SmartcardCredentialProvider[.]dll

Sharing

Copy URL Twitter E-mail

General

Target

SmartcardCredentialProvider.dll
Size

149KB
MD5

c2c9d3ad9325803c0d2176247be086b8
SHA1

2c7bbd85a689f0f28b9bf7dacf7c0c1ff8b536c2
SHA256

0e771815d8af5986ebe773029bfd5e69c4f1276d914882eb8d2d9378ab4faa77
SHA512

4519caf596fd8545cc6dd92c86045ee69bf75a92c5ba96510d15974a1a8eec4638b33c2b678bfba8909777a609a5519ee680864b1c7ceb22c679e12b9652b8b3
SSDEEP

3072:oIAYG8JGsP3cM1E+riY4BXsBssKiTgHzv/Q1B2Vyg27WQmo+C+3X7wkOpU3MheKJ:gYG8JGsfcM5mY+D8nxMML

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
SmartcardCredentialProvider.dll

Files

SmartcardCredentialProvider.dll
.dll windows:6 windows x86 arch:x86

86044cd9e3c9c9df7379c39d19db08ab

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

SmartcardCredentialProvider.pdb

Imports

msvcrt

_vsnprintf
towupper
_except_handler4_common
_amsg_exit
_initterm
free
malloc
_XcptFilter
memcpy
wcschr
_vsnwprintf
_stricmp
memset

ntdll

RtlInitUnicodeString
RtlNtStatusToDosError
RtlInitString
EtwUnregisterTraceGuids
EtwRegisterTraceGuidsW
EtwGetTraceLoggerHandle
EtwGetTraceEnableLevel
EtwGetTraceEnableFlags
EtwTraceMessage
RtlFreeHeap
RtlAllocateHeap
RtlImageNtHeader
RtlFreeUnicodeString
RtlInitializeCriticalSection
RtlAnsiStringToUnicodeString
RtlInitAnsiString

api-ms-win-core-localregistry-l1-1-0

RegDeleteKeyExW
RegQueryValueExW
RegOpenKeyExW
RegGetValueW
RegDeleteValueW
RegSetValueExW
RegCloseKey
RegCreateKeyExW

user32

GetThreadDesktop
SetThreadDesktop
EnumThreadWindows
GetWindowThreadProcessId
PostMessageW
LoadStringW
SendInput
LoadBitmapW

comctl32

ord386
ord328
ord329
ord335
ord334
ord344

kernel32

CreateThread
ResumeThread
GetTickCount64
WaitForMultipleObjects
MultiByteToWideChar
GetCurrentThread
GetSystemTime
SystemTimeToFileTime
RegQueryValueExA
RegOpenKeyExA
RegSetValueExA
RegCreateKeyExA
LockResource
LoadResource
FindResourceExW
LocaleNameToLCID
GetSystemDefaultLCID
GetUserDefaultLCID
FreeLibrary
GetModuleFileNameW
HeapAlloc
HeapFree
InterlockedIncrement
InterlockedDecrement
InitializeCriticalSection
InitializeCriticalSectionAndSpinCount
HeapCreate
DisableThreadLibraryCalls
HeapDestroy
DeleteCriticalSection
GetLastError
CloseHandle
UnregisterWaitEx
CancelWaitableTimer
RegisterWaitForSingleObject
SetWaitableTimer
CreateWaitableTimerW
lstrlenW
HeapReAlloc
LeaveCriticalSection
EnterCriticalSection
CompareFileTime
CreateThreadpoolCleanupGroup
CloseThreadpoolCleanupGroup
CloseThreadpoolCleanupGroupMembers
WaitForSingleObject
SetEvent
Sleep
SubmitThreadpoolWork
CreateThreadpoolWork
CreateEventW
WideCharToMultiByte
GetCurrentProcessId
GetCurrentThreadId
ResetEvent
DelayLoadFailureHook
GetProcAddress
InterlockedCompareExchange
LoadLibraryExA
InterlockedExchange
QueryPerformanceCounter
GetTickCount
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
VirtualProtect
VirtualAlloc
GetModuleHandleW
GetSystemInfo
VirtualQuery
GetVersion
LoadLibraryW
GetThreadLocale

Exports

Exports

DllCanUnloadNow
DllGetClassObject

Sections

.text
Size: 76KB - Virtual size: 75KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 66KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

86044cd9e3c9c9df7379c39d19db08ab

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

msvcrt

ntdll

api-ms-win-core-localregistry-l1-1-0

user32

comctl32

kernel32

Exports

Exports

Sections

.text Size: 76KB - Virtual size: 75KB

.data Size: 3KB - Virtual size: 2KB

.rsrc Size: 66KB - Virtual size: 66KB

.reloc Size: 3KB - Virtual size: 2KB

.text
Size: 76KB - Virtual size: 75KB

.data
Size: 3KB - Virtual size: 2KB

.rsrc
Size: 66KB - Virtual size: 66KB

.reloc
Size: 3KB - Virtual size: 2KB