api-ms-win-downlevel-shlwapi-l2-1-1[.]dll

General

Target

api-ms-win-downlevel-shlwapi-l2-1-1.dll
Size

4KB
MD5

3e12babe10e1c84a80e0ab9d4d7edbb7
SHA1

aa7624a84bf7a98e7a8a68439935a274a6858d76
SHA256

e5be4eb7296b26ee613afff65b910a1c46fd756df6218246ec751ecaba249cbe
SHA512

c9ae8d02bc838d9eecb2a7ee22fe345165986803f19086b5f68591d7892d01f2cc704eaca57919005708fa5af081e4f7f4cbc78caf676a1e70c9ef6cde4b9996

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
api-ms-win-downlevel-shlwapi-l2-1-1.dll

Files

api-ms-win-downlevel-shlwapi-l2-1-1.dll
.dll windows:6 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

api-ms-win-downlevel-shlwapi-l2-1-1.pdb

Exports

Exports

IStream_Copy
IStream_Read
IStream_ReadStr
IStream_Reset
IStream_Size
IStream_Write
IStream_WriteStr
IUnknown_AtomicRelease
IUnknown_GetSite
IUnknown_QueryService
IUnknown_Set
IUnknown_SetSite
IsOS
SHAnsiToAnsi
SHAnsiToUnicode
SHCopyKeyA
SHCopyKeyW
SHCreateMemStream
SHCreateStreamOnFileA
SHCreateStreamOnFileEx
SHCreateStreamOnFileW
SHCreateThread
SHCreateThreadRef
SHCreateThreadWithHandle
SHDeleteEmptyKeyA
SHDeleteEmptyKeyW
SHDeleteKeyA
SHDeleteKeyW
SHDeleteValueA
SHDeleteValueW
SHEnumKeyExA
SHEnumKeyExW
SHEnumValueA
SHEnumValueW
SHGetThreadRef
SHGetValueA
SHGetValueW
SHOpenRegStream2A
SHOpenRegStream2W
SHOpenRegStreamA
SHOpenRegStreamW
SHQueryInfoKeyA
SHQueryInfoKeyW
SHQueryValueExA
SHQueryValueExW
SHRegDuplicateHKey
SHRegGetIntW
SHRegGetPathA
SHRegGetPathW
SHRegGetValueA
SHRegGetValueW
SHRegSetPathA
SHRegSetPathW
SHReleaseThreadRef
SHSetThreadRef
SHSetValueA
SHSetValueW
SHStrDupA
SHStrDupW
SHUnicodeToAnsi
SHUnicodeToUnicode

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Headers

DLL Characteristics

File Characteristics

PDB Paths

Exports

Exports

Sections

.text Size: 2KB - Virtual size: 1KB

.rsrc Size: 1024B - Virtual size: 1008B

.text
Size: 2KB - Virtual size: 1KB

.rsrc
Size: 1024B - Virtual size: 1008B