a27e019a9d2181888e65902b1ff25c90_dll32_JC[.]dll

Sharing

Copy URL Twitter E-mail

General

Target

a27e019a9d2181888e65902b1ff25c90_dll32_JC.dll
Size

153KB
MD5

a27e019a9d2181888e65902b1ff25c90
SHA1

517da713940a1cf897f5d51689ee2e0f06b3344e
SHA256

fe5a30ed4f33552e97f660acb735fd0992af6fe27f0675027526e10b0cb8ed9c
SHA512

a44467aa808e0a2b616ef59478bf8319b61ecf9151ca8e93c5d2cddb0c1535bae9ddd464b7088f2645302057c7699d20a94350cd5e6a96f3a0a8e9ea380f24ea
SSDEEP

3072:odDiUnhjjvI4gC8q53BTWynC+kksF3O3qTjLx+A2b/UHu:eDiEjjCC8q5xTWyAtLf27b

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a27e019a9d2181888e65902b1ff25c90_dll32_JC.dll

Files

a27e019a9d2181888e65902b1ff25c90_dll32_JC.dll
.dll regsvr32 windows:5 windows x86

fd7b732ca6177c485cca4522b9cdec46

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

SetLastError
GetModuleFileNameW
OutputDebugStringA
MultiByteToWideChar
GetCurrentThreadId
InterlockedIncrement
lstrlenW
InitializeCriticalSection
DeleteCriticalSection
lstrcmpiA
LoadLibraryExA
DisableThreadLibraryCalls
GetModuleFileNameA
IsDBCSLeadByte
FreeLibrary
SizeofResource
LoadResource
FindResourceA
Sleep
HeapSize
HeapReAlloc
FlushFileBuffers
CloseHandle
CreateFileA
GetLastError
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
GetConsoleMode
GetConsoleCP
SetFilePointer
InitializeCriticalSectionAndSpinCount
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
GetCurrentProcess
FlushInstructionCache
LeaveCriticalSection
EnterCriticalSection
GetVersion
RaiseException
GetFileAttributesW
GetProcAddress
GetModuleHandleW
LoadLibraryW
GetModuleHandleA
LoadLibraryA
lstrlenA
WideCharToMultiByte
WriteConsoleW
InterlockedDecrement
FreeEnvironmentStringsA
GetStartupInfoA
GetFileType
SetHandleCount
GetStdHandle
WriteFile
HeapDestroy
HeapCreate
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetCommandLineA
VirtualQuery
GetSystemInfo
VirtualProtect
IsDebuggerPresent
InterlockedCompareExchange
HeapFree
GetProcessHeap
HeapAlloc
IsProcessorFeaturePresent
VirtualFree
VirtualAlloc
RtlUnwind
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
ExitProcess

user32

DestroyMenu
DestroyWindow
SetWindowTextA
UnregisterClassA
GetWindowTextA
GetWindowTextLengthA
ShowWindow
GetDlgItem
CharNextW
CharNextA
LoadImageA
TrackPopupMenu
ReleaseDC
GetDC
LoadStringA
CreateWindowExA
GetClassInfoExA
RegisterClassExA
LoadCursorA
SetFocus
MapWindowPoints
MoveWindow
SetWindowPos
SetMenuItemBitmaps
AppendMenuA
CreatePopupMenu
GetWindow
GetFocus
TranslateMessage
DispatchMessageA
DefWindowProcA
GetWindowLongA
SetWindowLongA
CallWindowProcA
IsWindow
GetClientRect
SendMessageA

gdi32

DeleteDC
GetObjectA
CreateFontIndirectA
SelectObject
GetStockObject

advapi32

RegDeleteValueA
RegEnumKeyExA
RegEnumValueA
RegSetValueExA
RegOpenKeyExA
RegCreateKeyExA
RegDeleteKeyA
RegCloseKey
RegQueryInfoKeyA

ole32

CoTaskMemRealloc
CoTaskMemFree
CoCreateInstance
StringFromGUID2
CoTaskMemAlloc
CoInitialize

oleaut32

LoadRegTypeLi
VarUI4FromStr
RegisterTypeLi
UnRegisterTypeLi
LoadTypeLi
SysAllocStringLen
VariantClear
SysAllocString
VariantInit
VarBstrCmp
SysStringLen
VarBstrCat
SysStringByteLen
SysAllocStringByteLen
SysFreeString

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 100KB - Virtual size: 100KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fd7b732ca6177c485cca4522b9cdec46

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

ole32

oleaut32

Exports

Exports

Sections

.text Size: 100KB - Virtual size: 100KB

.rdata Size: 24KB - Virtual size: 24KB

.data Size: 8KB - Virtual size: 14KB

.rsrc Size: 9KB - Virtual size: 8KB

.reloc Size: 10KB - Virtual size: 9KB

.text
Size: 100KB - Virtual size: 100KB

.rdata
Size: 24KB - Virtual size: 24KB

.data
Size: 8KB - Virtual size: 14KB

.rsrc
Size: 9KB - Virtual size: 8KB

.reloc
Size: 10KB - Virtual size: 9KB