c026589c3aa814db894ce9ea2a451b00_dll32_JC[.]dll

Sharing

Copy URL Twitter E-mail

General

Target

c026589c3aa814db894ce9ea2a451b00_dll32_JC.dll
Size

180KB
MD5

c026589c3aa814db894ce9ea2a451b00
SHA1

be7f66e8700e7215680fd4b2626144dfa724435d
SHA256

10aa5462a73c1896d3844466218d6e3d0649d3a9839d7deb48826164ce6087c3
SHA512

80b6e10e3762fe647b184fa9131c7888f1587f2a3a23bc9a2de9fa90e98b64be45402e3ffb13d162a7f7bb8d2614cb2a12e86eef3f4b1a7bbc993b0f430cbb2d
SSDEEP

3072:p13VFWv0Hn2crL1ZeDwWfPdAp0bMz8wK3udh4tVJfGl4z+gb4Swtx:H3ivMBlQEcPbbMz8w6udh4v5X14r

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c026589c3aa814db894ce9ea2a451b00_dll32_JC.dll

Files

c026589c3aa814db894ce9ea2a451b00_dll32_JC.dll
.dll windows:4 windows x86

58ef89376fe3a4d669d85ab5f5fcf2ff

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

OpenEventA
CreateMutexA
CopyFileA
lstrcatA
WriteFile
FreeLibrary
LoadLibraryA
MultiByteToWideChar
WideCharToMultiByte
lstrcmpA
ReleaseMutex
GetModuleHandleA
lstrcmpiA
LocalSize
LoadLibraryW
GetProcAddress
HeapSize
GetSystemInfo
lstrlenA
CloseHandle
Sleep
InterlockedExchange
GetLastError
lstrcpyA
VirtualProtect
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
InitializeCriticalSection
IsBadCodePtr
IsBadReadPtr
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStartupInfoA
GetFileType
GetStdHandle
SetHandleCount
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetCPInfo
GetOEMCP
GetACP
LCMapStringW
LCMapStringA
VirtualQuery
IsBadWritePtr
VirtualAlloc
RtlUnwind
ExitProcess
RaiseException
HeapReAlloc
HeapAlloc
HeapFree
ExitThread
GetCurrentThreadId
CreateThread
GetCommandLineA
GetVersionExA
TlsAlloc
SetLastError
TlsFree
TlsSetValue
TlsGetValue
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
GetModuleFileNameA
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
SetUnhandledExceptionFilter
HeapDestroy
HeapCreate
VirtualFree

user32

SendMessageA
GetCursorInfo
DestroyCursor
IsWindow
wsprintfA
LoadCursorA

msvfw32

ICSeqCompressFrame
ICSeqCompressFrameEnd
ICSeqCompressFrameStart
ICSendMessage
ICOpen
ICClose
ICCompressorFree

winmm

waveOutClose
waveOutUnprepareHeader
waveInGetNumDevs
waveOutReset
waveInPrepareHeader
waveInUnprepareHeader
waveInReset
waveInStop
waveOutPrepareHeader
waveOutOpen
waveOutGetNumDevs
waveInAddBuffer
waveOutWrite
waveInOpen
waveInStart
waveInClose

Exports

Exports

CryptServiceMain
GetDllModuleControlInit
ServiceMain

Sections

.text
Size: 128KB - Virtual size: 124KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 872B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

58ef89376fe3a4d669d85ab5f5fcf2ff

Headers

File Characteristics

Imports

kernel32

user32

msvfw32

winmm

Exports

Exports

Sections

.text Size: 128KB - Virtual size: 124KB

.rdata Size: 20KB - Virtual size: 19KB

.data Size: 12KB - Virtual size: 12KB

.rsrc Size: 4KB - Virtual size: 872B

.reloc Size: 12KB - Virtual size: 9KB

.text
Size: 128KB - Virtual size: 124KB

.rdata
Size: 20KB - Virtual size: 19KB

.data
Size: 12KB - Virtual size: 12KB

.rsrc
Size: 4KB - Virtual size: 872B

.reloc
Size: 12KB - Virtual size: 9KB