21b157dc13c21c4e0403502b02dd4bf0_dll32_JC[.]dll

Sharing

Copy URL

Twitter E-mail

General

Target

21b157dc13c21c4e0403502b02dd4bf0_dll32_JC.dll
Size

823KB
MD5

21b157dc13c21c4e0403502b02dd4bf0
SHA1

02c02f39b7fb4936626e399c1ab154480833253a
SHA256

0bb1ba74789cce18b2adc1a9632bb37d52f0cbf28ccd2405b9c702a2d825a200
SHA512

997120de93c1e045bb8a265af2205cd76a4bd09d5abce2f1eac6f1044bf85d77d1d04dee95a44a4d5fd8f52d0990ff40d609f215490e9c269031930b71eb38da
SSDEEP

24576:OS2N1pI2B0ARC0Av6UZck4EamXCFD6Zj6/+n:OSy1pjFD6V6/+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
21b157dc13c21c4e0403502b02dd4bf0_dll32_JC.dll

Files

21b157dc13c21c4e0403502b02dd4bf0_dll32_JC.dll
.dll windows:10 windows x86

866fd0b587e4e2281a6bb79e39bc29de

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvcrt

??1type_info@@UAE@XZ
_onexit
__dllonexit
_unlock
_lock
?terminate@@YAXXZ
_except_handler4_common
wcscpy_s
_XcptFilter
_vsnprintf
_purecall
__CxxFrameHandler3
_amsg_exit
memcpy
floor
_initterm
strrchr
wcsrchr
atoi
strcpy_s
_wcslwr
_stricmp
malloc
free
_ftol2_sse
sscanf_s
_CIcos
_CIexp
_CIlog
_CIlog10
_CIpow
_CIsqrt
_CxxThrowException
memset

user32

CloseDesktop
GetUserObjectInformationA
OpenInputDesktop
GetWindowThreadProcessId
IsWindow
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
GetWindowRect
GetKeyState
GetWindowLongA
IsIconic
PostMessageA
SendMessageA
CallWindowProcA
SetWindowLongA
IsZoomed
ShowWindow
IsWindowVisible
GetForegroundWindow
SetWindowPos
SystemParametersInfoA
GetDC
EnumDisplaySettingsA
ReleaseDC
EnumDisplayDevicesA
GetSystemMetrics
OffsetRect
GetWindowInfo
ClientToScreen
DisplayConfigGetDeviceInfo
GetClientRect
SetRect
IntersectRect
GetMonitorInfoA
DefWindowProcA
RegisterHotKey
UnregisterHotKey
SetRectEmpty
SetForegroundWindow
SetCursor
GetCursor
DestroyIcon
GetDesktopWindow
GetWindowDC
CreateIconIndirect
GetIconInfo
GetCursorPos
SetCursorPos
GetThreadDesktop
UnionRect

advapi32

RegOpenKeyExA
RegCreateKeyA
EventUnregister
EventWriteTransfer
EventRegister
EventSetInformation
RegSetValueExA
RegGetValueA
RegCreateKeyExA
SetSecurityDescriptorDacl
GetSidSubAuthority
GetSidLengthRequired
InitializeSid
IsValidSid
InitializeSecurityDescriptor
InitializeAcl
SetSecurityInfo
ConvertStringSidToSidA
GetLengthSid
AddAccessAllowedAce
RegEnumKeyA
RegCloseKey
RegQueryValueExA
RegOpenKeyA

api-ms-win-core-versionansi-l1-1-0

GetFileVersionInfoExA
VerQueryValueA
GetFileVersionInfoSizeExA

ext-ms-win-rtcore-ntuser-dpi-l1-1-0

SetProcessDpiAwarenessInternal
GetProcessDpiAwarenessInternal

api-ms-win-gdi-dpiinfo-l1-1-0

GetCurrentDpiInfo

ntdll

VerSetConditionMask
EtwEventWriteNoRegistration

d3d8thk

OsThunkDdDeleteSurfaceObject
OsThunkDdGetDriverInfo
OsThunkD3dContextDestroyAll
OsThunkDdGetFlipStatus
OsThunkDdCanCreateD3DBuffer
OsThunkDdDestroySurface
OsThunkD3dDrawPrimitives2
OsThunkDdSetExclusiveMode
OsThunkDdGetDC
OsThunkD3dContextCreate
OsThunkDdCreateSurface
OsThunkDdLock
OsThunkD3dContextDestroy
OsThunkDdUnlock
OsThunkDdGetBltStatus
OsThunkDdGetAvailDriverMemory
OsThunkDdFlip
OsThunkD3dValidateTextureStageState
OsThunkDdGetDriverState
OsThunkDdReleaseDC
OsThunkDdWaitForVerticalBlank
OsThunkDdFlipToGDISurface
OsThunkDdAttachSurface
OsThunkDdDeleteDirectDrawObject
OsThunkDdDestroyD3DBuffer
OsThunkDdGetScanLine
OsThunkDdUnlockD3D
OsThunkDdCreateSurfaceObject
OsThunkDdReenableDirectDrawObject
OsThunkDdSetGammaRamp
OsThunkDdCreateD3DBuffer
OsThunkDdQueryDirectDrawObject
OsThunkDdLockD3D
OsThunkDdCanCreateSurface
OsThunkDdCreateSurfaceEx
OsThunkDdBlt
OsThunkDdResetVisrgn

