929131d0edc81ddf1961eee11fac5060_dll32_JC[.]dll

General

Target

929131d0edc81ddf1961eee11fac5060_dll32_JC.dll
Size

421KB
MD5

929131d0edc81ddf1961eee11fac5060
SHA1

3c543796117d76bde75ca47e0d3f6dc7965f3d11
SHA256

e7144189e3ee7e0671aafe1e344715b8f5deb5153fabefb6c8f4990c12c590dc
SHA512

027ae2d4feffabd1e022f3a100a4a7d91b6d644d75f139edc6c5d48e3450854bb37cd2878c87c3c3e3c5587c14de0a33dba0b0d1cb2c1b0849b0ceebf5fc47ac
SSDEEP

6144:hbOB5NBvsJRWse6Ke3HJpbgIJNj1h3/9oeNNtN1u5bOabM3c:hbOjvyWc5rJ9v9u5b6c

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
929131d0edc81ddf1961eee11fac5060_dll32_JC.dll

Files

929131d0edc81ddf1961eee11fac5060_dll32_JC.dll
.dll windows:5 windows x86

ed947c6caf6fc328d4ab0f7c39763288

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvcr100

free
_access
strtok_s
strerror
_errno
sprintf
_localtime64
_time64
strftime
strrchr
setvbuf
fopen
fclose
_sleep
_unlock
__dllonexit
_lock
_onexit
_malloc_crt
_encoded_null
_initterm
_initterm_e
_amsg_exit
__CppXcptFilter
_crt_debugger_hook
_except_handler4_common
__clean_type_info_names_internal
fflush
_vsnprintf
strncpy
fprintf
getenv
atol
strtol
abort
strcpy
strcat
exit
abs
strchr
_setjmp3
memcpy
_snprintf
longjmp
strlen
strncmp
strcmp
__iob_func
isdigit
memset
_getpid
_strdup

kernel32

GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
DisableThreadLibraryCalls
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
InterlockedCompareExchange
Sleep
InterlockedExchange
DecodePointer
EncodePointer
GetLastError
FormatMessageA
CreateProcessA
GetCurrentThreadId
LoadLibraryA
GetProcAddress
GetSystemTimeAsFileTime

Exports

Exports

_Agent_OnLoad@12
_Agent_OnUnload@4

Sections

.text
Size: 116KB - Virtual size: 116KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 920B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 277KB - Virtual size: 280KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ed947c6caf6fc328d4ab0f7c39763288

Headers

DLL Characteristics

File Characteristics

Imports

msvcr100

kernel32

Exports

Exports

Sections

.text Size: 116KB - Virtual size: 116KB

.rdata Size: 24KB - Virtual size: 24KB

.data Size: 1024B - Virtual size: 2KB

.rsrc Size: 1024B - Virtual size: 920B

.reloc Size: 277KB - Virtual size: 280KB

.text
Size: 116KB - Virtual size: 116KB

.rdata
Size: 24KB - Virtual size: 24KB

.data
Size: 1024B - Virtual size: 2KB

.rsrc
Size: 1024B - Virtual size: 920B

.reloc
Size: 277KB - Virtual size: 280KB