wuser32.pdb
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
e0b7e6e6ab305fc27a4ad3b64c67187c69df7adad99311f249c73c3349cf92c5.dll
Resource
win7-20240221-en
windows7-x64
2 signatures
150 seconds
Behavioral task
behavioral2
Sample
e0b7e6e6ab305fc27a4ad3b64c67187c69df7adad99311f249c73c3349cf92c5.dll
Resource
win10v2004-20240226-en
windows10-2004-x64
1 signatures
150 seconds
General
-
Target
e0b7e6e6ab305fc27a4ad3b64c67187c69df7adad99311f249c73c3349cf92c5.dll
-
Size
1.7MB
-
MD5
bd3ba7c4d050f0d9df3406b494c9b2f7
-
SHA1
3ec2185e1432be59d91d851942401d64f7aeb7b8
-
SHA256
e0b7e6e6ab305fc27a4ad3b64c67187c69df7adad99311f249c73c3349cf92c5
-
SHA512
d84f34baa8178a2269eb7a104e43eeb8e63ecd7e3c54b795d538e128bc9a1c847cc94ae2675c5a3d5b78d1a242d6721a307570903068c95e43fab6d363c23c84
-
SSDEEP
49152:qSRWYL/eXV1i/kmeE91qj4iZ6YaycLzTF:xRWYL/eXV1i/kmeM1qj4iwiAp
Score
3/10
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource e0b7e6e6ab305fc27a4ad3b64c67187c69df7adad99311f249c73c3349cf92c5.dll
Files
-
e0b7e6e6ab305fc27a4ad3b64c67187c69df7adad99311f249c73c3349cf92c5.dll.dll windows:6 windows x86 arch:x86
a5ee92095edb5993095c9c7315eaded3
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
PDB Paths
Imports
ntdll
NtOpenKey
wcscat_s
wcscpy_s
NtEnumerateKey
RtlOpenCurrentUser
RtlFreeHeap
RtlAllocateHeap
memcpy
memset
RtlEnterCriticalSection
RtlLeaveCriticalSection
RtlUnicodeToMultiByteN
RtlMultiByteToUnicodeN
RtlReleaseActivationContext
RtlFindActivationContextSectionString
RtlDeactivateActivationContextUnsafeFast
RtlActivateActivationContextUnsafeFast
wcstol
NtQueryInformationProcess
NtQuerySecurityObject
NtSetSecurityObject
RtlFreeUnicodeString
RtlAnsiStringToUnicodeString
RtlInitAnsiString
RtlCreateUnicodeStringFromAsciiz
RtlQueryInformationActiveActivationContext
_vsnwprintf
NtVdmControl
wcstoul
NtOpenDirectoryObject
NtDeleteValueKey
NtSetValueKey
NtCreateKey
NtYieldExecution
RtlIsThreadWithinLoaderCallout
_wcsicmp
_stricmp
RtlGetIntegerAtom
NtProtectVirtualMemory
RtlRetrieveNtUserPfn
RtlInitializeNtUserPfn
RtlDeleteCriticalSection
NtQuerySystemInformation
RtlInitializeCriticalSection
_allshr
RtlUnicodeToMultiByteSize
_allmul
NtCallbackReturn
_chkstk
memmove
NtQueryInformationToken
NtOpenProcessToken
NtOpenThreadToken
RtlNtStatusToDosError
CsrClientCallServer
CsrFreeCaptureBuffer
CsrCaptureMessageBuffer
CsrAllocateCaptureBuffer
RtlFreeSid
RtlAllocateAndInitializeSid
CsrAllocateMessagePointer
RtlReAllocateHeap
RtlRunDecodeUnicodeString
RtlRunEncodeUnicodeString
RtlGetThreadLangIdByIndex
RtlSizeHeap
strcpy_s
sscanf_s
strrchr
RtlIsNameLegalDOS8Dot3
wcsncat_s
NtRaiseHardError
RtlMultiByteToUnicodeSize
RtlCheckRegistryKey
LdrFlushAlternateResourceModules
qsort
iswspace
wcsncpy_s
wcsrchr
_alldiv
_wtoi
_aulldvrm
NlsAnsiCodePage
RtlImageNtHeader
RtlSetLastWin32Error
RtlUnwind
NtClose
NtQueryValueKey
swprintf_s
RtlInitUnicodeString
RtlUnicodeStringToInteger
gdi32
GetClipRgn
ExtSelectClipRgn
GetHFONT
GetMapMode
SetGraphicsMode
GetClipBox
CreateRectRgn
CreateRectRgnIndirect
SetLayout
GetBoundsRect
ExcludeClipRect
PlayEnhMetaFile
Ellipse
CreateEllipticRgn
