mfc70u[.]dll | Triage

Sharing

Copy URL

Twitter E-mail

General

Target

mfc70u.dll
Size

942KB
MD5

c39dec838a5628de50d477e40359b5b7
SHA1

2299530a02d74c68e91918e47b799346ea587c92
SHA256

06c4e3f14510161db7958c1634d745a568d874612f9c7ebd60046f0bd0c7a62d
SHA512

ec3ecd50a01016f5ddec3ff6982aa08f1f196ad307097fad712b0f0c03f18d7fa11304a864d8fb923a7cc6084e5f5bbeade082878f0facb9e9c78acee2e07c4b
SSDEEP

12288:2stayiQvBTChIIlAvWLOaNymt0bcWiHkr3nAoFjgXL78Cng:2OaydTChIIevWxyANoSJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
mfc70u.dll

Files

mfc70u.dll
.dll windows:4 windows x86 arch:x86

dc42555328384e8b23332ec0794fa434

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

mfc70u.pdb

Imports

gdi32

CreateDCW
OffsetRgn
SetBrushOrgEx
GetRgnBox
CreateMetaFileW
CopyMetaFileW
Ellipse
LPtoDP
CreateEllipticRgn
EndDoc
AbortDoc
SetAbortProc
EndPage
StartPage
DPtoLP
GetMapMode
CombineRgn
SetRectRgn
CreateHatchBrush
CreateSolidBrush
ExtCreatePen
PlayMetaFile
EnumMetaFile
GetObjectType
PlayMetaFileRecord
SelectPalette
CreateDIBPatternBrushPt
ExtSelectClipRgn
PolyBezierTo
PolylineTo
PolyDraw
ArcTo
OffsetWindowOrgEx
StartDocW
GetPixel
SelectClipPath
CreateRectRgn
GetClipRgn
SelectClipRgn
SetColorAdjustment
SetArcDirection
SetMapperFlags
SetTextCharacterExtra
SetTextJustification
SetTextAlign
LineTo
OffsetClipRgn
ExcludeClipRect
SetStretchBltMode
SetROP2
SetPolyFillMode
SetBkMode
MoveToEx
BitBlt
CreateRectRgnIndirect
UnrealizeObject
CreateBitmap
CreatePatternBrush
CreatePen
PatBlt
Rectangle
TextOutW
DeleteMetaFile
CloseMetaFile
ScaleWindowExtEx
ScaleViewportExtEx
IntersectClipRect
GetDeviceCaps
SetMapMode
SetWindowExtEx
SetViewportExtEx
OffsetViewportOrgEx
GetViewportOrgEx
SetViewportOrgEx
GetWindowOrgEx
SetWindowOrgEx
ExtTextOutW
GetTextExtentPoint32A
CreateFontIndirectW
GetWindowExtEx
GetViewportExtEx
GetTextFaceW
GetTextAlign
RectVisible
PtVisible
GetTextColor
GetStretchBltMode
GetROP2
GetPolyFillMode
GetBkMode
Escape
GetNearestColor
SaveDC
RestoreDC
GetStockObject
GetTextExtentPoint32W
GetTextMetricsW
CreateFontW
GetCharWidthW
DeleteObject
SelectObject
StretchDIBits
DeleteDC
GetBkColor
CreateCompatibleDC
CreateCompatibleBitmap
GetObjectW
SetBkColor
SetTextColor
GetClipBox
GetCurrentPositionEx

