af2d14423c034422cf4f15ecc3563400_dll32_JC[.]dll

Sharing

Copy URL Twitter E-mail

General

Target

af2d14423c034422cf4f15ecc3563400_dll32_JC.dll
Size

147KB
MD5

af2d14423c034422cf4f15ecc3563400
SHA1

56c39daccc2853a6cd96c2471cfd005d5b305830
SHA256

4baa4071a5eedbe0a8afa1059f7732e5cde0433dd0425e075721dd2cdec9d70d
SHA512

65ac184591cbe41ca762cb0b2b6d016a695ff7dc066a92665ba5ada5de45412b4c766463b01f921a13068f087b1089fe3d7050ee0ee9f5e16183eba4f4b53b7c
SSDEEP

3072:mY3x7CnaFhasB8k866pgYV1dFE2BWqTBfYEIqxg2KVMku4:mY3y8h9O66pndnMqTBggku

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
af2d14423c034422cf4f15ecc3563400_dll32_JC.dll

Files

af2d14423c034422cf4f15ecc3563400_dll32_JC.dll
.dll windows:5 windows x86

12b9749121d356c6cc04641b5c33e552

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LeaveCriticalSection
InitializeCriticalSection
CreateFileW
CloseHandle
DeleteCriticalSection
GetVolumeInformationW
GetModuleFileNameW
FindClose
MultiByteToWideChar
Sleep
WriteFile
GetProcAddress
GetModuleHandleW
FreeLibrary
WideCharToMultiByte
WaitForSingleObject
CreateEventW
SetEvent
ResetEvent
CreateThread
VirtualFree
VirtualAlloc
GetModuleHandleA
LoadLibraryA
DecodePointer
EnterCriticalSection
GetProcessHeap
HeapAlloc
HeapFree
LoadLibraryW
WriteConsoleW
SetFilePointerEx
GetConsoleCP
FlushFileBuffers
GetConsoleMode
HeapReAlloc
HeapSize
SetStdHandle
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetCPInfo
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
GetSystemTime
GetLocalTime
GetComputerNameW
EncodePointer
RaiseException
InterlockedFlushSList
GetLastError
SetLastError
RtlUnwind
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
LoadLibraryExW
ExitProcess
GetModuleHandleExW
GetModuleFileNameA
GetStringTypeW
GetACP
GetStdHandle
GetFileType
LCMapStringW
FindFirstFileExA
FindNextFileA
IsValidCodePage
GetOEMCP
GetTickCount

user32

wsprintfW

advapi32

GetUserNameW

shell32

SHGetFolderPathA

ws2_32

bind
closesocket
listen
socket
accept
WSACleanup
gethostbyname
WSAStartup
inet_ntoa
gethostname
recv
InetNtopW
send
select
htons

Exports

Exports

InitHooks
SetClientVerdict
SetShuttingDownHint

Sections

.text
Size: 97KB - Virtual size: 96KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 512B - Virtual size: 272B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

12b9749121d356c6cc04641b5c33e552

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

shell32

ws2_32

Exports

Exports

Sections

.text Size: 97KB - Virtual size: 96KB

.rdata Size: 40KB - Virtual size: 39KB

.data Size: 2KB - Virtual size: 4KB

.gfids Size: 512B - Virtual size: 272B

.reloc Size: 6KB - Virtual size: 5KB

.text
Size: 97KB - Virtual size: 96KB

.rdata
Size: 40KB - Virtual size: 39KB

.data
Size: 2KB - Virtual size: 4KB

.gfids
Size: 512B - Virtual size: 272B

.reloc
Size: 6KB - Virtual size: 5KB