| File Path | Type and Hashes |
|---|
| Match Rules |
|---|
| File Name: | mTokenCryptoDrv.dll |
| File Type: | PE32 executable (DLL) (GUI) Intel 80386, for MS Windows |
| SHA1: | 07121dbbbef365a95c173c420568bd881db72373 |
| MD5: | 4eb4cb83ac9389acf25af9e6e3b92fa2 |
| First Seen Date: | 2017-01-27 15:10:41.850458 ( ) |
| Number of Clients Seen: | 3 |
| Last Analysis Date: | 2017-01-31 20:43:42.414734 ( ) |
| Human Expert Analysis Date: | 2017-02-03 19:48:44.913583 ( ) |
| Human Expert Analysis Result: | Clean |
| Property | Value |
|---|---|
| number of sections | 5 |
| compilation time stamp | 0x5819F217 [Wed Nov 2 14:03:03 2016 UTC] |
| LegalCopyright | Copyright (C) 2012 |
| InternalName | MiniDriver |
| FileVersion | 2, 0, 15, 1102 |
| CompanyName | Century Longmai Technology Co. Ltd |
| ProductName | mToken MiniDrv |
| ProductVersion | 2, 0, 0, 0 |
| FileDescription | mToken MiniDrv |
| OriginalFilename | mToken MiniDrv |
| Translation | 0x0409 0x04b0 |
| entry point | 0x1000e5ff (.text) |
| machine type | Intel 386 or later - 32Bit |
| file size | 145912 |
| sha256 | 8afb8384609dea214e2d5883e2b21f81b3fa108ce0d2b9e28847b1e561b1a5bf |
| mime type | application/x-dosexec |
| Name | Virtual Address | Virtual Size | Raw Size | Entropy | MD5 |
|---|---|---|---|---|---|
| .text | 0x1000 | 0x171af | 0x17200 | 6.658378 | - |
| .rdata | 0x19000 | 0x4d10 | 0x4e00 | 5.443683 | - |
| .data | 0x1e000 | 0x319c | 0x1600 | 2.452229 | - |
| .rsrc | 0x22000 | 0x818 | 0xa00 | 4.355126 | - |
| .reloc | 0x23000 | 0x1ba4 | 0x1c00 | 4.389373 | - |
-
WinSCard.dll
- SCardStatusW
- SCardListCardsW
- SCardReleaseContext
- SCardListReadersW
- SCardCancel
- SCardFreeMemory
- SCardEstablishContext
- SCardGetStatusChangeW
-
CRYPT32.dll
- CertDeleteCertificateFromStore
- CertDuplicateCertificateContext
- CertEnumCertificatesInStore
- CertGetCertificateContextProperty
- CertCloseStore
- CertOpenStore
-
mTokenCryptoID.dll
- mToken_SelectEFById
- mToken_SelectParentDF
- mToken_ReadBinaryName
- mToken_SelectDFByPathFromMF
- mToken_SelectDFByName
- mToken_DeleteFileByName
- mToken_DeviceAuth
- mToken_DRBGGenRandom
- mToken_ChangePin
- mToken_GetChallenge
- mToken_UnblockPin
- mToken_ClearSecureState
- mToken_VerifyPin
- mToken_UpdateBinaryName
- mToken_CreateDF
- mToken_SetupSecureMessageChannel
- mToken_AsymGenKeypair
- mToken_AsymExportPub
- mToken_KASSessionKey
- mToken_GetData
- mToken_DeleteFileById
- mToken_AsymImportPub
- mToken_UseSecureChannel
- mToken_SoftAESKeyWrap
- mToken_UpdateDevHandle
- mToken_AsymPrivateDecryption
- mToken_AsymSign
- mToken_AsymWrapImportPri
- mToken_CreateEF
- mToken_AddDevHandle
- mToken_RemoveDevice
- mToken_SelectEFByName
-
KERNEL32.dll
- TlsGetValue
- TlsAlloc
- TlsSetValue
- TlsFree
- SetLastError
- IsValidCodePage
- WaitForSingleObject
- SetEvent
- TerminateThread
- lstrlenW
- GetExitCodeThread
- CloseHandle
- CreateThread
- DisableThreadLibraryCalls
- LocalAlloc
- GetModuleFileNameA
- WTSGetActiveConsoleSessionId
- LocalFree
- GetCurrentThreadId
- GetCurrentProcessId
- WideCharToMultiByte
- GetVersionExW
- MultiByteToWideChar
- GetOEMCP
- GetACP
- InterlockedDecrement
- InterlockedIncrement
- GetCPInfo
- HeapSize
- CreateEventW
- GetStdHandle
- WriteFile
- FlushFileBuffers
- SetStdHandle
- WriteConsoleW
- GetConsoleOutputCP
- WriteConsoleA
- CreateFileA
- SetFilePointer
- GetLocaleInfoA
- GetStringTypeW
- GetStringTypeA
- LoadLibraryA
- InitializeCriticalSectionAndSpinCount
- GetTickCount
- QueryPerformanceCounter
- GetEnvironmentStringsW
- FreeEnvironmentStringsW
- GetEnvironmentStrings
- FreeEnvironmentStringsA
- LCMapStringW
- LCMapStringA
- GetConsoleMode
- GetConsoleCP
- GetStartupInfoA
- ExitProcess
- GetFileType
- SetHandleCount
- RtlUnwind
- GetLastError
- HeapFree
- HeapAlloc
- GetSystemTimeAsFileTime
- GetCommandLineA
- TerminateProcess
- GetCurrentProcess
- UnhandledExceptionFilter
- SetUnhandledExceptionFilter
- IsDebuggerPresent
- HeapCreate
- HeapDestroy
- VirtualFree
- DeleteCriticalSection
- LeaveCriticalSection
- EnterCriticalSection
- VirtualAlloc
- HeapReAlloc
- GetModuleHandleW
- Sleep
- GetProcAddress
- RaiseException
-
USER32.dll
- LoadStringW
- IsWindow
- FindWindowW
- SendMessageW
-
ADVAPI32.dll
- ImpersonateLoggedOnUser
- RevertToSelf
-
WTSAPI32.dll
- WTSQueryUserToken
CardAcquireContext
CardAuthenticateChallenge
CardAuthenticateEx
CardAuthenticatePin
CardChangeAuthenticator
CardChangeAuthenticatorEx
CardConstructDHAgreement
CardCreateContainer
CardCreateDirectory
CardCreateFile
CardDeauthenticate
CardDeauthenticateEx
CardDeleteContainer
CardDeleteContext
CardDeleteDirectory
CardDeleteFile
CardDeriveKey
CardDestroyDHAgreement
CardEnumFiles
CardGetChallenge
CardGetChallengeEx
CardGetContainerInfo
CardGetContainerProperty
CardGetFileInfo
CardGetProperty
CardQueryCapabilities
CardQueryFreeSpace
CardQueryKeySizes
CardRSADecrypt
CardReadFile
CardSetContainerProperty
CardSetProperty
CardSignData
CardUnblockPin
CardWriteFile
RT_STRING
RT_VERSION
RT_MANIFEST