ad0bb5631f262607117452aee44ba2dd9d74a9c414a849212f05ce62e7af0766_JC[.]dll | Triage

Sharing

General

Target

ad0bb5631f262607117452aee44ba2dd9d74a9c414a849212f05ce62e7af0766_JC.dll
Size

523KB
MD5

db00d1061a8b3aab60fc407cd304ab06
SHA1

915cefc8777cfc34208e27e62c6bab81d695bdd1
SHA256

ad0bb5631f262607117452aee44ba2dd9d74a9c414a849212f05ce62e7af0766
SHA512

3f0401dad893fea89b52cb0e17f22bafb76af0d78a298d834b23d018138eedc9dc9c7aae500538ef43751f067e25735b9c93ed33d4a47690bdd480c4883a16ef
SSDEEP

6144:roeIyfEl6FSWGCgjrlGsAU36UECrD1bCGWnmDAasnVI9xfyPYzBrD1bCGWnmDm:rK7D0GW6xf3D0GWR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ad0bb5631f262607117452aee44ba2dd9d74a9c414a849212f05ce62e7af0766_JC.dll

Files

ad0bb5631f262607117452aee44ba2dd9d74a9c414a849212f05ce62e7af0766_JC.dll
.dll windows:5 windows x86

63bc622ddbb364868c646ebb5f982ffe

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LocalFree
LocalAlloc
DisableThreadLibraryCalls
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter

Exports

Exports

Compress
CreateCompression
CreateDecompression
DeInitCompression
DeInitDecompression
Decompress
DestroyCompression
DestroyDecompression
InitCompression
InitDecompression
ResetCompression
ResetDecompression

Sections

.text
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 992B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 448B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