gdi32

DeleteObject
GetRandomRgn
D3DKMTMakeResident
D3DKMTPresent
D3DKMTEvict
D3DKMTDestroyAllocation2
D3DKMTLock2
D3DKMTCreateAllocation
D3DKMTMapGpuVirtualAddress
D3DKMTDestroyContext
D3DKMTDestroyAllocation
D3DKMTFreeGpuVirtualAddress
D3DKMTCloseAdapter
D3DKMTCreateHwQueue
D3DKMTSharedPrimaryUnLockNotification
D3DKMTRegisterTrimNotification
D3DKMTWaitForSynchronizationObjectFromCpu
D3DKMTUnregisterTrimNotification
D3DKMTGetSharedPrimaryHandle
D3DKMTEscape
D3DKMTSubmitPresentToHwQueue
D3DKMTUnlock2
D3DKMTUpdateAllocationProperty
D3DKMTWaitForSynchronizationObject
D3DKMTDestroySynchronizationObject
D3DKMTSetGammaRamp
D3DKMTCreateSynchronizationObject2
SetStretchBltMode
D3DKMTReclaimAllocations
D3DKMTCreateSynchronizationObject
D3DKMTUpdateGpuVirtualAddress
D3DKMTOpenAdapterFromHdc
D3DKMTDestroyDCFromMemory
D3DKMTOpenResource
D3DKMTDestroyPagingQueue
D3DKMTCreateAllocation2
D3DKMTQueryAllocationResidency
D3DKMTSharedPrimaryLockNotification
D3DKMTSetDisplayPrivateDriverFormat
D3DKMTSetVidPnSourceOwner
D3DKMTCreateDevice
D3DKMTSubmitCommand
D3DKMTRender
D3DKMTDestroyHwQueue
D3DKMTInvalidateCache
D3DKMTSignalSynchronizationObjectFromGpu
D3DKMTWaitForSynchronizationObjectFromGpu
DeleteDC
D3DKMTSetDisplayMode
D3DKMTSubmitSignalSyncObjectsToHwQueue
D3DKMTSignalSynchronizationObject
D3DKMTReclaimAllocations2
D3DKMTCreateContext
D3DKMTSubmitCommandToHwQueue
D3DKMTCreatePagingQueue
D3DKMTSubmitWaitForSyncObjectsToHwQueue
D3DKMTCreateDCFromMemory
D3DKMTDestroyDevice
D3DKMTReserveGpuVirtualAddress
D3DKMTGetMultisampleMethodList
D3DKMTSignalSynchronizationObjectFromGpu2
D3DKMTCreateContextVirtual
GdiEntry1
GetRegionData
CreateRectRgn
GetDIBits
GetDeviceGammaRamp
GdiEntry13
StretchBlt
CreateCompatibleBitmap
GetDeviceCaps
GetNearestColor
CreateCompatibleDC
SelectObject
CreateDIBitmap
GetObjectA
GetSystemPaletteEntries
D3DKMTGetDisplayModeList
D3DKMTSetAllocationPriority
D3DKMTQueryResourceInfo
D3DKMTSignalSynchronizationObject2
D3DKMTGetScanLine
D3DKMTMarkDeviceAsError
D3DKMTUnlock
D3DKMTLock
D3DKMTOpenResource2
D3DKMTWaitForSynchronizationObject2
D3DKMTSignalSynchronizationObjectFromCpu
CreateDCA
D3DKMTOfferAllocations
D3DKMTGetResourcePresentPrivateDriverData
D3DKMTGetDeviceState
D3DKMTQueryAdapterInfo
BitBlt

kernel32

GetVersionExA
IsProcessorFeaturePresent
WaitForSingleObject
GetSystemTimeAsFileTime
QueryPerformanceCounter
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
WriteFile
PeekNamedPipe
ReadFile
FlushFileBuffers
DisconnectNamedPipe
ConnectNamedPipe
SetNamedPipeHandleState
GetModuleFileNameA
OutputDebugStringA
ResetEvent
OpenEventW
ReleaseSemaphore
CreateSemaphoreA
GlobalAddAtomA
GetSystemDirectoryA
CreateFileA
MultiByteToWideChar
SetErrorMode
GetCurrentProcess
VerifyVersionInfoA
GetTickCount
DebugBreak
WideCharToMultiByte
LoadLibraryW
OutputDebugStringW
Sleep
lstrcmpA
LocalAlloc
GetProcessHeap
GetCurrentProcessId
LocalFree
HeapAlloc
CloseHandle
DisableThreadLibraryCalls
OpenMutexA
GetModuleHandleA
ReleaseMutex
GetLastError
GetNativeSystemInfo
LoadLibraryA
GetProcAddress
FreeLibrary
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetCurrentThreadId
QueryPerformanceFrequency
InitializeCriticalSection
HeapFree
CreateMutexA

dwmapi

ord101
ord100
DwmIsCompositionEnabled

Exports

Exports

DebugSetMute
Direct3D8EnableMaximizedWindowedModeShim
Direct3DCreate8
ValidatePixelShader
ValidateVertexShader

Sections

.text
Size: 643KB - Virtual size: 642KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 164KB - Virtual size: 164KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

866fd0b587e4e2281a6bb79e39bc29de

Headers

DLL Characteristics

File Characteristics

Imports

msvcrt

user32

advapi32

api-ms-win-core-versionansi-l1-1-0

ext-ms-win-rtcore-ntuser-dpi-l1-1-0

api-ms-win-gdi-dpiinfo-l1-1-0

ntdll

d3d8thk

gdi32

kernel32

dwmapi

Exports

Exports

Sections

.text Size: 643KB - Virtual size: 642KB

.data Size: 4KB - Virtual size: 20KB

.idata Size: 9KB - Virtual size: 9KB

.rsrc Size: 1024B - Virtual size: 1008B

.reloc Size: 164KB - Virtual size: 164KB

.text
Size: 643KB - Virtual size: 642KB

.data
Size: 4KB - Virtual size: 20KB

.idata
Size: 9KB - Virtual size: 9KB

.rsrc
Size: 1024B - Virtual size: 1008B

.reloc
Size: 164KB - Virtual size: 164KB