StorageContextHandler[.]dll

Sharing

Copy URL Twitter E-mail

General

Target

StorageContextHandler.dll
Size

59KB
MD5

c443536d9279b74a162e3c39a83cb226
SHA1

85f67b8b73d31b800bdc9449b9dac9a1a0d04f25
SHA256

68a4cc41c2607e4e46518d58bc479a27205df43e422859b7125ed85b4979fc78
SHA512

6d9642f8c8968ed8e235929d8793b38013e21569c432cf7f48a94a744d1cf394c19b6ce3b0f7ad62a5d5e6ac3df058c0845b0054e560ae2d780b1dc287c095c2
SSDEEP

1536:GgqAfK2sbqqDrJdimn+YqNgX8UKwwQr2mYUcNaVRfyX:wRqotAgTwQr2mYcR+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
StorageContextHandler.dll

Files

StorageContextHandler.dll
.dll regsvr32 windows:6 windows x86 arch:x86

d5991b0c95509d2b3875e262ac98e9d4

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

StorageContextHandler.pdb

Imports

msvcrt

_CxxThrowException
__CxxFrameHandler3
calloc
memset
_XcptFilter
_amsg_exit
_initterm
_lock
_unlock
__dllonexit
??3@YAXPAX@Z
_onexit
memmove_s
_purecall
_wcsupr
_vsnwprintf
??_U@YAPAXI@Z
memcpy_s
malloc
??2@YAPAXI@Z
wcscat_s
free
wcscpy_s
wcsncpy_s
??_V@YAXPAX@Z
??1type_info@@UAE@XZ
_errno
realloc
_except_handler4_common
_ftol2

advapi32

EventWrite
RegGetValueW
TraceMessage
RegDeleteValueW
RegCreateKeyExW
RegSetValueExW
RegEnumKeyExW
RegOpenKeyExW
RegQueryInfoKeyW
RegCloseKey
EventUnregister
EventRegister
UnregisterTraceGuids
RegisterTraceGuidsW
GetTraceEnableFlags
GetTraceEnableLevel
GetTraceLoggerHandle
RegOpenKeyW

kernel32

GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentThreadId
TerminateProcess
GetSystemTimeAsFileTime
GetTickCount
OutputDebugStringA
QueryPerformanceCounter
GetCurrentProcessId
Sleep
DisableThreadLibraryCalls
GetThreadLocale
SetThreadLocale
DeleteCriticalSection
RaiseException
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
GetLastError
GetModuleFileNameW
GetProcAddress
LoadLibraryExW
GetModuleHandleW
FreeLibrary
lstrcmpiW
MultiByteToWideChar
SizeofResource
LoadResource
FindResourceExW
CreateEventW
CloseHandle
LoadLibraryW
CompareStringOrdinal
ResetEvent
DeviceIoControl
WaitForSingleObject
GetOverlappedResult
CancelIo
GetTickCount64
GetDriveTypeW
CreateFileW
GetVolumeNameForVolumeMountPointW
GetVolumePathNamesForVolumeNameW
LockResource
HeapDestroy
HeapAlloc
HeapReAlloc
HeapFree
HeapSize
GetProcessHeap

ole32

CoGetMalloc
PropVariantClear
CLSIDFromString
CoTaskMemAlloc
CoTaskMemRealloc
CoTaskMemFree
CoCreateInstance
StringFromGUID2

oleaut32

VariantClear
VariantInit
VarUI4FromStr
SysAllocString

shell32

SHCreateItemInKnownFolder
SHGetIDListFromObject
ShellExecuteExW
ord100
SHCreateItemFromParsingName

shlwapi

ord219
ord199
ord158
SHStrDupW
ord172
ord256
ord176
PathGetDriveNumberW

user32

CharNextW
LoadStringW
UnregisterClassA

setupapi

SetupDiGetDeviceInterfaceDetailW
CM_Get_DevNode_Registry_Property_ExW
CM_Locate_DevNodeW
SetupDiGetDevicePropertyW
CM_Get_Parent_Ex
CM_Get_DevNode_Custom_PropertyW
SetupDiDestroyDeviceInfoList
SetupDiCreateDeviceInfoList
CM_Get_Device_IDW
SetupDiGetClassDevsW
SetupDiEnumDeviceInterfaces
SetupDiOpenDeviceInfoW
CM_Get_Device_Interface_List_SizeW
CM_Get_Device_Interface_ListW

cfgmgr32

DevGetObjects
DevFreeObjects

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 48KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d5991b0c95509d2b3875e262ac98e9d4

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

msvcrt

advapi32

kernel32

ole32

oleaut32

shell32

shlwapi

user32

setupapi

cfgmgr32

Exports

Exports

Sections

.text Size: 48KB - Virtual size: 48KB

.data Size: 512B - Virtual size: 1KB

.idata Size: 4KB - Virtual size: 3KB

.rsrc Size: 2KB - Virtual size: 1KB

.reloc Size: 3KB - Virtual size: 3KB

.text
Size: 48KB - Virtual size: 48KB

.data
Size: 512B - Virtual size: 1KB

.idata
Size: 4KB - Virtual size: 3KB

.rsrc
Size: 2KB - Virtual size: 1KB

.reloc
Size: 3KB - Virtual size: 3KB