kernel32

GetCurrentProcess
lstrcpyW
FindClose
FindFirstFileW
GetVolumeInformationW
GetFullPathNameW
CreateFileW
GetShortPathNameW
GetModuleFileNameW
DuplicateHandle
LoadLibraryW
GlobalSize
GlobalLock
GlobalAlloc
GlobalReAlloc
GlobalUnlock
GlobalFree
FileTimeToSystemTime
FileTimeToLocalFileTime
LocalFileTimeToFileTime
SystemTimeToFileTime
SetFileTime
SetFileAttributesW
GetFileAttributesW
GetFileTime
InterlockedDecrement
LocalAlloc
LocalFree
LeaveCriticalSection
GlobalHandle
EnterCriticalSection
TlsGetValue
InitializeCriticalSection
TlsAlloc
TlsSetValue
LocalReAlloc
DeleteCriticalSection
TlsFree
WaitForSingleObject
CreateSemaphoreW
ReleaseSemaphore
CreateMutexW
ReleaseMutex
CreateEventW
WaitForMultipleObjects
GetVersionExA
GetModuleHandleW
lstrcmpW
lstrcatW
FreeLibrary
LoadLibraryA
GlobalDeleteAtom
GlobalFindAtomW
GlobalAddAtomW
GetCurrentThreadId
FreeResource
GlobalGetAtomNameW
GetVersion
GetModuleHandleA
MulDiv
GetProfileIntW
VirtualProtect
GlobalFlags
GetTempFileNameW
GetDiskFreeSpaceW
LocalUnlock
LocalLock
SearchPathW
GetTempPathW
SetThreadPriority
ResumeThread
SetEvent
SuspendThread
GetLocaleInfoW
EnumResourceLanguagesW
ConvertDefaultLocale
lstrcmpiA
GetCurrentThread
SetErrorMode
GetPrivateProfileIntW
WritePrivateProfileStringW
GetPrivateProfileStringW
GetCurrentDirectoryW
InterlockedIncrement
FormatMessageW
FindNextFileW
GetTickCount
CopyFileW
GetUserDefaultLCID
IsDBCSLeadByte
lstrcpyA
GetSystemTime
ExitProcess
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
CloseHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
lstrcmpiW
GetStringTypeExW
DeleteFileW
MoveFileW
FindResourceW
LoadResource
LockResource
SizeofResource
lstrlenA
lstrcmpA
WideCharToMultiByte
MultiByteToWideChar
lstrlenW
IsBadReadPtr
IsBadWritePtr
IsBadStringPtrA
GetLastError
SetLastError
lstrcpynW
GetVersionExW
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
RaiseException
GetProcAddress

msvcr70

_adjust_fdiv
_initterm
_except_handler3
_onexit
__dllonexit
?terminate@@YAXXZ
__security_error_handler
??1type_info@@UAE@XZ
_mbscmp
_wcsnicmp
_wcsupr
wcsstr
_wcslwr
_itow
wcsncpy
wcscpy
_ltow
_ultow
iswdigit
ceil
labs
wcsncmp
_wsplitpath
_wfullpath
_wtol
__p___argc
__p___wargv
_beginthreadex
_endthreadex
iswspace
_wcsdup
wcscspn
wcsspn
wcspbrk
_expand
_wtoi
wcstod
wcstol
wcstoul
_vscwprintf
_wcsicmp
wcsrchr
swscanf
vswprintf
abs
calloc
_msize
wcschr
_purecall
strlen
wcscmp
_localtime64
_mktime64
realloc
fflush
fseek
ftell
fgetws
fputws
fwrite
fread
clearerr
fclose
_open_osfhandle
_fdopen
__doserrno
_get_osfhandle
memset
abort
free
malloc
memcmp
wcslen
memmove
memcpy
swprintf
_CxxThrowException
strcpy
strcmp
__CxxFrameHandler

oleacc

AccessibleObjectFromWindow
CreateStdAccessibleObject
LresultFromObject

shlwapi

PathRemoveExtensionW
PathFindExtensionW
PathIsUNCW
PathStripToRootW
PathFindFileNameW

