dskquoui[.]dll

Sharing

Copy URL

Twitter E-mail

General

Target

dskquoui.dll
Size

185KB
MD5

26a6465358dabad210d857b60877dd93
SHA1

b40116dcc5668f9e3ac6fb5e29abebafaabafda0
SHA256

5926c8944d94782c420d9039660771ca83765f751f20198739e74329dba2acc9
SHA512

686fd0508f019ef9e36685a6e61f6b6093539b1a863dc508e5ff7bb0bdfd43c3c3c7575d3848996d69e5be4e5a6e423e855aa4cf7c20491f95779e43bb5a12ad
SSDEEP

3072:SeJBynLxPazkW2WK0GrQ/EKkSCwL0Yt6OR2DL/DkSnhzSnh16f:SkynLxCzd2QGXKk9wQYEg2DDDnWe

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dskquoui.dll

Files

dskquoui.dll
.dll windows:10 windows x86 arch:x86

b77b2960ce3e962e361e9b9189e7d9a7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

dskquoui.pdb

Imports

msvcrt

memcpy
__CxxFrameHandler3
memmove
_except_handler4_common
??1type_info@@UAE@XZ
_onexit
__dllonexit
_unlock
_lock
?terminate@@YAXXZ
_initterm
malloc
free
_amsg_exit
_XcptFilter
_vsnprintf
_purecall
_vsnprintf_s
??0exception@@QAE@ABV0@@Z
??0exception@@QAE@XZ
??1exception@@UAE@XZ
memcpy_s
_vsnwprintf
_CxxThrowException
memset

shell32

SHFileOperationW
SHGetPathFromIDListW
SHBrowseForFolderW
SHGetMalloc
DragQueryFileW
SHGetSpecialFolderLocation
ShellAboutW
SHGetDesktopFolder

shlwapi

PathRemoveFileSpecW
PathSkipRootW
PathStripToRootW
StrCmpNW
StrRetToBufW
PathIsUNCW
PathIsRootW
ord158
ord219
PathAddBackslashW
SHGetValueW
PathFindFileNameW
PathAppendW

api-ms-win-core-libraryloader-l1-2-0

LoadStringW
GetModuleFileNameA
LoadLibraryExW
DisableThreadLibraryCalls
GetModuleHandleW
GetModuleFileNameW
GetModuleHandleExW
GetProcAddress

api-ms-win-core-synch-l1-1-0

InitializeCriticalSectionAndSpinCount
ReleaseSemaphore
DeleteCriticalSection
EnterCriticalSection
AcquireSRWLockExclusive
ReleaseSRWLockExclusive
WaitForSingleObjectEx
LeaveCriticalSection
ReleaseMutex
CreateSemaphoreExW
CreateMutexExW
OpenSemaphoreW
WaitForSingleObject

api-ms-win-core-heap-l1-1-0

GetProcessHeap
HeapAlloc
HeapFree

api-ms-win-core-errorhandling-l1-1-0

UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetLastError
SetLastError

api-ms-win-core-processthreads-l1-1-0

GetCurrentProcessId
CreateThread
GetCurrentThreadId
GetCurrentThread
OpenProcessToken
GetCurrentProcess
TerminateProcess
OpenThreadToken

api-ms-win-core-localization-l1-2-0

GetUserPreferredUILanguages
GetThreadLocale
FormatMessageW
GetLocaleInfoEx
GetLocaleInfoW

api-ms-win-core-debug-l1-1-0

DebugBreak
IsDebuggerPresent
OutputDebugStringW

api-ms-win-core-handle-l1-1-0

CloseHandle

api-ms-win-core-file-l1-1-0

CreateFileW
GetVolumeInformationW
GetFileAttributesW
GetFileSize
GetDiskFreeSpaceW

api-ms-win-core-com-l1-1-0

CoLockObjectExternal
CreateStreamOnHGlobal
GetHGlobalFromStream
StringFromGUID2
CoCreateInstance

api-ms-win-core-string-l2-1-0

IsCharAlphaNumericW
IsCharAlphaW
CharUpperW
CharNextW

api-ms-win-core-heap-l2-1-0

LocalFree
LocalAlloc

api-ms-win-core-string-l1-1-0

WideCharToMultiByte
CompareStringW

api-ms-win-core-synch-l1-2-0

SleepConditionVariableSRW
WakeAllConditionVariable
Sleep

api-ms-win-security-base-l1-1-0

SetFileSecurityW
InitializeSecurityDescriptor
IsValidSid
FreeSid
CopySid
GetLengthSid
AllocateAndInitializeSid
SetSecurityDescriptorOwner
GetTokenInformation
EqualSid