GdiFixUpHandle
CreatePen
Rectangle
GetTextCharacterExtra
SetTextCharacterExtra
GetCurrentObject
GetViewportOrgEx
SetViewportOrgEx
PolyPatBlt
CreateBrushIndirect
SetBoundsRect
CopyEnhMetaFileW
CopyMetaFileW
GetPaletteEntries
CreatePalette
SetPaletteEntries
GetPixel
ExtTextOutA
GetTextCharsetInfo
QueryFontAssocStatus
GetCharWidthInfo
GetCharWidthA
GetTextFaceW
GetCharABCWidthsA
GetCharABCWidthsW
SetBrushOrgEx
CreateFontIndirectW
EnumFontsW
GetTextFaceAliasW
GetTextMetricsW
GetTextColor
GdiGetCodePage
GetTextCharset
GetBkMode
GetViewportExtEx
GetWindowExtEx
GdiGetCharDimensions
GdiPrinterThunk
GdiLoadType1Fonts
GdiAddFontResourceW
TranslateCharsetInfo
SaveDC
OffsetWindowOrgEx
RestoreDC
ExtTextOutW
GetDIBits
CreateDIBSection
SetStretchBltMode
SelectPalette
RealizePalette
SetDIBits
CreateDCW
CreateDIBitmap
CreateCompatibleBitmap
SetBitmapBits
DeleteDC
GdiValidateHandle
GdiDllInitialize
GdiProcessSetup
GetStockObject
CreateSolidBrush
CreateCompatibleDC
GdiConvertBitmapV5
GdiCreateLocalEnhMetaFile
GdiCreateLocalMetaFilePict
GetRgnBox
CombineRgn
OffsetRgn
MirrorRgn
EnableEUDC
GdiConvertToDevmodeW
GetTextExtentPointA
GetTextExtentPointW
CreateBitmap
SetTextAlign
GetTextAlign
IntersectClipRect
SelectObject
SetBkMode
GetBkColor
GetObjectW
SetTextColor
SetBkColor
GetLayout
StretchDIBits
GetDeviceCaps
GetDIBColorTable
GdiGetBitmapBitsSize
DeleteObject
DeleteMetaFile
DeleteEnhMetaFile
GdiConvertMetaFilePict
GdiConvertEnhMetaFile
GdiReleaseDC
StretchBlt
GetObjectType
GdiConvertAndCheckDC
SetRectRgn
BitBlt
TextOutW
TextOutA
PatBlt
SetLayoutWidth
kernel32
GetLocaleInfoW
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
GetSystemTimeAsFileTime
LoadLibraryExA
InterlockedCompareExchange
DelayLoadFailureHook
GlobalAddAtomA
GetModuleHandleA
GetModuleFileNameA
GlobalFindAtomA
lstrlenA
GetTickCount
QueryPerformanceFrequency
QueryPerformanceCounter
LCMapStringW
CreateFileMappingW
MapViewOfFile
GetFileSize
UnmapViewOfFile
WerpNotifyLoadStringResource
GetSystemDefaultLangID
RegQueryInfoKeyW
RegEnumValueW
RegOpenKeyExW
RegQueryValueExW
GetVersionExW
IsDBCSLeadByte
WerpNotifyUseStringResource
GetCurrentProcessId
ProcessIdToSessionId
MulDiv
GetThreadLocale
FindFirstFileW
FindNextFileW
FindClose
GetLogicalDrives
lstrlenW
SetCurrentDirectoryW
GetCurrentDirectoryW
ConvertDefaultLocale
IsValidLocale
GetAtomNameW
GetAtomNameA
AddAtomW
AddAtomA
GetSystemWindowsDirectoryW
CreateProcessW
EnumResourceNamesExW
SetFileTime
ReadFile
CloseHandle
FindResourceW
CompareStringW
GetCPInfo
GetStringTypeA
GetStringTypeW
Sleep
FoldStringW
GlobalHandle
CreateThread
GetExitCodeThread
ExitThread
GetCurrentThread
GetCurrentProcess
GlobalAddAtomW
LoadLibraryExW
ExpandEnvironmentStringsW
SearchPathW
GetSystemDirectoryW
IsDBCSLeadByteEx
DisableThreadLibraryCalls
FindResourceExA
FindResourceExW
LoadStringBaseExW
LoadResource
SizeofResource
RegisterWaitForInputIdle
QueryActCtxSettingsW
GetModuleHandleW
GetCurrentThreadId
LoadAppInitDlls
LocalSize
LocalUnlock
LocalLock
LocalReAlloc
GetACP
InterlockedIncrement
GetPrivateProfileStringW
RegSetValueExW
RegCloseKey
RegCreateKeyExW
RegDeleteKeyExW
