dot3ui[.]dll | Triage

Sharing

Copy URL

Twitter E-mail

General

Target

dot3ui.dll
Size

326KB
MD5

8fbe98499adc541c63bb10b722da00d4
SHA1

a558e7b61b27cfc20569bbc1ddc33a5e9f541cb8
SHA256

a3b5e0722576ace99b8537458bcae2147df09520caf11138a8a5e87c041b18c6
SHA512

a97813d6e3ae35f1dcde0f8fe99247ca9918a8a675059ea46720c50ff80a51ae759146a9c36aa2a16205472cda48af843ead99bddd6431dc79bc13620ce4e354
SSDEEP

6144:9aH7jRyRt7h5wHj0vzGNo+13i3YaO70avg24In4vIMc8oIACENB/QN6MS:cbjc7Tcj5o+1S3YaO70avg24InscDB/y

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dot3ui.dll

Files

dot3ui.dll
.dll windows:6 windows x86 arch:x86

2371bc17f746bc838b7dd8969737bee4

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

dot3ui.pdb

Imports

msvcrt

??1type_info@@UAE@XZ
__CxxFrameHandler3
_onexit
_lock
__dllonexit
_unlock
_errno
realloc
_except_handler4_common
_endthreadex
_beginthreadex
??0exception@@QAE@ABQBD@Z
_itow
_amsg_exit
_initterm
_XcptFilter
_callnewh
_CxxThrowException
??0exception@@QAE@ABV0@@Z
??1exception@@UAE@XZ
?what@exception@@UBEPBDXZ
??0exception@@QAE@XZ
memmove_s
_ftol2
_CIlog
_ftol2_sse
memcpy
_purecall
memset
wcsncpy_s
memcpy_s
free
malloc

api-ms-win-core-localregistry-l1-1-0

RegSetValueExW
RegCloseKey
RegCreateKeyExW
RegOpenKeyExW
RegDeleteValueW
RegQueryInfoKeyW
RegEnumKeyExW

gdi32

GetTextExtentPoint32W
SetBkMode
SetTextColor
DeleteObject
SelectObject
Rectangle
GetStockObject
CreateSolidBrush
GetDeviceCaps

user32

UnregisterClassA
CheckDlgButton
CheckRadioButton
IsDlgButtonChecked
MessageBoxW
SetClassLongW
IsWindowVisible
LoadIconW
GetSysColor
DrawTextW
DrawIcon
InvalidateRect
PostMessageW
ShowWindow
EnableWindow
IsWindowEnabled
GetDlgItem
EndPaint
BeginPaint
GetWindowLongW
SetWindowLongW
GetDC
ReleaseDC
GetWindowRect
GetSystemMetrics
SendMessageW
GetDlgCtrlID
GetParent
GetDlgItemInt
SetDlgItemInt
CharNextW
MoveWindow
GetWindowInfo
EnumChildWindows
MsgWaitForMultipleObjects
DispatchMessageW
PeekMessageW
TranslateMessage
GetMessageW
SystemParametersInfoW
GetKeyState
SetTimer
GetLastInputInfo
KillTimer
SetFocus
LoadStringW
SetWindowTextW

dot3api

Dot3QueryAutoConfigParameter
Dot3FreeMemory
Dot3GetCurrentProfile
Dot3GetProfileEapUserDataInfo
Dot3SetProfile
Dot3ReasonCodeToString
Dot3SetProfileEapUserData
Dot3CloseHandle
Dot3OpenHandle

kernel32

CloseHandle
GetSystemWindowsDirectoryW
DeactivateActCtx
lstrcmpW
SetLastError
GetVersionExA
InterlockedExchange
Sleep
QueryPerformanceCounter
ReleaseActCtx
LoadLibraryExA
InterlockedCompareExchange
DelayLoadFailureHook
HeapAlloc
HeapFree
GetProcessHeap
LockResource
GetModuleFileNameW
LoadLibraryExW
FindResourceW
LoadResource
SizeofResource
MultiByteToWideChar
FreeLibrary
lstrcmpiW
GetModuleHandleW
GetProcAddress
LoadLibraryW
InterlockedDecrement
InterlockedIncrement
GetLastError
LeaveCriticalSection
EnterCriticalSection
lstrlenW
GetTickCount
DeleteCriticalSection
InitializeCriticalSection
RaiseException
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
ActivateActCtx
OutputDebugStringA
CreateActCtxW

ntdll

EtwTraceMessage

Exports

Exports

Dot3CreatePsPage

Sections

.text
Size: 159KB - Virtual size: 159KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 156KB - Virtual size: 156KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2371bc17f746bc838b7dd8969737bee4

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

msvcrt

api-ms-win-core-localregistry-l1-1-0

gdi32

user32

dot3api

kernel32

ntdll

Exports

Exports

Sections

.text Size: 159KB - Virtual size: 159KB

.data Size: 2KB - Virtual size: 3KB

.rsrc Size: 156KB - Virtual size: 156KB

.reloc Size: 7KB - Virtual size: 6KB

.text
Size: 159KB - Virtual size: 159KB

.data
Size: 2KB - Virtual size: 3KB

.rsrc
Size: 156KB - Virtual size: 156KB

.reloc
Size: 7KB - Virtual size: 6KB