api-ms-win-downlevel-user32-l1-1-0[.]dll | Triage

Sharing

Copy URL Twitter E-mail

General

Target

api-ms-win-downlevel-user32-l1-1-0.dll
Size

4KB
MD5

589cbc4989f750e1da35625ab481cf43
SHA1

3b324b865b6693c5093dd0902031618d8ea480ef
SHA256

b93e1b8c3775f9c995fd5451c685a06defd24ae1df0dd99d19d5e4b9ac0010f9
SHA512

a203c3c4bfa81721d4657b3bb8267fb97dba77c9c21ad35e8cc5b98dba0872fa5c2274ae75b87fd59b04fe7221589f89c13d2b64d8fb09125ab2d06310aecc2f

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
api-ms-win-downlevel-user32-l1-1-0.dll

Files

api-ms-win-downlevel-user32-l1-1-0.dll
.dll windows:6 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

api-ms-win-downlevel-user32-l1-1-0.pdb

Exports

Exports

CharLowerA
CharLowerBuffA
CharLowerBuffW
CharLowerW
CharNextA
CharNextExA
CharNextW
CharPrevA
CharPrevExA
CharPrevW
CharUpperA
CharUpperBuffA
CharUpperBuffW
CharUpperW
IsCharAlphaA
IsCharAlphaNumericA
IsCharAlphaNumericW
IsCharAlphaW
IsCharLowerA
IsCharLowerW
IsCharUpperA
IsCharUpperW

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1016B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 26B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