SrpUxNativeSnapIn[.]dll

Sharing

Copy URL Twitter E-mail

General

Target

SrpUxNativeSnapIn.dll
Size

298KB
MD5

19344eea76f6f538b134558b7181bbf1
SHA1

8449c2b40f98ab8dabc003f15a5dc277acf2138d
SHA256

0aa1522e52add05a5b3ca1f7a468d4a5ee2c52a86c9a095029150c6299e66934
SHA512

b5716a096a9764ce09c734268363e6567ea7b1c8ef1ebdfff38aa65e60aef7f010458963f7c3ac3d2cc56a2ab90444af0972f8c51379fb1bfe0ff050e165dcab
SSDEEP

6144:xPaKE8yInq0VlGG+aPx7aCTVJd9Me4s/X5iuhYm5GG+aPx7aCTVJd9Me4s/X5iuR:tJVnzJHMed87qzJHMed87

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
SrpUxNativeSnapIn.dll

Files

SrpUxNativeSnapIn.dll
.dll windows:10 windows x86 arch:x86

d70aa3395355bfafc59aa03d72a34d29

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

SrpUxNativeSnapIn.pdb

Imports

msvcrt

_XcptFilter
_purecall
_amsg_exit
_initterm
_callnewh
malloc
_except_handler4_common
_onexit
free
__dllonexit
memmove_s
__CxxFrameHandler3
??1type_info@@UAE@XZ
_unlock
_CxxThrowException
??0exception@@QAE@ABV0@@Z
??0exception@@QAE@ABQBD@Z
??0exception@@QAE@XZ
??1exception@@UAE@XZ
?what@exception@@UBEPBDXZ
memcpy_s
_lock
__RTDynamicCast
memset

api-ms-win-core-com-l1-1-1

CoCreateInstance
CreateStreamOnHGlobal
CoTaskMemFree
StringFromCLSID
CoTaskMemAlloc

api-ms-win-core-libraryloader-l1-2-0

FreeResource
LoadStringW

api-ms-win-core-heap-l1-2-0

HeapAlloc
HeapFree
GetProcessHeap

api-ms-win-core-heap-l2-1-0

GlobalFree
GlobalAlloc

rpcrt4

RpcStringFreeW
UuidToStringW

api-ms-win-core-errorhandling-l1-1-1

SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetLastError

api-ms-win-core-synch-l1-2-0

Sleep

api-ms-win-core-profile-l1-1-0

QueryPerformanceCounter

api-ms-win-core-processthreads-l1-1-2

GetCurrentThreadId
GetCurrentProcessId
GetCurrentProcess
TerminateProcess

api-ms-win-core-sysinfo-l1-2-1

GetTickCount
GetSystemTimeAsFileTime

kernel32

lstrlenW

user32

LoadIconW
RegisterClipboardFormatW
LoadBitmapW
LoadImageW

Exports

Exports

DllCanUnloadNow
DllGetClassObject

Sections

.text
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 268KB - Virtual size: 268KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d70aa3395355bfafc59aa03d72a34d29

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

msvcrt

api-ms-win-core-com-l1-1-1

api-ms-win-core-libraryloader-l1-2-0

api-ms-win-core-heap-l1-2-0

api-ms-win-core-heap-l2-1-0

rpcrt4

api-ms-win-core-errorhandling-l1-1-1

api-ms-win-core-synch-l1-2-0

api-ms-win-core-profile-l1-1-0

api-ms-win-core-processthreads-l1-1-2

api-ms-win-core-sysinfo-l1-2-1

kernel32

user32

Exports

Exports

Sections

.text Size: 23KB - Virtual size: 22KB

.data Size: 1024B - Virtual size: 5KB

.idata Size: 2KB - Virtual size: 2KB

.rsrc Size: 268KB - Virtual size: 268KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 23KB - Virtual size: 22KB

.data
Size: 1024B - Virtual size: 5KB

.idata
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 268KB - Virtual size: 268KB

.reloc
Size: 2KB - Virtual size: 1KB