7591d28292165defb371765c525f8d30_dll32_JC[.]dll

Sharing

Copy URL

Twitter E-mail

General

Target

7591d28292165defb371765c525f8d30_dll32_JC.dll
Size

2.3MB
MD5

7591d28292165defb371765c525f8d30
SHA1

556783ca33a3210f9d4fe60b7da985222d01a388
SHA256

081ae7e8945f7d6c7096f550ada6020faea3d489cb25f681f68d6489d9a9dd64
SHA512

500b410b091e87ce2e32b83472b058f886c4121d3f85fbfcbb55330a87c65f468cd34e6a5494e3b7c21d2e969bc12bff654452dad8856ee78b0b40e3dd91c9fd
SSDEEP

49152:8BhU/Je/kM18h+XoMZER3XGpsghGCYwuTb7bafY9OsL4BBxPV9C:+hUheMM18hMJZVjYwgbHXwO4BBJTC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7591d28292165defb371765c525f8d30_dll32_JC.dll

Files

7591d28292165defb371765c525f8d30_dll32_JC.dll
.dll windows:5 windows x86

4945537c894b01c16c91fd7c67d29896

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

clusapi

ClusterResourceControl

user32

PostQuitMessage
OpenWindowStationA
ShowWindow
GetUpdateRgn
SetActiveWindow
ReleaseCapture
ShowScrollBar
UnhookWindowsHookEx
SetCursorPos
CreateWindowExA

ws2_32

select
WSAGetLastError

winspool.drv

AddFormW

wintrust

CryptCATEnumerateCatAttr
CryptCATCDFEnumMembers

shlwapi

StrRChrIW

msvcrt

putc

version

GetFileVersionInfoW

oleaut32

GetErrorInfo
LoadTypeLibEx
GetRecordInfoFromGuids
SysAllocStringLen

psapi

GetModuleFileNameExA

setupapi

SetupDiGetDeviceRegistryPropertyA
SetupDiEnumDeviceInfo

kernel32

VirtualAlloc
WaitForSingleObject
GetProcessHeap
IsProcessorFeaturePresent
GetSystemTimeAsFileTime
InterlockedPushEntrySList
LocalAlloc
GetBinaryTypeW
GetModuleFileNameW
GetProcAddress
GetModuleHandleA
GetModuleHandleW
EnterCriticalSection
Process32FirstW
GetVersionExA
SetStdHandle

rasapi32

RasGetEapUserIdentityW

gdi32

CreateEnhMetaFileA
DeleteMetaFile
GetTextMetricsA

lz32

LZOpenFileA
GetExpandedNameW

ole32

HICON_UserSize

winmm

waveOutGetPosition
mciSendStringW

advapi32

SetFileSecurityA
RegCloseKey

Sections

.text
Size: 36KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 56KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.qdata
Size: 892KB - Virtual size: 888KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ

.reloc
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4945537c894b01c16c91fd7c67d29896

Headers

DLL Characteristics

File Characteristics

Imports

clusapi

user32

ws2_32

winspool.drv

wintrust

shlwapi

msvcrt

version

oleaut32

psapi

setupapi

kernel32

rasapi32

gdi32

lz32

ole32

winmm

advapi32

Sections

.text Size: 36KB - Virtual size: 32KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 56KB - Virtual size: 57KB

.qdata Size: 892KB - Virtual size: 888KB

DATA Size: 1.3MB - Virtual size: 1.3MB

.rsrc Size: 4KB - Virtual size: 1KB

.reloc Size: 28KB - Virtual size: 27KB

.text
Size: 36KB - Virtual size: 32KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 56KB - Virtual size: 57KB

.qdata
Size: 892KB - Virtual size: 888KB

DATA
Size: 1.3MB - Virtual size: 1.3MB

.rsrc
Size: 4KB - Virtual size: 1KB

.reloc
Size: 28KB - Virtual size: 27KB