GetUserDefaultLCID
GlobalUnlock
GlobalLock
GlobalSize
LocalFree
GlobalDeleteAtom
LocalAlloc
DeleteAtom
FreeLibrary
GetProcAddress
LoadLibraryW
InterlockedExchange
GlobalGetAtomNameA
GlobalGetAtomNameW
GetModuleFileNameW
GlobalFree
InterlockedDecrement
GlobalFlags
WideCharToMultiByte
GetLastError
GetOEMCP
GlobalReAlloc
MultiByteToWideChar
GlobalAlloc
WaitForMultipleObjectsEx
SetEvent
CreateFileW
lstrcmpiW
WritePrivateProfileStringW
GlobalFindAtomW
SetLastError
advapi32
CheckTokenMembership
Exports
Exports
ActivateKeyboardLayout
AddClipboardFormatListener
AdjustWindowRect
AdjustWindowRectEx
AlignRects
AllowForegroundActivation
AllowSetForegroundWindow
AnimateWindow
AnyPopup
AppendMenuA
AppendMenuW
ArrangeIconicWindows
AttachThreadInput
BeginDeferWindowPos
BeginPaint
BlockInput
BringWindowToTop
BroadcastSystemMessage
BroadcastSystemMessageA
BroadcastSystemMessageExA
BroadcastSystemMessageExW
BroadcastSystemMessageW
BuildReasonArray
CalcMenuBar
CalculatePopupWindowPosition
CallMsgFilter
CallMsgFilterA
CallMsgFilterW
CallNextHookEx
CallWindowProcA
CallWindowProcW
CancelShutdown
CascadeChildWindows
CascadeWindows
ChangeClipboardChain
ChangeDisplaySettingsA
ChangeDisplaySettingsExA
ChangeDisplaySettingsExW
ChangeDisplaySettingsW
ChangeMenuA
ChangeMenuW
ChangeWindowMessageFilter
ChangeWindowMessageFilterEx
CharLowerA
CharLowerBuffA
CharLowerBuffW
CharLowerW
CharNextA
CharNextExA
CharNextW
CharPrevA
CharPrevExA
CharPrevW
CharToOemA
CharToOemBuffA
CharToOemBuffW
CharToOemW
CharUpperA
CharUpperBuffA
CharUpperBuffW
CharUpperW
CheckDesktopByThreadId
CheckDlgButton
CheckMenuItem
CheckMenuRadioItem
CheckRadioButton
CheckWindowThreadDesktop
ChildWindowFromPoint
ChildWindowFromPointEx
CliImmSetHotKey
ClientThreadSetup
ClientToScreen
ClipCursor
CloseClipboard
CloseDesktop
CloseGestureInfoHandle
CloseTouchInputHandle
CloseWindow
CloseWindowStation
ConsoleControl
ControlMagnification
CopyAcceleratorTableA
CopyAcceleratorTableW
CopyIcon
CopyImage
CopyRect
CountClipboardFormats
CreateAcceleratorTableA
CreateAcceleratorTableW
CreateCaret
CreateCursor
CreateDesktopA
CreateDesktopExA
CreateDesktopExW
CreateDesktopW
CreateDialogIndirectParamA
CreateDialogIndirectParamAorW
CreateDialogIndirectParamW
CreateDialogParamA
CreateDialogParamW
CreateIcon
CreateIconFromResource
CreateIconFromResourceEx
CreateIconIndirect
CreateMDIWindowA
CreateMDIWindowW
CreateMenu
CreatePopupMenu
CreateSystemThreads
CreateWindowExA
CreateWindowExW
CreateWindowStationA
CreateWindowStationW
CsrBroadcastSystemMessageExW
CtxInitUser32
DdeAbandonTransaction
DdeAccessData
DdeAddData
DdeClientTransaction
DdeCmpStringHandles
DdeConnect
DdeConnectList
DdeCreateDataHandle
DdeCreateStringHandleA
DdeCreateStringHandleW
DdeDisconnect
DdeDisconnectList
DdeEnableCallback
DdeFreeDataHandle
DdeFreeStringHandle
DdeGetData
DdeGetLastError
DdeGetQualityOfService
DdeImpersonateClient
DdeInitializeA
DdeInitializeW
DdeKeepStringHandle
DdeNameService
DdePostAdvise
DdeQueryConvInfo
DdeQueryNextServer
DdeQueryStringA
DdeQueryStringW
DdeReconnect
DdeSetQualityOfService
DdeSetUserHandle
DdeUnaccessData
