799c86e8eb6ae575e0155af1464223ad54b08a1f02c7310f93bc9ecac53d9374dll_JC[.]dll

Sharing

Copy URL

Twitter E-mail

General

Target

799c86e8eb6ae575e0155af1464223ad54b08a1f02c7310f93bc9ecac53d9374dll_JC.dll
Size

780KB
MD5

6becd620af76084bfdfccec627622d3d
SHA1

d7130c71ddd16b9b095ee11417d492654a78ded5
SHA256

799c86e8eb6ae575e0155af1464223ad54b08a1f02c7310f93bc9ecac53d9374
SHA512

aa3aa974080607e18e1cf993bca30a28878fdba335eb3686369c79ff0ec4ab2a632d7ca68a5974e78fad5a8bbaae31efca565aeca46b271e86052957f016e6d5
SSDEEP

12288:A53Gdcktn8UV5aAvPCJv/7eDUbG5LRmMSoJqCSml+tlMTX5Udz0un3rg8F8qA706:83wtnDV5XPieWkJcmlIlMTSddgGvAL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
799c86e8eb6ae575e0155af1464223ad54b08a1f02c7310f93bc9ecac53d9374dll_JC.dll

Files

799c86e8eb6ae575e0155af1464223ad54b08a1f02c7310f93bc9ecac53d9374dll_JC.dll
.dll windows x86

8dc57218301eab0a899a12ef50accd97

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

ntdll

memset
mbstowcs
memcpy
_aulldvrm
_snwprintf
RtlNtStatusToDosError
memmove
strncmp
memcmp
strcmp
_aullrem
_allshl
_allrem
_allmul
_alldiv
_aullshr
_alldvrm
_aulldiv

shlwapi

StrChrA
StrCmpNA
StrStrIA
StrChrW
StrStrW
PathCombineW
StrStrA
PathFindFileNameW

crypt32

CryptUnprotectData
CryptStringToBinaryA

kernel32

CreateEventA
HeapDestroy
HeapCreate
GetLastError
CloseHandle
CreateThread
SwitchToThread
FindFirstFileW
lstrlenA
GetCurrentDirectoryW
FindClose
SetCurrentDirectoryW
FindNextFileW
lstrcpyW
WaitForSingleObject
LocalFree
WideCharToMultiByte
MultiByteToWideChar
ExpandEnvironmentStringsW
OpenProcess
TerminateProcess
Sleep
Process32FirstW
Process32NextW
lstrcmpiW
CreateToolhelp32Snapshot
GetFileSize
FreeLibrary
LoadLibraryW
LeaveCriticalSection
GetFileAttributesA
GetFileAttributesW
ReadFile
CreateFileW
GetProcAddress
EnterCriticalSection
LoadLibraryA
AreFileApisANSI
GetSystemTime
GetTempPathA
InterlockedIncrement
HeapAlloc
lstrlenW
SetEvent
HeapFree
SetLastError
GetCurrentProcessId
DeleteFileW
GetVersionExA
OutputDebugStringA
DeleteCriticalSection
GetFileAttributesExW
GetSystemInfo
GetDiskFreeSpaceA
CreateFileMappingW
DeleteFileA
CreateFileMappingA
GetDiskFreeSpaceW
LockFileEx
HeapSize
GetTempPathW
FlushFileBuffers
HeapValidate
GetVersionExW
FormatMessageW
InitializeCriticalSection
WriteFile
FormatMessageA
GetSystemTimeAsFileTime
GetProcessHeap
UnlockFileEx
GetTickCount
OutputDebugStringW
LockFile
UnlockFile
InterlockedDecrement
LocalAlloc
GetFullPathNameW
GetFullPathNameA
HeapReAlloc
CreateFileA
CreateMutexW
HeapCompact
SetFilePointer
TryEnterCriticalSection
MapViewOfFile
UnmapViewOfFile
SetEndOfFile
SystemTimeToFileTime
QueryPerformanceCounter
InterlockedCompareExchange

ole32

CreateStreamOnHGlobal

Exports

Exports

PluginRegisterCallbacks

Sections

.text
Size: 281KB - Virtual size: 280KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss0
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8dc57218301eab0a899a12ef50accd97

Headers

DLL Characteristics

File Characteristics

Imports

ntdll

shlwapi

crypt32

kernel32

ole32

Exports

Exports

Sections

.text Size: 281KB - Virtual size: 280KB

.rdata Size: 28KB - Virtual size: 28KB

.data Size: 4KB - Virtual size: 5KB

.bss0 Size: 2KB - Virtual size: 1KB

.reloc Size: 7KB - Virtual size: 7KB

.text
Size: 281KB - Virtual size: 280KB

.rdata
Size: 28KB - Virtual size: 28KB

.data
Size: 4KB - Virtual size: 5KB

.bss0
Size: 2KB - Virtual size: 1KB

.reloc
Size: 7KB - Virtual size: 7KB