27c697b130c816b682bd8329d344371768a95d276d3d9621051f926f77a3315adll_JC[.]dll

Sharing

Copy URL

Twitter E-mail

General

Target

27c697b130c816b682bd8329d344371768a95d276d3d9621051f926f77a3315adll_JC.dll
Size

139KB
MD5

acf3e365488622b93250b943f9d34d3f
SHA1

7bb20829d91fc306e85a7e74d11b786ab0637b5d
SHA256

27c697b130c816b682bd8329d344371768a95d276d3d9621051f926f77a3315a
SHA512

905b425fa07c4294909da0b8a88e7176624ef80816d8616535d33549169d48e8d069bd47ee5e6ffac4f89530c9e7f7572f57ac81c36828d5df0b52d624eb88ae
SSDEEP

3072:4X8/ge5Y6VcCT7CChRg85AC/2lOfn/KQgZDzWriWT:4r6VbCCX5ZCOv/E6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
27c697b130c816b682bd8329d344371768a95d276d3d9621051f926f77a3315adll_JC.dll

Files

27c697b130c816b682bd8329d344371768a95d276d3d9621051f926f77a3315adll_JC.dll
.dll windows x86

06c8235e435697fe218c2f6ef306550c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

shlwapi

GetMenuPosFromID
SHSetValueA
PathGetDriveNumberW
SHEnumKeyExA
PathSkipRootW
PathFindFileNameA
PathCompactPathW

kernel32

GetModuleHandleW
WriteConsoleW
CloseHandle
CreateFileW
SetFilePointerEx
InitializeCriticalSection
VirtualAlloc
lstrlenW
GetConsoleMode
GetConsoleOutputCP
WriteFile
FlushFileBuffers
SetStdHandle
HeapReAlloc
HeapSize
GetStringTypeW
GetFileType
GetStdHandle
GetProcessHeap
LCMapStringW
FreeEnvironmentStringsW
GetEnvironmentStringsW
WideCharToMultiByte
MultiByteToWideChar
GetCommandLineW
GetCommandLineA
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
FindNextFileW
FindFirstFileExW
FindClose
HeapAlloc
HeapFree
GetModuleFileNameW
GetModuleHandleExW
ExitProcess
RaiseException
EncodePointer
LoadLibraryExW
GetProcAddress
FreeLibrary
TlsFree
TlsSetValue
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetStartupInfoW
IsProcessorFeaturePresent
DecodePointer
GetCurrentProcess
TerminateProcess
InterlockedFlushSList
RtlUnwind
GetLastError
SetLastError
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue

mpr

WNetGetResourceParentW
WNetGetConnectionW
MultinetGetConnectionPerformanceA
WNetAddConnection2W
WNetGetConnectionA
WNetDisconnectDialog1W
WNetCancelConnection2W
WNetAddConnection2A

pdh

PdhEnumMachinesA
PdhVbGetDoubleCounterValue
PdhGetDllVersion
PdhParseCounterPathA
PdhVbGetCounterPathElements
PdhMakeCounterPathA
PdhVbOpenQuery

mapi32

ord178
ord46
ord80
ord30
ord193
ord198
ord131

mswsock

GetTypeByNameA
EnumProtocolsA
GetServiceW
TransmitFile
NPLoadNameSpaces
dn_expand
rresvport
rexec

msacm32

acmFormatTagDetailsW
acmDriverPriority
acmFilterChooseA
acmFilterTagEnumW
acmStreamClose
acmFilterEnumW
acmFilterChooseW

resutils

ResUtilEnumResources
ResUtilSetSzValue
ResUtilGetMultiSzProperty
ResUtilGetResourceDependency
ResUtilEnumProperties

Exports

Exports

HvTkcoed

Sections

.text
Size: 106KB - Virtual size: 105KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

06c8235e435697fe218c2f6ef306550c

Headers

DLL Characteristics

File Characteristics

Imports

shlwapi

kernel32

mpr

pdh

mapi32

mswsock

msacm32

resutils

Exports

Exports

Sections

.text Size: 106KB - Virtual size: 105KB

.rdata Size: 27KB - Virtual size: 27KB

.data Size: 4KB - Virtual size: 6KB

.rsrc Size: 512B - Virtual size: 480B

.text
Size: 106KB - Virtual size: 105KB

.rdata
Size: 27KB - Virtual size: 27KB

.data
Size: 4KB - Virtual size: 6KB

.rsrc
Size: 512B - Virtual size: 480B