1a0115915371f50f855b44b31f3bda9db3a0ce9f8a438d56b0125fc3dad3e458_JC[.]dll

Sharing

Copy URL

Twitter E-mail

General

Target

1a0115915371f50f855b44b31f3bda9db3a0ce9f8a438d56b0125fc3dad3e458_JC.dll
Size

88KB
MD5

8545a5dfbcc4bf31a2099c2494c88c27
SHA1

1f9c6f8563e52c558c6878e0eb9cc9cea82209da
SHA256

1a0115915371f50f855b44b31f3bda9db3a0ce9f8a438d56b0125fc3dad3e458
SHA512

4db4e53c597a87648c6421961ef9e6cb5e2ce6a14c797ca980d3d8623eaacb72f024b7e306caff7ba7fb34247895085aa5836c0590bcbce424225f1676a9d72d
SSDEEP

1536:DN/SnqpFxn09e2LFUQKsKLjxkflHlX8/S0ElsWeWcd+WoLC6W9hCbW:B6GFxnA1LFFOLjKE/Lv+WoLCpsbW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1a0115915371f50f855b44b31f3bda9db3a0ce9f8a438d56b0125fc3dad3e458_JC.dll

Files

1a0115915371f50f855b44b31f3bda9db3a0ce9f8a438d56b0125fc3dad3e458_JC.dll
.dll windows x86

9de2c5f4e7412eda6daeaef638405b83

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CreateFileW
SetFilePointerEx
GetConsoleMode
GetConsoleOutputCP
WriteFile
FlushFileBuffers
SetStdHandle
HeapReAlloc
HeapSize
GetStringTypeW
GetStdHandle
GetProcessHeap
CloseHandle
VirtualFree
LCMapStringW
FreeEnvironmentStringsW
GetEnvironmentStringsW
WideCharToMultiByte
MultiByteToWideChar
GetCommandLineW
GetCommandLineA
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
WriteConsoleW
FindResourceW
SizeofResource
LockResource
LoadResource
GetModuleHandleExW
VirtualAlloc
TerminateJobObject
GetCommConfig
FindNextFileW
FindFirstFileExW
FindClose
HeapFree
GetFileType
WritePrivateProfileStringW
HeapAlloc
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetStartupInfoW
IsProcessorFeaturePresent
GetModuleHandleW
GetCurrentProcess
TerminateProcess
InterlockedFlushSList
RtlUnwind
GetLastError
SetLastError
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
GetProcAddress
LoadLibraryExW
EncodePointer
RaiseException
ExitProcess
GetModuleFileNameW
DecodePointer

loadperf

UnloadPerfCounterTextStringsA
LoadPerfCounterTextStringsW
UnloadPerfCounterTextStringsW

odbc32

ord108
ord207
ord152
ord236
ord211
PostODBCComponentError

urlmon

URLDownloadA
CoInternetCompareUrl
UrlMkGetSessionOption
HlinkGoBack

setupapi

SetupFindNextMatchLineW
SetupDiSetDeviceRegistryPropertyA
SetupCloseInfFile
SetupDiGetHwProfileFriendlyNameExW
SetupRenameErrorW
SetupRemoveInstallSectionFromDiskSpaceListW
SetupDeleteErrorW
SetupAddToDiskSpaceListW

ole32

HMETAFILEPICT_UserUnmarshal
OleConvertIStorageToOLESTREAM
HMETAFILE_UserSize
StringFromIID
CLSIDFromProgID

rtutils

TraceDumpExA
RouterLogRegisterA
LogEventW
TracePutsExW
TracePrintfExW
TraceRegisterExW

crypt32

CryptDecodeObject
CertSetCTLContextProperty
CertGetIssuerCertificateFromStore
CryptSetOIDFunctionValue
CertFindCTLInStore
CryptHashPublicKeyInfo

avifil32

AVIStreamRead
EditStreamSetName

avicap32

capCreateCaptureWindowW
videoThunk32

msvfw32

ICRemove
ICCompress
ICSendMessage
ICSeqCompressFrameEnd

Exports

Exports

HvTkcoed

Sections

.text
Size: 48KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9de2c5f4e7412eda6daeaef638405b83

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

loadperf

odbc32

urlmon

setupapi

ole32

rtutils

crypt32

avifil32

avicap32

msvfw32

Exports

Exports

Sections

.text Size: 48KB - Virtual size: 48KB

.rdata Size: 26KB - Virtual size: 25KB

.data Size: 2KB - Virtual size: 4KB

.rsrc Size: 6KB - Virtual size: 6KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 48KB - Virtual size: 48KB

.rdata
Size: 26KB - Virtual size: 25KB

.data
Size: 2KB - Virtual size: 4KB

.rsrc
Size: 6KB - Virtual size: 6KB

.reloc
Size: 4KB - Virtual size: 3KB