78fb8beb8a9ed09e2ce5a8799634a270_dll32_JC[.]dll

Sharing

Copy URL Twitter E-mail

General

Target

78fb8beb8a9ed09e2ce5a8799634a270_dll32_JC.dll
Size

309KB
MD5

78fb8beb8a9ed09e2ce5a8799634a270
SHA1

94741483988a999cb3bf1b8dc2461733301e7921
SHA256

20f0f8e3b58a92c27349c586ec2861e1b785baa44b884a5730d0aea5f14f5701
SHA512

07943e6981441e1d0350a996ca5188f4be1508e0736e13c03750b27241880a61b458d4e080786c47b9d39ef5e8fd0555eda6ac84eae8e303b6d66e11ca7493b2
SSDEEP

6144:S6a35ppioQ86Hftl1qnenep0sZu5XNIlFDWh4L:S6a35Dp81qnea0sZu5XNS9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
78fb8beb8a9ed09e2ce5a8799634a270_dll32_JC.dll

Files

78fb8beb8a9ed09e2ce5a8799634a270_dll32_JC.dll
.dll regsvr32 windows:5 windows x86

ed6b363d80b905ffbfae5e709dd49bcf

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

winmm

timeGetTime

kernel32

WriteFile
GetLocalTime
SetFilePointer
CreateFileW
GetFileAttributesW
ReleaseMutex
SetEvent
WaitForSingleObject
ResetEvent
MultiByteToWideChar
GetCurrentProcessId
TerminateThread
UnmapViewOfFile
GetLastError
MapViewOfFile
Sleep
ResumeThread
SetThreadPriority
CreateThread
CreateEventW
InterlockedExchange
CreateMutexW
OpenFileMappingW
WideCharToMultiByte
InterlockedIncrement
FreeLibrary
InterlockedDecrement
GetProcAddress
GetModuleHandleW
GetCurrentThreadId
CloseHandle
GetTickCount
GetVersionExW
lstrlenW
lstrlenA
GetModuleFileNameA
DisableThreadLibraryCalls
VirtualFree
GetCurrentProcess
VirtualAlloc
QueryPerformanceCounter
QueryPerformanceFrequency
CreateFileA
FlushFileBuffers
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
GetTimeZoneInformation
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
CompareStringA
CompareStringW
SetEnvironmentVariableA
GetStringTypeW
GetStringTypeA
GetLocaleInfoA
InitializeCriticalSectionAndSpinCount
LoadLibraryA
TlsSetValue
TlsAlloc
TlsGetValue
ReadFile
GetConsoleMode
GetConsoleCP
SetStdHandle
LCMapStringW
LCMapStringA
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStartupInfoA
GetFileType
SetHandleCount
RaiseException
GetModuleHandleA
GetStdHandle
HeapDestroy
HeapCreate
HeapSize
SetLastError
HeapFree
HeapAlloc
HeapReAlloc
RtlUnwind
GetCommandLineA
GetSystemTimeAsFileTime
ExitProcess
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
TlsFree

user32

wsprintfW
wvsprintfW

advapi32

RegSetValueW
RegSetValueExW
RegOpenKeyExW
RegEnumKeyExW
RegCloseKey
RegDeleteKeyW
RegCreateKeyW

ole32

CoInitialize
CoTaskMemAlloc
StringFromGUID2
CoFreeUnusedLibraries
CoCreateInstance
CoTaskMemFree
CoUninitialize

wsock32

bind
gethostname
WSAGetLastError
select
setsockopt
htons
connect
ntohs
send
closesocket
socket
inet_ntoa
__WSAFDIsSet
recvfrom
sendto
getsockname
ntohl
gethostbyname
htonl
ioctlsocket
inet_addr
WSACleanup
WSAStartup
getsockopt

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllMain
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 210KB - Virtual size: 210KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 50KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ed6b363d80b905ffbfae5e709dd49bcf

Headers

File Characteristics

Imports

winmm

kernel32

user32

advapi32

ole32

wsock32

Exports

Exports

Sections

.text Size: 210KB - Virtual size: 210KB

.rdata Size: 50KB - Virtual size: 49KB

.data Size: 28KB - Virtual size: 39KB

.rsrc Size: 512B - Virtual size: 436B

.reloc Size: 19KB - Virtual size: 19KB

.text
Size: 210KB - Virtual size: 210KB

.rdata
Size: 50KB - Virtual size: 49KB

.data
Size: 28KB - Virtual size: 39KB

.rsrc
Size: 512B - Virtual size: 436B

.reloc
Size: 19KB - Virtual size: 19KB