SmartcardCredentialProvider[.]dll

Sharing

Copy URL Twitter E-mail

General

Target

SmartcardCredentialProvider.dll
Size

149KB
MD5

4bcc63ed1c3d15b2635a8ae2b854b3eb
SHA1

8ffc2ac3d287e42ba5dd613c4694281c36221c35
SHA256

4cf29b4e896996145d54263fd06358e16c3fe2cd39c3af6bcce607590c637555
SHA512

2efe7cb404b930b77f15bd859d6ba06f1d92306d66041d401772f6f1d53be88808adcb71186d2dd6e97ff8146ff23beb77cd1ba1eac0c5f629e1d2bc631ea4f7
SSDEEP

3072:dovCYJTeu5JbE9juKJ8XIjIsKiTgHzv/Q1B2Vyg27WQmo+C+3X7wkOpU3MheKKBT:uvCYJTeuDbkuKqD8nxMM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
SmartcardCredentialProvider.dll

Files

SmartcardCredentialProvider.dll
.dll windows:6 windows x86 arch:x86

4d75ccc802ba88a6c4fb39b87f075529

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

SmartcardCredentialProvider.pdb

Imports

msvcrt

_vsnprintf
towupper
_except_handler4_common
_amsg_exit
_initterm
free
malloc
_XcptFilter
memcpy
wcschr
_vsnwprintf
_stricmp
memset

ntdll

RtlInitUnicodeString
RtlNtStatusToDosError
RtlInitString
EtwUnregisterTraceGuids
EtwRegisterTraceGuidsW
EtwGetTraceLoggerHandle
EtwGetTraceEnableLevel
EtwGetTraceEnableFlags
EtwTraceMessage
RtlFreeHeap
RtlAllocateHeap
RtlImageNtHeader
RtlFreeUnicodeString
RtlInitializeCriticalSection
RtlAnsiStringToUnicodeString
RtlInitAnsiString

api-ms-win-core-localregistry-l1-1-0

RegDeleteKeyExW
RegQueryValueExW
RegOpenKeyExW
RegDeleteValueW
RegSetValueExW
RegCreateKeyExW
RegCloseKey

user32

GetThreadDesktop
SetThreadDesktop
EnumThreadWindows
GetWindowThreadProcessId
PostMessageW
LoadStringW
SendInput
LoadBitmapW

comctl32

ord386
ord328
ord329
ord335
ord334
ord344

kernel32

RegQueryValueExA
CreateThread
ResumeThread
GetTickCount64
WaitForMultipleObjects
MultiByteToWideChar
GetCurrentThread
GetSystemTime
RegOpenKeyExA
RegSetValueExA
RegCreateKeyExA
LockResource
LoadResource
FindResourceExW
LocaleNameToLCID
GetSystemDefaultLCID
GetUserDefaultLCID
SystemTimeToFileTime
FreeLibrary
GetModuleFileNameW
HeapAlloc
HeapFree
InterlockedIncrement
InterlockedDecrement
InitializeCriticalSection
InitializeCriticalSectionAndSpinCount
HeapCreate
DisableThreadLibraryCalls
HeapDestroy
DeleteCriticalSection
GetLastError
CloseHandle
UnregisterWaitEx
CancelWaitableTimer
RegisterWaitForSingleObject
SetWaitableTimer
CreateWaitableTimerW
lstrlenW
HeapReAlloc
LeaveCriticalSection
EnterCriticalSection
CompareFileTime
CreateThreadpoolCleanupGroup
CloseThreadpoolCleanupGroup
CloseThreadpoolCleanupGroupMembers
WaitForSingleObject
SetEvent
Sleep
SubmitThreadpoolWork
CreateThreadpoolWork
CreateEventW
WideCharToMultiByte
GetCurrentProcessId
GetCurrentThreadId
ResetEvent
DelayLoadFailureHook
GetProcAddress
InterlockedCompareExchange
LoadLibraryExA
InterlockedExchange
QueryPerformanceCounter
GetTickCount
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
VirtualProtect
VirtualAlloc
GetModuleHandleW
GetSystemInfo
VirtualQuery
GetVersion
LoadLibraryW
GetThreadLocale

Exports

Exports

DllCanUnloadNow
DllGetClassObject

Sections

.text
Size: 75KB - Virtual size: 75KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 66KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4d75ccc802ba88a6c4fb39b87f075529

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

msvcrt

ntdll

api-ms-win-core-localregistry-l1-1-0

user32

comctl32

kernel32

Exports

Exports

Sections

.text Size: 75KB - Virtual size: 75KB

.data Size: 3KB - Virtual size: 2KB

.rsrc Size: 66KB - Virtual size: 66KB

.reloc Size: 3KB - Virtual size: 2KB

.text
Size: 75KB - Virtual size: 75KB

.data
Size: 3KB - Virtual size: 2KB

.rsrc
Size: 66KB - Virtual size: 66KB

.reloc
Size: 3KB - Virtual size: 2KB