WindowsCreateStringReference

api-ms-win-core-winrt-l1-1-0

RoGetActivationFactory
RoUninitialize
RoInitialize

api-ms-win-core-file-l1-2-1

CreateFileW
GetFileSize

api-ms-win-core-memory-l1-1-2

UnmapViewOfFile
MapViewOfFile
CreateFileMappingW

api-ms-win-core-synch-l1-2-0

CreateEventW
SetEvent
Sleep

api-ms-win-core-errorhandling-l1-1-1

SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetLastError
RaiseException

api-ms-win-core-handle-l1-1-0

CloseHandle

api-ms-win-core-heap-l1-2-0

HeapSetInformation

api-ms-win-core-libraryloader-l1-2-0

GetModuleHandleA
LoadStringW

api-ms-win-core-heap-l2-1-0

LocalFree

api-ms-win-core-processthreads-l1-1-2

TerminateProcess
GetCurrentThreadId
GetCurrentProcessId
GetStartupInfoW
GetCurrentProcess

api-ms-win-core-profile-l1-1-0

QueryPerformanceCounter

api-ms-win-core-sysinfo-l1-2-1

GetSystemTimeAsFileTime
GetTickCount

ext-ms-win-rtcore-ntuser-window-ext-l1-1-0

RegisterClassW
GetDesktopWindow
DefWindowProcW
CreateWindowExW
GetWindowRect
DestroyWindow
SetForegroundWindow

api-ms-win-core-apiquery-l1-1-0

ApiSetQueryApiSetPresence

api-ms-win-downlevel-shell32-l1-1-0

CommandLineToArgvW

msvcp110_win

?_Xbad_alloc@std@@YAXXZ

Sections

.text
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ab8da9be75486ba12f5249e94cfe8806

Headers

DLL Characteristics

File Characteristics

Imports

msvcrt

api-ms-win-core-processenvironment-l1-2-0

api-ms-win-core-com-l1-1-1

api-ms-win-core-winrt-string-l1-1-0

api-ms-win-core-winrt-l1-1-0

api-ms-win-core-file-l1-2-1

api-ms-win-core-memory-l1-1-2

api-ms-win-core-synch-l1-2-0

api-ms-win-core-errorhandling-l1-1-1

api-ms-win-core-handle-l1-1-0

api-ms-win-core-heap-l1-2-0

api-ms-win-core-libraryloader-l1-2-0

api-ms-win-core-heap-l2-1-0

api-ms-win-core-processthreads-l1-1-2

api-ms-win-core-profile-l1-1-0

api-ms-win-core-sysinfo-l1-2-1

ext-ms-win-rtcore-ntuser-window-ext-l1-1-0

api-ms-win-core-apiquery-l1-1-0

api-ms-win-downlevel-shell32-l1-1-0

msvcp110_win

Sections

.text Size: 12KB - Virtual size: 12KB

.data Size: 512B - Virtual size: 1KB

.idata Size: 3KB - Virtual size: 3KB

.rsrc Size: 3KB - Virtual size: 3KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 12KB - Virtual size: 12KB

.data
Size: 512B - Virtual size: 1KB

.idata
Size: 3KB - Virtual size: 3KB

.rsrc
Size: 3KB - Virtual size: 3KB

.reloc
Size: 1KB - Virtual size: 1KB