20f6cea250878561799604af766f0b90_dll32_JC[.]dll

Sharing

Copy URL Twitter E-mail

General

Target

20f6cea250878561799604af766f0b90_dll32_JC.dll
Size

128KB
MD5

20f6cea250878561799604af766f0b90
SHA1

045f4c465cb116e50668dc9e394b5515a66529da
SHA256

abe786f9ad297fe260f38fe9eacd169fdcc7ea5ff62467f8ce5dfaa6ba03f66a
SHA512

c087d74a879d5e70844e2056e1981d75c8d52460ab9eb0da18505c59bd036b0f3c87fd4d77a3b1025d30042c7269acf39f3ef70cdd5edafdbf69d99ad2254440
SSDEEP

1536:SmCC1w/Eppnwho5BrYMFl73HA9/GTKRzF+4LgW4Wmvm9JhgwokAO1CLtZ:SmCURppnwhWZfHShUWma/gwokAO6t

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
20f6cea250878561799604af766f0b90_dll32_JC.dll

Files

20f6cea250878561799604af766f0b90_dll32_JC.dll
.dll regsvr32 windows:4 windows x86

cd88a1dc9ae0375b4705357a5f5c0331

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

lstrlenW
SetEnvironmentVariableA
CompareStringW
LeaveCriticalSection
EnterCriticalSection
LCMapStringW
LCMapStringA
ReadFile
SetEndOfFile
GetOEMCP
GetACP
GetCPInfo
CreateFileA
SetFilePointer
CompareStringA
InitializeCriticalSection
DeleteCriticalSection
IsBadReadPtr
GetStringTypeW
GetStringTypeA
IsBadWritePtr
VirtualAlloc
GetCurrentProcess
FlushInstructionCache
MultiByteToWideChar
GetSystemDirectoryA
HeapDestroy
GetEnvironmentVariableA
GetModuleHandleA
GlobalUnlock
LoadLibraryA
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetStartupInfoA
GetFileType
GetStdHandle
SetHandleCount
WriteFile
CloseHandle
HeapSize
HeapReAlloc
TerminateProcess
ExitProcess
DisableThreadLibraryCalls
IsBadCodePtr
FlushFileBuffers
SetStdHandle
GetVersionExA
CreateThread
GetModuleFileNameA
FindFirstFileA
FileTimeToSystemTime
FindClose
InterlockedIncrement
InterlockedDecrement
ExitThread
lstrlenA
HeapAlloc
TlsGetValue
SetLastError
TlsFree
TlsAlloc
TlsSetValue
GetProcAddress
GetTempPathA
SetUnhandledExceptionFilter
OutputDebugStringA
lstrcmpA
GetThreadLocale
GetStringTypeExA
VirtualFree
DebugBreak
GetCurrentThreadId
HeapFree
RaiseException
GetVersion
GetCommandLineA
GetLocalTime
GetSystemTime
GetTimeZoneInformation
RtlUnwind
LocalFree
GetLastError
GlobalLock
GetEnvironmentStringsW
WideCharToMultiByte
TerminateThread
HeapCreate
GetEnvironmentStrings

user32

EndDialog
IsWindowVisible
SetFocus
DefWindowProcA
SetWindowTextA
GetActiveWindow
DispatchMessageA
SendMessageA
CharNextA
LoadStringA
MessageBoxA
wsprintfA
SetWindowPos
MoveWindow
GetFocus
GetSubMenu
LoadMenuA
FindWindowExA
ScreenToClient
TrackPopupMenu
GetDlgItemTextA
GetWindow
GetWindowRect
SystemParametersInfoA
MapWindowPoints
GetParent
CheckDlgButton
SetDlgItemTextA
GetDlgItem
TranslateMessage
GetWindowTextA
SetWindowLongA
wvsprintfA
RedrawWindow
GetSysColor
CreatePopupMenu
AppendMenuA
CreateWindowExA
ShowWindow
GetDC
GetClientRect
CallWindowProcA
GetWindowLongA
PostMessageA
TrackMouseEvent
LoadImageA
IsWindow
DestroyWindow
DestroyMenu

gdi32

SetBkColor
GetStockObject
DeleteDC
DeleteObject
ExtTextOutA

advapi32

RegEnumValueA
RegDeleteValueA
RegEnumKeyA
RegCloseKey
RegCreateKeyExA
RegSetValueExA
RegOpenKeyExA
RegQueryValueExA

shell32

ShellExecuteA

ole32

ReleaseStgMedium
CoInitialize
CoCreateInstance
RegisterDragDrop

oleaut32

SysStringByteLen
SysStringLen
LoadRegTypeLi
SysAllocStringLen
VariantInit
VariantClear
SysAllocString
SysFreeString
SysAllocStringByteLen

ws2_32

connect
shutdown
recv
send
closesocket
socket
WSAStartup
WSAGetLastError
htons
inet_addr
gethostbyaddr
gethostbyname

shlwapi

SHDeleteKeyA

atl

ord36
ord58
ord10
ord11
ord30
ord44
ord23
ord43
ord15
ord18
ord16
ord46
ord21
ord57
ord32

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 68KB - Virtual size: 66KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cd88a1dc9ae0375b4705357a5f5c0331

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

ws2_32

shlwapi

atl

Exports

Exports

Sections

.text Size: 68KB - Virtual size: 66KB

.rdata Size: 12KB - Virtual size: 11KB

.data Size: 16KB - Virtual size: 22KB

.rsrc Size: 20KB - Virtual size: 18KB

.reloc Size: 8KB - Virtual size: 7KB

.text
Size: 68KB - Virtual size: 66KB

.rdata
Size: 12KB - Virtual size: 11KB

.data
Size: 16KB - Virtual size: 22KB

.rsrc
Size: 20KB - Virtual size: 18KB

.reloc
Size: 8KB - Virtual size: 7KB