DdeUninitialize
DefDlgProcA
DefDlgProcW
DefFrameProcA
DefFrameProcW
DefMDIChildProcA
DefMDIChildProcW
DefRawInputProc
DefWindowProcA
DefWindowProcW
DeferWindowPos
DeleteMenu
DeregisterShellHookWindow
DestroyAcceleratorTable
DestroyCaret
DestroyCursor
DestroyIcon
DestroyMenu
DestroyReasons
DestroyWindow
DeviceEventWorker
DialogBoxIndirectParamA
DialogBoxIndirectParamAorW
DialogBoxIndirectParamW
DialogBoxParamA
DialogBoxParamW
DisableProcessWindowsGhosting
DispatchMessageA
DispatchMessageW
DisplayConfigGetDeviceInfo
DisplayConfigSetDeviceInfo
DisplayExitWindowsWarnings
DlgDirListA
DlgDirListComboBoxA
DlgDirListComboBoxW
DlgDirListW
DlgDirSelectComboBoxExA
DlgDirSelectComboBoxExW
DlgDirSelectExA
DlgDirSelectExW
DoSoundConnect
DoSoundDisconnect
DragDetect
DragObject
DrawAnimatedRects
DrawCaption
DrawCaptionTempA
DrawCaptionTempW
DrawEdge
DrawFocusRect
DrawFrame
DrawFrameControl
DrawIcon
DrawIconEx
DrawMenuBar
DrawMenuBarTemp
DrawStateA
DrawStateW
DrawTextA
DrawTextExA
DrawTextExW
DrawTextW
DwmGetDxSharedSurface
DwmStartRedirection
DwmStopRedirection
EditWndProc
EmptyClipboard
EnableMenuItem
EnableScrollBar
EnableWindow
EndDeferWindowPos
EndDialog
EndMenu
EndPaint
EndTask
EnterReaderModeHelper
EnumChildWindows
EnumClipboardFormats
EnumDesktopWindows
EnumDesktopsA
EnumDesktopsW
EnumDisplayDevicesA
EnumDisplayDevicesW
EnumDisplayMonitors
EnumDisplaySettingsA
EnumDisplaySettingsExA
EnumDisplaySettingsExW
EnumDisplaySettingsW
EnumPropsA
EnumPropsExA
EnumPropsExW
EnumPropsW
EnumThreadWindows
EnumWindowStationsA
EnumWindowStationsW
EnumWindows
EqualRect
ExcludeUpdateRgn
ExitWindowsEx
FillRect
FindWindowA
FindWindowExA
FindWindowExW
FindWindowW
FlashWindow
FlashWindowEx
FrameRect
FreeDDElParam
FrostCrashedWindow
GetActiveWindow
GetAltTabInfo
GetAltTabInfoA
GetAltTabInfoW
GetAncestor
GetAppCompatFlags
GetAppCompatFlags2
GetAsyncKeyState
GetCapture
GetCaretBlinkTime
GetCaretPos
GetClassInfoA
GetClassInfoExA
GetClassInfoExW
GetClassInfoW
GetClassLongA
GetClassLongW
GetClassNameA
GetClassNameW
GetClassWord
GetClientRect
GetClipCursor
GetClipboardData
GetClipboardFormatNameA
GetClipboardFormatNameW
GetClipboardOwner
GetClipboardSequenceNumber
GetClipboardViewer
GetComboBoxInfo
GetCursor
GetCursorFrameInfo
GetCursorInfo
GetCursorPos
GetDC
GetDCEx
GetDesktopWindow
GetDialogBaseUnits
GetDisplayConfigBufferSizes
GetDlgCtrlID
GetDlgItem
GetDlgItemInt
GetDlgItemTextA
GetDlgItemTextW
GetDoubleClickTime
GetFocus
GetForegroundWindow
GetGUIThreadInfo
GetGestureConfig
GetGestureExtraArgs
GetGestureInfo
GetGuiResources
GetIconInfo
GetIconInfoExA
GetIconInfoExW
GetInputDesktop
GetInputLocaleInfo
GetInputState
GetInternalWindowPos
GetKBCodePage
GetKeyNameTextA
GetKeyNameTextW
GetKeyState
GetKeyboardLayout
GetKeyboardLayoutList
GetKeyboardLayoutNameA
GetKeyboardLayoutNameW
GetKeyboardState
GetKeyboardType
GetLastActivePopup
GetLastInputInfo
GetLayeredWindowAttributes
GetListBoxInfo
GetMagnificationDesktopColorEffect
GetMagnificationDesktopMagnification
GetMagnificationLensCtxInformation
GetMenu
GetMenuBarInfo
GetMenuCheckMarkDimensions
GetMenuContextHelpId
GetMenuDefaultItem
