api-ms-win-security-base-private-l1-1-1[.]dll | Triage

Sharing

General

Target

api-ms-win-security-base-private-l1-1-1.dll
Size

2KB
MD5

322febab4599a5c6073bc88663d7e619
SHA1

8cefd25c07b53f4e373d8b365efc91d97b1687d4
SHA256

7c95e0cb3703f104e6d0dbe4fa85781bcc8f6c599dd82a4d955ae08256256ad8
SHA512

9ca7b4771f8c447a88b333b35fa2df0dcb637f58727e29d4b3d9d82168eae5987c73a9f87f7d9c0e77b6d62c808333ffe90014d02b91cbf44dd26175941a65db

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
api-ms-win-security-base-private-l1-1-1.dll

Files

api-ms-win-security-base-private-l1-1-1.dll
.dll windows:6 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

api-ms-win-security-base-private-l1-1-1.pdb

Exports

Exports

CreateAppContainerToken
IsValidRelativeSecurityDescriptor
MakeAbsoluteSD2

Sections

.text
Size: 512B - Virtual size: 348B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