UAP_SDK[.]dll | Triage

Sharing

Copy URL

Twitter E-mail

General

Target

UAP_SDK.dll
Size

253KB
MD5

c01ceab5ae068d4b218eb5892fd27769
SHA1

fea14f6065e8c22e5335acc0ca88ba15329d0a09
SHA256

fe39dd55d11aa1efd80398a3257eb0d70abfbba6360836955c909669845c2782
SHA512

d45ada455bfeab580799d874461a194ba063a0f1245af60bafe50b11f56f8a22f0df395fc94f8f33c950e23e78ac2e2e50fd35a436d881e82740dfea91d951df
SSDEEP

3072:cCcNVKfq1a7zEbplIOBHxU7kALPeobpH6oQ+UXBGzPMdpWfRmWleGmO6ZiY5Vy6:cSfq1QOBHxU7vLP7ZNvMdonfo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
UAP_SDK.dll

Files

UAP_SDK.dll
.dll windows:5 windows x86 arch:x86

a16434277ab49a9974469587b494f0d2

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

D:\project\application\14_UAP\03_WorkArea\client\src\Release\UAP_SDK.pdb

Imports

kernel32

SetLastError
GetLastError
CreateFileW
WriteFile
CloseHandle
DeleteFileW
SizeofResource
LockResource
LoadResource
FindResourceW
FindResourceExW
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetTickCount
FlushFileBuffers
MoveFileExW
GetFileSizeEx
SetFilePointerEx
SetEndOfFile
InitializeCriticalSectionAndSpinCount
CreateThread
InterlockedExchange
Sleep
ReadFile
WideCharToMultiByte
MultiByteToWideChar
GetFileSize
SetFilePointer
InterlockedExchangeAdd
InterlockedIncrement
InterlockedDecrement
GetPrivateProfileStringW
GetPrivateProfileIntW
RaiseException
HeapDestroy
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
GetProcessHeap
SetEnvironmentVariableA
CompareStringW
CompareStringA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
GetLocaleInfoW
LoadLibraryA
GetConsoleMode
GetConsoleCP
GetModuleHandleA
GetStringTypeW
GetStringTypeA
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCommandLineA
RtlUnwind
LCMapStringA
LCMapStringW
GetCPInfo
GetModuleHandleW
GetProcAddress
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
GetTimeZoneInformation
GetACP
GetOEMCP
IsValidCodePage
GetStdHandle
GetModuleFileNameA
ExitProcess
HeapCreate
VirtualFree
VirtualAlloc
SetHandleCount
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetCurrentProcessId
CreateFileA

user32

KillTimer
SetTimer

shlwapi

PathFileExistsW
StrCpyW

winhttp

WinHttpCloseHandle
WinHttpReceiveResponse
WinHttpQueryDataAvailable
WinHttpOpenRequest
WinHttpConnect
WinHttpOpen
WinHttpReadData
WinHttpSetOption
WinHttpAddRequestHeaders
WinHttpQueryHeaders
WinHttpQueryOption
WinHttpSendRequest

Exports

Exports

uapCleanup
uapCloseHandle
uapCookieLogin
uapCookieLoginStart
uapCookieLoginStop
uapCreateSession
uapDecodeJson
uapDecodeJsonW
uapDownload
uapDownloadClear
uapDownloadCreate
uapDownloadGetInfo
uapDownloadStart
uapDownloadStop
uapGetSessionID
uapGetTicket
uapGetUserID
uapHttpReqAsynCall
uapHttpReqAsynGetRtn
uapHttpReqAsynInit
uapHttpReqAsynStop
uapHttpReqCreate
uapHttpReqGetInfo
uapHttpReqStart
uapHttpReqStop
uapHttpReqSyn
uapHttpReqSynEx
uapImgUploadCreate
uapImgUploadInfo
uapImgUploadStart
uapImgUploadStop
uapIsLog
uapLoadCfg
uapLogin
uapLoginStart
uapLoginStop
uapLogout
uapLogoutStart
uapLogoutStop
uapModifyAvator
uapOpenApiAsynCall
uapOpenApiAsynGetRtn
uapOpenApiAsynInit
uapOpenApiAsynStop
uapOpenApiSyn
uapRegister
uapRegisterStart
uapRegisterStop
uapReleaseBuffer
uapSessionHttpInfo
uapSetLogin
uapSetLogout
uapStartup
uapTicketLogin
uapTicketLoginStart
uapTicketLoginStop

Sections

.text
Size: 200KB - Virtual size: 200KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 880B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a16434277ab49a9974469587b494f0d2

Headers

File Characteristics

PDB Paths

Imports

kernel32

user32

shlwapi

winhttp

Exports

Exports

Sections

.text Size: 200KB - Virtual size: 200KB

.rdata Size: 32KB - Virtual size: 31KB

.data Size: 6KB - Virtual size: 13KB

.rsrc Size: 1024B - Virtual size: 880B

.reloc Size: 13KB - Virtual size: 12KB

.text
Size: 200KB - Virtual size: 200KB

.rdata
Size: 32KB - Virtual size: 31KB

.data
Size: 6KB - Virtual size: 13KB

.rsrc
Size: 1024B - Virtual size: 880B

.reloc
Size: 13KB - Virtual size: 12KB