api-ms-win-core-file-l1-2-0

GetVolumeNameForVolumeMountPointW

api-ms-win-core-profile-l1-1-0

QueryPerformanceCounter

api-ms-win-core-sysinfo-l1-1-0

GetSystemTimeAsFileTime
GetTickCount

api-ms-win-security-sddl-l1-1-0

ConvertSidToStringSidW

api-ms-win-core-registry-l1-1-0

RegCreateKeyExW
RegOpenKeyExW
RegSetValueExW
RegQueryValueExW
RegCloseKey

api-ms-win-core-memory-l1-1-0

CreateFileMappingW
UnmapViewOfFile
MapViewOfFile

gdi32

GetDeviceCaps
GetTextMetricsW

kernel32

ReleaseActCtx
CreateActCtxW
lstrcmpW
ActivateActCtx
lstrcmpiW
lstrlenA
lstrlenW
DeactivateActCtx
CheckElevationEnabled
GlobalUnlock
GlobalLock

ntdll

NtQueryVolumeInformationFile
NtClose
NtQueryInformationFile
RtlDosPathNameToNtPathName_U
RtlInitUnicodeString
NtCreateFile
RtlFreeHeap
NtFsControlFile

ole32

OleFlushClipboard
ReleaseStgMedium
OleUninitialize
OleIsCurrentClipboard
RegisterDragDrop
RevokeDragDrop
OleSetClipboard
DoDragDrop
StgCreateDocfile
StgIsStorageFile
CoGetObject
StgOpenStorage
OleInitialize

user32

GetWindowRect
PtInRect
LoadMenuW
GetSubMenu
SetMenuDefaultItem
CallWindowProcW
TrackPopupMenu
DestroyMenu
DefWindowProcW
LoadAcceleratorsW
SetWindowPos
DestroyWindow
MoveWindow
InvalidateRect
ShowWindow
DestroyIcon
EnableWindow
EnableMenuItem
GetWindowTextW
GetMenu
CheckMenuItem
GetTopWindow
GetWindow
GetClassNameW
GetClientRect
ReleaseDC
IsWindowEnabled
SetWindowTextW
GetWindowTextLengthW
ClientToScreen
GetDC
RegisterClassExW
SendMessageTimeoutW
DispatchMessageW
TranslateMessage
TranslateAcceleratorW
DialogBoxParamW
GetMessageW
CreateDialogParamW
PostMessageW
UpdateWindow
CreateWindowExW
MessageBeep
GetParent
GetDlgItemTextW
GetSystemMetrics
MessageBoxW
SetForegroundWindow
FindWindowW
IsWindowVisible
IsDlgButtonChecked
SetFocus
EndDialog
GetDlgItem
SetDlgItemTextW
CheckDlgButton
GetDesktopWindow
SetWindowLongW
GetWindowLongW
LoadIconW
KillTimer
SetTimer
RegisterClipboardFormatW
ShowCursor
LoadCursorW
SetCursor
SendMessageW
IsDialogMessageW
DrawTextW
SendDlgItemMessageW
PeekMessageW

Exports

Exports

DllCanUnloadNow
DllGetClassObject

Sections

.text
Size: 108KB - Virtual size: 108KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 60KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b77b2960ce3e962e361e9b9189e7d9a7

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

msvcrt

shell32

shlwapi

api-ms-win-core-libraryloader-l1-2-0

api-ms-win-core-synch-l1-1-0

api-ms-win-core-heap-l1-1-0

api-ms-win-core-errorhandling-l1-1-0

api-ms-win-core-processthreads-l1-1-0

api-ms-win-core-localization-l1-2-0

api-ms-win-core-debug-l1-1-0

api-ms-win-core-handle-l1-1-0

api-ms-win-core-file-l1-1-0

api-ms-win-core-com-l1-1-0

api-ms-win-core-string-l2-1-0

api-ms-win-core-heap-l2-1-0

api-ms-win-core-string-l1-1-0

api-ms-win-core-synch-l1-2-0

api-ms-win-security-base-l1-1-0

api-ms-win-core-file-l1-2-0

api-ms-win-core-profile-l1-1-0

api-ms-win-core-sysinfo-l1-1-0

api-ms-win-security-sddl-l1-1-0

api-ms-win-core-registry-l1-1-0

api-ms-win-core-memory-l1-1-0

gdi32

kernel32

ntdll

ole32

user32

Exports

Exports

Sections

.text Size: 108KB - Virtual size: 108KB

.data Size: 512B - Virtual size: 1KB

.idata Size: 8KB - Virtual size: 7KB

.rsrc Size: 60KB - Virtual size: 59KB

.reloc Size: 7KB - Virtual size: 6KB

.text
Size: 108KB - Virtual size: 108KB

.data
Size: 512B - Virtual size: 1KB

.idata
Size: 8KB - Virtual size: 7KB

.rsrc
Size: 60KB - Virtual size: 59KB

.reloc
Size: 7KB - Virtual size: 6KB