66e6b0d7ae1fdece58b2cf743c51fa60_dll32_JC[.]dll

Sharing

Copy URL Twitter E-mail

General

Target

66e6b0d7ae1fdece58b2cf743c51fa60_dll32_JC.dll
Size

244KB
MD5

66e6b0d7ae1fdece58b2cf743c51fa60
SHA1

aa79884b786dbf553fd282c9d9649a4469ae75af
SHA256

95016e7ccba15d01f151710109727dfabe986047197c4a87d366f43bf62164ba
SHA512

475537857c08026118fc5e094252906a730411eb220c4c4055b7dd00d7a5e526af6c69774f7844a31c0124238a7e40fc6eb4859c6b21e6d57f2460c2ac0cae6c
SSDEEP

3072:GL6OC29H+irJq+oIQ/gYCwdWeyV6LKzWaS6K6jh0tS/Dp+7hPqr/VcC8X/8IUwsw:0qsYDd1L4pieEDXLpQ+x/xnj/UVjdH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
66e6b0d7ae1fdece58b2cf743c51fa60_dll32_JC.dll

Files

66e6b0d7ae1fdece58b2cf743c51fa60_dll32_JC.dll
.dll windows:4 windows x86

960dbb201c4cb9b09c4994a949a092b5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetCurrentThreadId
GetTempPathW
ReadFile
WriteFile
SetFileAttributesW
GetFileAttributesW
Sleep
SetFilePointer
LeaveCriticalSection
EnterCriticalSection
DeleteFileW
GetSystemDirectoryW
GetWindowsDirectoryW
InitializeCriticalSection
OutputDebugStringA
VirtualAlloc
VirtualFree
OpenMutexA
MulDiv
WriteProcessMemory
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
CreateMutexA
GetModuleFileNameA
CreateFileW
CopyFileW
MoveFileExW
OutputDebugStringW
CreateDirectoryA
SetCurrentDirectoryA
GetCurrentDirectoryA
CreateFileA
Process32Next
Process32First
CreateToolhelp32Snapshot
TerminateProcess
FindClose
FindFirstFileA
FindFirstFileW
GetTempPathA
GetFileAttributesA
GetTickCount
GetSystemTime
GetEnvironmentVariableA
VirtualAllocEx
GetShortPathNameW
GetPrivateProfileStringA
CreateProcessW
VirtualProtectEx
CreateProcessA
ResumeThread
ReadProcessMemory
VirtualQueryEx
InterlockedExchange
SetEndOfFile
GetOEMCP
GetACP
FlushFileBuffers
GetCPInfo
IsBadCodePtr
IsBadReadPtr
SetUnhandledExceptionFilter
GetStringTypeW
GetStringTypeA
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
RaiseException
IsBadWritePtr
HeapCreate
HeapDestroy
GetVersionExA
GetStartupInfoA
GetFileSize
SetFileTime
GetFileTime
QueryDosDeviceW
GetModuleHandleA
GetCurrentProcess
VirtualProtect
FlushInstructionCache
CreateThread
GetLastError
SetLastError
MultiByteToWideChar
WideCharToMultiByte
GlobalFree
GlobalFlags
CloseHandle
FreeLibrary
GetCurrentProcessId
OpenProcess
LoadLibraryA
GetProcAddress
GetStdHandle
SetHandleCount
GetFileType
SetStdHandle
LCMapStringW
LCMapStringA
DeleteCriticalSection
TlsGetValue
TlsFree
TlsAlloc
TlsSetValue
HeapSize
GetVersion
GetCommandLineA
HeapReAlloc
HeapFree
HeapAlloc
ExitProcess
InterlockedIncrement
InterlockedDecrement
RtlUnwind

user32

DrawTextA
SendMessageA
MessageBoxA
WindowFromPoint
GetCursorPos
WindowFromDC
GetSystemMetrics
GetWindowThreadProcessId
MessageBoxW
UnhookWindowsHookEx
SetWindowsHookExA
CallNextHookEx
OpenClipboard
EmptyClipboard
CloseClipboard
PeekMessageA
TranslateMessage
DispatchMessageA
GetDesktopWindow

gdi32

CreateFontA
SelectObject
SetTextAlign
TextOutA
DeleteObject
GetStockObject
SetBkColor
SetTextColor
SetBkMode
GetDeviceCaps

advapi32

RegOpenKeyExA
RegQueryValueExA
RegCloseKey

shell32

SHGetSpecialFolderPathA

ole32

ProgIDFromCLSID
CoTaskMemFree
DoDragDrop

ws2_32

__WSAFDIsSet
WSAGetLastError
select
closesocket
htons
gethostbyname
inet_addr
socket
recv
send
getsockopt
ntohs
inet_ntoa

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

psapi

EnumProcessModules
GetModuleFileNameExA

Exports

Exports

StartHook
StopHook

Sections

.text
Size: 176KB - Virtual size: 172KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Shared
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

960dbb201c4cb9b09c4994a949a092b5

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

ws2_32

version

psapi

Exports

Exports

Sections

.text Size: 176KB - Virtual size: 172KB

.rdata Size: 20KB - Virtual size: 19KB

.data Size: 20KB - Virtual size: 116KB

Shared Size: 8KB - Virtual size: 4KB

.reloc Size: 16KB - Virtual size: 13KB

.text
Size: 176KB - Virtual size: 172KB

.rdata
Size: 20KB - Virtual size: 19KB

.data
Size: 20KB - Virtual size: 116KB

Shared
Size: 8KB - Virtual size: 4KB

.reloc
Size: 16KB - Virtual size: 13KB