UserAccountControlSettings[.]dll

Sharing

Copy URL

Twitter E-mail

General

Target

UserAccountControlSettings.dll
Size

77KB
MD5

aca1f50844e08f3f5178e8ff3f21fbc2
SHA1

3234f37ce08e59b4aa53b5e3d8833ff825af57f0
SHA256

b49a24feb398e1f5eda6419ffc002fb9bd118282fa0e012924c5442cd9e80dfa
SHA512

563c3d462cfa5ac3220b46ff8938c8b823227a92ea51d3aa4708b26f2f45316eb9302f9cd6bdb8b49a4110b670adf18afed562d90e9eaebf9cb7790af83e920b
SSDEEP

1536:1EHbpT5Tg0/DiZN5YF9g93HcVvgfJsJ6fKipmEtqWho/gpNM0W+7lQzwi3zs0xL+:1EHbhq0/DG5YF9S3c7IcCLs7O

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
UserAccountControlSettings.dll

Files

UserAccountControlSettings.dll
.dll windows:6 windows x86 arch:x86

1924b5bc9aeacd605f42cbf458a71ea6

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

UserAccountControlSettings.pdb

Imports

msvcrt

memcpy
??2@YAPAXI@Z
memset
??3@YAXPAX@Z
_XcptFilter
free
_initterm
_amsg_exit
malloc
_except_handler4_common

kernel32

GetSystemTimeAsFileTime
InterlockedIncrement
InterlockedDecrement
GetLastError
GetExitCodeProcess
WaitForSingleObject
CloseHandle
ExpandEnvironmentStringsW
FreeLibrary
LoadLibraryExW
GetCurrentProcess
DisableThreadLibraryCalls
HeapAlloc
GetProcessHeap
HeapFree
CloseThreadpoolWait
WaitForThreadpoolWaitCallbacks
SubmitThreadpoolWork
SetThreadpoolWait
CloseThreadpoolWork
CreateThreadpoolWait
CreateThreadpoolWork
CreateEventW
MulDiv
lstrlenW
LocalFree
CheckElevationEnabled
DelayLoadFailureHook
GetProcAddress
InterlockedCompareExchange
LoadLibraryExA
InterlockedExchange
Sleep
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetModuleFileNameW
DeactivateActCtx
FindResourceExW
LoadResource
ActivateActCtx
ReleaseActCtx
LockResource
GetThreadUILanguage
GetLocaleInfoW
LocalAlloc
CreateActCtxW
LoadLibraryW
GetModuleHandleW

user32

ReleaseDC
SetCursor
LoadCursorW
SetProcessDPIAware
SetForegroundWindow
LoadStringW
SystemParametersInfoW
GetAncestor
SendMessageW
GetDC
IsProcessDPIAware

shell32

ord155
SHBindToObject
ord25
ord18
SHParseDisplayName
ShellExecuteExW
ord893

advapi32

RegNotifyChangeKeyValue
RegCloseKey
RegOpenKeyExW
OpenProcessToken

ole32

CoAllowSetForegroundWindow
CoUninitialize
CoCreateInstance
OleInitialize
OleUninitialize
CoInitializeEx

ntdll

WinSqmAddToStream
NtQueryInformationToken

gdi32

GetDeviceCaps

Exports

Exports

DllCanUnloadNow
DllGetClassObject

Sections

.text
Size: 51KB - Virtual size: 50KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1924b5bc9aeacd605f42cbf458a71ea6

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

msvcrt

kernel32

user32

shell32

advapi32

ole32

ntdll

gdi32

Exports

Exports

Sections

.text Size: 51KB - Virtual size: 50KB

.data Size: 1KB - Virtual size: 2KB

.rsrc Size: 18KB - Virtual size: 18KB

.reloc Size: 5KB - Virtual size: 4KB

.text
Size: 51KB - Virtual size: 50KB

.data
Size: 1KB - Virtual size: 2KB

.rsrc
Size: 18KB - Virtual size: 18KB

.reloc
Size: 5KB - Virtual size: 4KB