GetMenuInfo
GetMenuItemCount
GetMenuItemID
GetMenuItemInfoA
GetMenuItemInfoW
GetMenuItemRect
GetMenuState
GetMenuStringA
GetMenuStringW
GetMessageA
GetMessageExtraInfo
GetMessagePos
GetMessageTime
GetMessageW
GetMonitorInfoA
GetMonitorInfoW
GetMouseMovePointsEx
GetNextDlgGroupItem
GetNextDlgTabItem
GetOpenClipboardWindow
GetParent
GetPhysicalCursorPos
GetPriorityClipboardFormat
GetProcessDefaultLayout
GetProcessWindowStation
GetProgmanWindow
GetPropA
GetPropW
GetQueueStatus
GetRawInputBuffer
GetRawInputData
GetRawInputDeviceInfoA
GetRawInputDeviceInfoW
GetRawInputDeviceList
GetReasonTitleFromReasonCode
GetRegisteredRawInputDevices
GetScrollBarInfo
GetScrollInfo
GetScrollPos
GetScrollRange
GetSendMessageReceiver
GetShellWindow
GetSubMenu
GetSysColor
GetSysColorBrush
GetSystemMenu
GetSystemMetrics
GetTabbedTextExtentA
GetTabbedTextExtentW
GetTaskmanWindow
GetThreadDesktop
GetTitleBarInfo
GetTopLevelWindow
GetTopWindow
GetTouchInputInfo
GetUpdateRect
GetUpdateRgn
GetUpdatedClipboardFormats
GetUserObjectInformationA
GetUserObjectInformationW
GetUserObjectSecurity
GetWinStationInfo
GetWindow
GetWindowCompositionAttribute
GetWindowCompositionInfo
GetWindowContextHelpId
GetWindowDC
GetWindowDisplayAffinity
GetWindowInfo
GetWindowLongA
GetWindowLongW
GetWindowMinimizeRect
GetWindowModuleFileName
GetWindowModuleFileNameA
GetWindowModuleFileNameW
GetWindowPlacement
GetWindowRect
GetWindowRgn
GetWindowRgnBox
GetWindowRgnEx
GetWindowTextA
GetWindowTextLengthA
GetWindowTextLengthW
GetWindowTextW
GetWindowThreadProcessId
GetWindowWord
GhostWindowFromHungWindow
GrayStringA
GrayStringW
HideCaret
HiliteMenuItem
HungWindowFromGhostWindow
IMPGetIMEA
IMPGetIMEW
IMPQueryIMEA
IMPQueryIMEW
IMPSetIMEA
IMPSetIMEW
ImpersonateDdeClientWindow
InSendMessage
InSendMessageEx
InflateRect
InitializeLpkHooks
InsertMenuA
InsertMenuItemA
InsertMenuItemW
InsertMenuW
InternalGetWindowIcon
InternalGetWindowText
IntersectRect
InvalidateRect
InvalidateRgn
InvertRect
IsCharAlphaA
IsCharAlphaNumericA
IsCharAlphaNumericW
IsCharAlphaW
IsCharLowerA
IsCharLowerW
IsCharUpperA
IsCharUpperW
IsChild
IsClipboardFormatAvailable
IsDialogMessage
IsDialogMessageA
IsDialogMessageW
IsDlgButtonChecked
IsGUIThread
IsHungAppWindow
IsIconic
IsMenu
IsProcessDPIAware
IsRectEmpty
IsSETEnabled
IsServerSideWindow
IsThreadDesktopComposited
IsTopLevelWindow
IsTouchWindow
IsWinEventHookInstalled
IsWindow
IsWindowEnabled
IsWindowInDestroy
IsWindowRedirectedForPrint
IsWindowUnicode
IsWindowVisible
IsWow64Message
IsZoomed
KillTimer
LoadAcceleratorsA
LoadAcceleratorsW
LoadBitmapA
LoadBitmapW
LoadCursorA
LoadCursorFromFileA
LoadCursorFromFileW
LoadCursorW
LoadIconA
LoadIconW
LoadImageA
LoadImageW
LoadKeyboardLayoutA
LoadKeyboardLayoutEx
LoadKeyboardLayoutW
LoadLocalFonts
Sections
.text Size: 435KB - Virtual size: 434KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: 4KB - Virtual size: 3KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 361KB - Virtual size: 360KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 12KB - Virtual size: 12KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