e28f7368dd40cf25a86d0d66e2850dd0_dll32_JC[.]dll | Triage

Sharing

Copy URL Twitter E-mail

General

Target

e28f7368dd40cf25a86d0d66e2850dd0_dll32_JC.dll
Size

939KB
MD5

e28f7368dd40cf25a86d0d66e2850dd0
SHA1

314b9227f1b6ec5e4409a7239dd274bab0b7e604
SHA256

27947da2836ee5afde9803149b63b4bf48ed2aaf585798011f63c48bf5885b48
SHA512

80c4f6f568d24a98ee6f99d64258dd949f73854743f4b08e0cdbb984173efd0364baa3fd17d1025c67ae56e9aa5183b90bfd87cafdf7eadd519fefa2b562eddb
SSDEEP

24576:81xRcYCpSz/j4/7KvZEN842Yhk10gXtIJvsD3oY6H:q1WzqELhk1Kq3rO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e28f7368dd40cf25a86d0d66e2850dd0_dll32_JC.dll

Files

e28f7368dd40cf25a86d0d66e2850dd0_dll32_JC.dll
.dll windows:5 windows x86

36fe21a85008ad2019e615e360342853

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvcrt

memset

kernel32

GetVersionExW
FindFirstFileA
GetModuleFileNameW
GetModuleHandleA
LoadLibraryA
LocalAlloc
LocalFree
GetModuleFileNameA
ExitProcess

user32

RegisterClassExW

ws2_32

recv

winmm

PlaySoundA

gdi32

CreateSolidBrush

advapi32

AdjustTokenPrivileges

Sections

.text
Size: - Virtual size: 50KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data0
Size: - Virtual size: 833KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data1
Size: 936KB - Virtual size: 936KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 276B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 834B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