fvecerts[.]dll

Sharing

Copy URL Twitter E-mail

General

Target

fvecerts.dll
Size

21KB
MD5

0a7a122b841848699544e5d776528500
SHA1

57eba1988e0584fb2d7fa486c27ab325d00365b8
SHA256

07f3cee75671bb5b12412ad2c6961fe2f2a312b330162404576ca299cb48bf9d
SHA512

cd425d39400a5951b831ca5b835fed3d8380e5f36485873d72ce12089e823bdb1a206a4cab02267edba25566193e42d734364c68cd7cf8a05bd20d2f29b553e9
SSDEEP

384:vJXFN1TP/n2wo6l74E5qZefV/sn5+GY9+J/gAa145WVxsQiWQvW:B1TP/2kl74EGqG5p7o45EsQU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fvecerts.dll

Files

fvecerts.dll
.dll windows:10 windows x86 arch:x86

3bd93c5c357a5d030f4714b41feb9124

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

fvecerts.pdb

Imports

msvcrt

_except_handler4_common
memcpy
_XcptFilter
_initterm
malloc
free
_amsg_exit
memcmp
memset

crypt32

CertGetIntendedKeyUsage
CryptStringToBinaryW
CryptQueryObject
CertGetCertificateChain
PFXExportCertStoreEx
CertAddCertificateContextToStore
CertOpenStore
CertCloseStore
CertFreeCertificateContext
CertFreeCertificateChain
CryptImportPublicKeyInfoEx2
CertFindCertificateInStore
CryptMsgClose
CryptAcquireCertificatePrivateKey
CryptMsgGetParam
CryptMsgUpdate
CryptMsgOpenToEncode
CertSetCertificateContextProperty
CertCreateSelfSignCertificate
CertStrToNameW
CertFreeCertificateChainList
CertAddCertificateLinkToStore
CertSelectCertificateChains
PFXIsPFXBlob
PFXImportCertStore
CertEnumCertificatesInStore
CertGetCertificateContextProperty

api-ms-win-core-errorhandling-l1-1-0

UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetLastError

api-ms-win-core-registry-l1-1-0

RegGetValueW
RegGetValueA

api-ms-win-core-string-l1-1-0

WideCharToMultiByte

api-ms-win-core-heap-l1-1-0

HeapSize
HeapFree
GetProcessHeap
HeapAlloc

api-ms-win-core-file-l1-1-0

CreateFileW
GetFileType
CreateDirectoryW
ReadFile
GetFileSizeEx
SetFileAttributesW
WriteFile

api-ms-win-core-handle-l1-1-0

CloseHandle

api-ms-win-core-synch-l1-2-0

Sleep

api-ms-win-core-profile-l1-1-0

QueryPerformanceCounter

api-ms-win-core-processthreads-l1-1-0

GetCurrentProcess
TerminateProcess
GetCurrentProcessId
GetCurrentThreadId

api-ms-win-core-sysinfo-l1-1-0

GetSystemTimeAsFileTime
GetTickCount

api-ms-win-core-delayload-l1-1-1

ResolveDelayLoadedAPI

api-ms-win-core-delayload-l1-1-0

DelayLoadFailureHook

Exports

Exports

FveCertCanCertificateBeAdded
FveCertCreateCertInfo
FveCertCreateSelfSignedCertificate
FveCertFilterForValidCertificates
FveCertFindValidCertificates
FveCertFreeCertInfo
FveCertGetCertContextFromCert
FveCertGetCertContextFromPfx
FveCertGetCertHashFromCertContext
FveCertGetPrivateKeyHandle
FveCertGetPublicKeyHandle
FveCertIsAlternateCert
FveCertIsValidCertInfo
FveCertSignData
FveCertWritePfxFromCertContext

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 916B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.didat
Size: 512B - Virtual size: 72B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 844B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3bd93c5c357a5d030f4714b41feb9124

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

msvcrt

crypt32

api-ms-win-core-errorhandling-l1-1-0

api-ms-win-core-registry-l1-1-0

api-ms-win-core-string-l1-1-0

api-ms-win-core-heap-l1-1-0

api-ms-win-core-file-l1-1-0

api-ms-win-core-handle-l1-1-0

api-ms-win-core-synch-l1-2-0

api-ms-win-core-profile-l1-1-0

api-ms-win-core-processthreads-l1-1-0

api-ms-win-core-sysinfo-l1-1-0

api-ms-win-core-delayload-l1-1-1

api-ms-win-core-delayload-l1-1-0

Exports

Exports

Sections

.text Size: 13KB - Virtual size: 13KB

.data Size: 512B - Virtual size: 916B

.idata Size: 3KB - Virtual size: 2KB

.didat Size: 512B - Virtual size: 72B

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 1024B - Virtual size: 844B

.text
Size: 13KB - Virtual size: 13KB

.data
Size: 512B - Virtual size: 916B

.idata
Size: 3KB - Virtual size: 2KB

.didat
Size: 512B - Virtual size: 72B

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 1024B - Virtual size: 844B