SCardDlg[.]dll

Sharing

Copy URL Twitter E-mail

General

Target

SCardDlg.dll
Size

65KB
MD5

04fa7ed8cf87d56774df45e92ee63205
SHA1

377f74d1a116d0ac691829c31477d0158812c01c
SHA256

8583fe43ce67803216b8a7cc9536d0c71f4f34f04db7bc8d46c2a55b1d7b257b
SHA512

c7d9503aab084e428d986e304de6a99bf74829592d3bbbc412dd05cfe5723d08474c1aa7c5c81c905f0e127b6d363aa94f48bc566312ecaafcf170bd69b978a2
SSDEEP

768:RbIX8PDQHkVOwNK0EShTS2iuy4JwH/XJlTCNtnF1q//m7yOEGAG7ggmCkpSbT+qG:SX5HkVOwhpyrJlKnFw3Iz8SHxG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
SCardDlg.dll

Files

SCardDlg.dll
.dll windows:10 windows x86 arch:x86

93505785043cbe6ea1ca39e14b269cd0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

SCardDlg.pdb

Imports

mfc42u

ord772
ord5856
ord6138
ord6928
ord4621
ord4073
ord4401
ord5237
ord2377
ord5157
ord6370
ord4347
ord3793
ord4831
ord4435
ord2640
ord2047
ord6372
ord3744
ord5059
ord1720
ord5257
ord2438
ord2116
ord5273
ord5261
ord6048
ord1767
ord4419
ord5276
ord641
ord4370
ord4847
ord4992
ord4704
ord2506
ord324
ord3592
ord2977
ord3142
ord3254
ord4459
ord3131
ord3257
ord2980
ord3076
ord2971
ord3825
ord3826
ord3820
ord3074
ord4075
ord4229
ord4269
ord2388
ord3341
ord5296
ord4074
ord5303
ord5285
ord815
ord5298
ord4692
ord5710
ord2717
ord6371
ord4480
ord2546
ord2504
ord5727
ord3917
ord1089
ord5193
ord2606
ord3733
ord818
ord2455
ord1644
ord567
ord2809
ord940
ord942
ord537
ord6466
ord4616
ord4418
ord3397
ord6051
ord1768
ord5286
ord6451
ord5977
ord6195
ord3087
ord6238
ord2859
ord4155
ord6278
ord858
ord656
ord3605
ord686
ord2400
ord2445
ord2857
ord2088
ord384
ord2294
ord3365
ord4396
ord693
ord2574
ord3281
ord6896
ord3635
ord1165
ord4270
ord543
ord4219
ord2634
ord6211
ord6193
ord3133
ord2078
ord5568
ord2910
ord860
ord4390
ord609
ord2567
ord3569
ord500
ord3696
ord1143
ord826
ord269
ord600
ord1240
ord1571
ord1250
ord1568
ord1570
ord342
ord1179
ord1248
ord1115
ord1194
ord1563
ord861
ord800
ord540
ord803
ord3579
ord561
ord1105

msvcrt

free
_XcptFilter
_amsg_exit
_callnewh
malloc
_initterm
__CxxFrameHandler3
_except_handler4_common
_onexit
__dllonexit
_unlock
_lock
??1type_info@@UAE@XZ
memcpy
_CxxThrowException
memset

api-ms-win-core-synch-l1-1-0

InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
WaitForSingleObject
LeaveCriticalSection

api-ms-win-core-processthreads-l1-1-0

ResumeThread
TerminateThread
GetCurrentProcessId
GetCurrentThreadId
GetCurrentProcess
TerminateProcess

api-ms-win-core-errorhandling-l1-1-0

SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetLastError

api-ms-win-core-heap-l1-1-0

GetProcessHeap
HeapAlloc
HeapFree

api-ms-win-core-localization-l1-2-0

GetACP

api-ms-win-core-string-l1-1-0

MultiByteToWideChar
WideCharToMultiByte

api-ms-win-core-libraryloader-l1-2-0

DisableThreadLibraryCalls

api-ms-win-core-synch-l1-2-0

Sleep

api-ms-win-core-heap-l2-1-0

LocalAlloc
LocalFree

api-ms-win-core-profile-l1-1-0

QueryPerformanceCounter

api-ms-win-core-sysinfo-l1-1-0

GetTickCount
GetSystemTimeAsFileTime

kernel32

lstrlenW
lstrlenA

cfgmgr32

CMP_WaitNoPendingInstallEvents

user32

GetParent
GetWindowRect
LoadIconW
EnableWindow
PostMessageW
SetWindowContextHelpId
SetForegroundWindow
SendMessageW
ScreenToClient
WinHelpW

winscard

SCardLocateCardsA
SCardDisconnect
SCardLocateCardsW
SCardListReadersA
SCardListCardsA
SCardFreeMemory
SCardEstablishContext
SCardReleaseContext
SCardCancel
SCardConnectA
SCardListCardsW
SCardGetStatusChangeW
SCardListReadersW
SCardConnectW
SCardGetStatusChangeA

api-ms-win-core-delayload-l1-1-1

ResolveDelayLoadedAPI

api-ms-win-core-delayload-l1-1-0

DelayLoadFailureHook

Exports

Exports

GetOpenCardNameA
GetOpenCardNameW
SCardDlgExtendedError
SCardUIDlgSelectCardA
SCardUIDlgSelectCardW

Sections

.text
Size: 29KB - Virtual size: 29KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.didat
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

93505785043cbe6ea1ca39e14b269cd0

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

mfc42u

msvcrt

api-ms-win-core-synch-l1-1-0

api-ms-win-core-processthreads-l1-1-0

api-ms-win-core-errorhandling-l1-1-0

api-ms-win-core-heap-l1-1-0

api-ms-win-core-localization-l1-2-0

api-ms-win-core-string-l1-1-0

api-ms-win-core-libraryloader-l1-2-0

api-ms-win-core-synch-l1-2-0

api-ms-win-core-heap-l2-1-0

api-ms-win-core-profile-l1-1-0

api-ms-win-core-sysinfo-l1-1-0

kernel32

cfgmgr32

user32

winscard

api-ms-win-core-delayload-l1-1-1

api-ms-win-core-delayload-l1-1-0

Exports

Exports

Sections

.text Size: 29KB - Virtual size: 29KB

.data Size: 1024B - Virtual size: 9KB

.idata Size: 4KB - Virtual size: 4KB

.didat Size: 512B - Virtual size: 8B

.rsrc Size: 26KB - Virtual size: 25KB

.reloc Size: 3KB - Virtual size: 2KB

.text
Size: 29KB - Virtual size: 29KB

.data
Size: 1024B - Virtual size: 9KB

.idata
Size: 4KB - Virtual size: 4KB

.didat
Size: 512B - Virtual size: 8B

.rsrc
Size: 26KB - Virtual size: 25KB

.reloc
Size: 3KB - Virtual size: 2KB