DeviceDisplayStatusManager[.]dll

Sharing

Copy URL Twitter E-mail

General

Target

DeviceDisplayStatusManager.dll
Size

29KB
MD5

d2cfe5ce281733e4eff0227306d6538c
SHA1

391818dc9e4771f2fc605c9c6b7142be1b7dd050
SHA256

cecdd6872aa6e35872e3eb602f4e1c14c4aa7e515d2165cd824c3202ce418f92
SHA512

9259225b4cc6cec90a406092c06514794bd1851a2247c997b33a0f590f947f60dd8c4a4bcdb0adbd359271951bd1e1ae48b44fc1503f4d4a6641c352e90d72e6
SSDEEP

384:T2u8M7AqQXuftQmIhGDQBMLJ1dJK0fofU0dPDMTrTdPpYOYWI5huBAC+5/Cua6+O:T2CAqKuqhGcBP+oNxD4fLkuBItZlgU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
DeviceDisplayStatusManager.dll

Files

DeviceDisplayStatusManager.dll
.dll windows:10 windows x86 arch:x86

70f2e143a6a25fa657621e61d76815ab

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

DeviceDisplayStatusManager.pdb

Imports

msvcrt

qsort
_initterm
_amsg_exit
_callnewh
malloc
_purecall
__CxxFrameHandler3
_vsnwprintf
_lock
memcpy
_except_handler4_common
_wcsicmp
_onexit
free
wcsncmp
__dllonexit
_XcptFilter
_unlock
memset

api-ms-win-core-winrt-error-l1-1-0

RoOriginateError

api-ms-win-eventing-classicprovider-l1-1-0

RegisterTraceGuidsW
GetTraceEnableFlags
TraceMessage
UnregisterTraceGuids
GetTraceLoggerHandle
GetTraceEnableLevel

api-ms-win-core-libraryloader-l1-2-0

DisableThreadLibraryCalls

api-ms-win-core-util-l1-1-0

DecodePointer
EncodePointer

api-ms-win-core-synch-l1-1-0

ReleaseSRWLockShared
AcquireSRWLockShared
ReleaseSRWLockExclusive
InitializeSRWLock
AcquireSRWLockExclusive

api-ms-win-core-synch-l1-2-0

Sleep
InitOnceExecuteOnce

api-ms-win-core-com-l1-1-0

CLSIDFromString
StringFromGUID2
CoTaskMemFree
IIDFromString
CoTaskMemAlloc
CoCreateInstance
PropVariantClear

api-ms-win-core-registry-l1-1-0

RegEnumKeyExW
RegGetValueW
RegCloseKey
RegQueryValueExW
RegOpenKeyExW

api-ms-win-core-profile-l1-1-0

QueryPerformanceCounter

api-ms-win-core-processthreads-l1-1-0

GetCurrentThreadId
GetCurrentProcessId
TerminateProcess
GetCurrentProcess

api-ms-win-core-sysinfo-l1-1-0

GetTickCount
GetSystemTimeAsFileTime

api-ms-win-core-errorhandling-l1-1-0

SetUnhandledExceptionFilter
UnhandledExceptionFilter

propsys

PSGetPropertyDescriptionListFromString

Exports

Exports

DllCanUnloadNow
DllGetClassObject

Sections

.text
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 936B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

70f2e143a6a25fa657621e61d76815ab

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

msvcrt

api-ms-win-core-winrt-error-l1-1-0

api-ms-win-eventing-classicprovider-l1-1-0

api-ms-win-core-libraryloader-l1-2-0

api-ms-win-core-util-l1-1-0

api-ms-win-core-synch-l1-1-0

api-ms-win-core-synch-l1-2-0

api-ms-win-core-com-l1-1-0

api-ms-win-core-registry-l1-1-0

api-ms-win-core-profile-l1-1-0

api-ms-win-core-processthreads-l1-1-0

api-ms-win-core-sysinfo-l1-1-0

api-ms-win-core-errorhandling-l1-1-0

propsys

Exports

Exports

Sections

.text Size: 22KB - Virtual size: 22KB

.data Size: 512B - Virtual size: 936B

.idata Size: 2KB - Virtual size: 2KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 22KB - Virtual size: 22KB

.data
Size: 512B - Virtual size: 936B

.idata
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 1KB - Virtual size: 1KB