user32

OffsetRect
SetWindowPos
SetWindowLongW
GetWindowLongW
CallWindowProcW
DefWindowProcW
SendMessageW
GetDlgCtrlID
SetWindowPlacement
UnregisterClassW
RegisterClassW
GetClassInfoW
SetScrollInfo
GetScrollInfo
DeferWindowPos
EqualRect
ScreenToClient
GetParent
AdjustWindowRectEx
GetSysColor
LoadIconW
GetMenuItemCount
GetMenuItemID
GetSubMenu
PostMessageW
GetMenu
GetClientRect
UpdateWindow
IsWindowVisible
ShowScrollBar
SetForegroundWindow
EnableWindow
GetScrollPos
SetScrollPos
GetScrollRange
SetScrollRange
GetKeyState
TrackPopupMenu
TrackPopupMenuEx
MessageBoxW
ScrollWindow
MapWindowPoints
PeekMessageW
GetMessagePos
GetMessageTime
DestroyWindow
GetTopWindow
GetDlgItem
EndDeferWindowPos
BeginDeferWindowPos
DispatchMessageW
SetActiveWindow
GetLastActivePopup
GetForegroundWindow
GetWindowTextW
GetWindowTextLengthW
IsChild
CharUpperW
IsWindow
GetFocus
SendDlgItemMessageA
SendDlgItemMessageW
RemovePropW
GetPropW
SetPropW
GetClassNameW
GetClassLongW
GetClassInfoExW
CallNextHookEx
SetWindowsHookExW
CreateWindowExW
GetCapture
WinHelpW
RegisterWindowMessageW
LoadAcceleratorsW
TranslateAcceleratorW
IsWindowEnabled
GetDesktopWindow
ShowWindow
SetMenu
BringWindowToTop
SetRectEmpty
CreatePopupMenu
InsertMenuItemW
InvalidateRect
ReleaseCapture
SetCursor
ReuseDDElParam
UnpackDDElParam
GetActiveWindow
DestroyMenu
LoadMenuW
LoadCursorW
ClientToScreen
SetCapture
IntersectRect
GetWindowThreadProcessId
GetCursorPos
TranslateMessage
GetMessageW
WaitMessage
DefFrameProcW
DefMDIChildProcW
DrawMenuBar
TranslateMDISysAccel
RedrawWindow
InflateRect
SetRect
SetTimer
KillTimer
ReleaseDC
GetDC
IsZoomed
IsRectEmpty
DeleteMenu
AppendMenuW
GetSystemMenu
SetParent
GetDCEx
LockWindowUpdate
GetTabbedTextExtentA
DrawTextW
DrawTextExW
GrayStringW
UnionRect
GetKeyNameTextW
MapVirtualKeyW
LoadBitmapW
FillRect
DrawFocusRect
EndDialog
GetNextDlgTabItem
CreateDialogIndirectParamW
GetAsyncKeyState
MapDialogRect
GetDialogBaseUnits
wvsprintfW
TabbedTextOutW
GetWindowDC
BeginPaint
EndPaint
GetMenuItemInfoW
SystemParametersInfoW
GetMenuStringW
GetSysColorBrush
SetWindowTextW
CheckDlgButton
CheckRadioButton
GetDlgItemInt
GetDlgItemTextW
SetDlgItemInt
SetDlgItemTextW
IsDlgButtonChecked
IsDialogMessageW
MoveWindow
ScrollWindowEx
GetMenuCheckMarkDimensions
CheckMenuItem
EnableMenuItem
GetMenuState
ModifyMenuW
SetMenuItemBitmaps
DestroyIcon
DestroyCursor
SetCursorPos
FindWindowW
DrawIcon
SetWindowRgn
IsClipboardFormatAvailable
MessageBeep
GetTabbedTextExtentW
RemoveMenu
ValidateRect
PostQuitMessage
ShowOwnedPopups
InsertMenuW
RegisterClipboardFormatW
SendNotifyMessageW
CopyAcceleratorTableW
InSendMessage
PostThreadMessageW
CreateMenu
WindowFromDC
CountClipboardFormats
SetWindowContextHelpId
CharNextW
InvalidateRgn
GetNextDlgGroupItem
ClipCursor
DrawEdge
EnumChildWindows
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetWindowRect
PtInRect
CopyRect
GetWindow
MsgWaitForMultipleObjects
WindowFromPoint
UnhookWindowsHookEx
GetSystemMetrics
wsprintfW
SetFocus

Sections

.text
Size: 794KB - Virtual size: 793KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 42KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 45KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 59KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

dc42555328384e8b23332ec0794fa434

Headers

File Characteristics

PDB Paths

Imports

gdi32

kernel32

msvcr70

oleacc

shlwapi

user32

Sections

.text Size: 794KB - Virtual size: 793KB

.data Size: 42KB - Virtual size: 42KB

.rsrc Size: 45KB - Virtual size: 45KB

.reloc Size: 59KB - Virtual size: 59KB

.text
Size: 794KB - Virtual size: 793KB

.data
Size: 42KB - Virtual size: 42KB

.rsrc
Size: 45KB - Virtual size: 45KB

.reloc
Size: 59KB - Virtual size: 59KB