3fb697f00674cfafac8933f43c6f0fa0_dll32_JC[.]dll

Sharing

Copy URL Twitter E-mail

General

Target

3fb697f00674cfafac8933f43c6f0fa0_dll32_JC.dll
Size

40KB
MD5

3fb697f00674cfafac8933f43c6f0fa0
SHA1

4b5d11b2e6a9b934128b9bec85a7d668187cf83a
SHA256

2081ef5fda7aa746d5bf7f0a2542a02a78932041c6984a83ceaf841d5ea2abfd
SHA512

727fbebeb7399b31596df7de0dd2f38105ab30961f77753db38c5e0edd8bc7aa9b9228a460b6442611f5f198ef78d13a9f36101e64b394c1263fabd0022ca100
SSDEEP

768:4NaTQkr5Gro/3mxqfWgJ3dGRKcYQzZ3OaPDIo:4NaTQwAro/3mxqegJ3dGRKDQtePo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3fb697f00674cfafac8933f43c6f0fa0_dll32_JC.dll

Files

3fb697f00674cfafac8933f43c6f0fa0_dll32_JC.dll
.dll windows:4 windows x86

7ad7109c80c3ac031a9ca658814e6f2b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

rpcrt4

NdrProxyInitialize
NdrStubInitialize
NdrStubGetBuffer
NdrProxyGetBuffer
RpcRaiseException
NdrSimpleStructBufferSize
NdrConvert
NdrSimpleStructMarshall
NdrProxySendReceive
NdrClearOutParameters
NdrSimpleStructUnmarshall
NdrProxyFreeBuffer
IUnknown_AddRef_Proxy
NdrProxyErrorHandler
IUnknown_QueryInterface_Proxy
CStdStubBuffer_AddRef
IUnknown_Release_Proxy
CStdStubBuffer_QueryInterface
CStdStubBuffer_Invoke
CStdStubBuffer_Connect
CStdStubBuffer_Disconnect
CStdStubBuffer_DebugServerQueryInterface
CStdStubBuffer_IsIIDSupported
CStdStubBuffer_CountRefs
NdrOleFree
CStdStubBuffer_DebugServerRelease
NdrOleAllocate
NdrDllGetClassObject
NdrCStdStubBuffer_Release
NdrDllCanUnloadNow

kernel32

TlsFree
GetStringTypeW
GetStringTypeA
LCMapStringA
MultiByteToWideChar
LCMapStringW
GetProcAddress
LoadLibraryA
VirtualAlloc
GetOEMCP
HeapReAlloc
GetCPInfo
GetACP
LeaveCriticalSection
HeapAlloc
InitializeCriticalSection
WriteFile
EnterCriticalSection
VirtualFree
HeapCreate
HeapFree
GetEnvironmentStringsW
GetEnvironmentStrings
HeapDestroy
FreeEnvironmentStringsW
FreeEnvironmentStringsA
RtlUnwind
GetCommandLineA
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
GetCurrentThreadId
TlsSetValue
TlsAlloc
SetHandleCount
WideCharToMultiByte
TlsGetValue
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
GetModuleFileNameA

Exports

Exports

DllCanUnloadNow
DllGetClassObject
GetProxyDllInfo

Sections

.text
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.orpc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7ad7109c80c3ac031a9ca658814e6f2b

Headers

File Characteristics

Imports

rpcrt4

kernel32

Exports

Exports

Sections

.text Size: 12KB - Virtual size: 11KB

.orpc Size: 8KB - Virtual size: 5KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 4KB - Virtual size: 2KB

.reloc Size: 4KB - Virtual size: 1KB

.text
Size: 12KB - Virtual size: 11KB

.orpc
Size: 8KB - Virtual size: 5KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 4KB - Virtual size: 2KB

.reloc
Size: 4KB - Virtual size: 1KB