f3815194ea890103970d5e92867d7350_dll32_JC[.]dll

Sharing

Copy URL

Twitter E-mail

General

Target

f3815194ea890103970d5e92867d7350_dll32_JC.dll
Size

144KB
MD5

f3815194ea890103970d5e92867d7350
SHA1

6305937147283a530b2963f3074313e4d784242b
SHA256

5d2cce0985a00ccc22dc5b6b0eb57d8a1f93a5878ac6f88e61574517295006ff
SHA512

aa4ff4f2f96d8f560f0010fa72c50eb6504adbbb54557bf6d5f2e07e9740c306287a2c21b6fbefa673d65dcc1379220354a7b74cd31f76d403611c60521529ac
SSDEEP

1536:Y38ebGiH3WwzXq2LaR0F5gulnbkaGwOpDtrlQylYj77C6S3NtMSnU9TB:clGiq6aCnizuG6S3NtMyUx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f3815194ea890103970d5e92867d7350_dll32_JC.dll

Files

f3815194ea890103970d5e92867d7350_dll32_JC.dll
.dll windows:4 windows x86

220c7a1fc5f2d666fb90146d7b73d802

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

SizeofResource
LockResource
LoadResource
FindResourceA
FindResourceExA
Sleep
CreateThread
CloseHandle
CreateMutexA
GetModuleFileNameA
VirtualProtect
VirtualQuery
VirtualFree
VirtualAlloc
InitializeCriticalSection
DeleteCriticalSection
GetLastError
LeaveCriticalSection
Thread32Next
GetCurrentThreadId
GetCurrentProcessId
Thread32First
CreateToolhelp32Snapshot
SetThreadContext
GetThreadContext
SuspendThread
OpenThread
ResumeThread
FlushFileBuffers
CreateFileA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
GetConsoleMode
GetConsoleCP
SetFilePointer
LoadLibraryA
WideCharToMultiByte
MultiByteToWideChar
EnterCriticalSection
InterlockedExchange
GetACP
GetLocaleInfoA
GetThreadLocale
GetVersionExA
RaiseException
HeapDestroy
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
GetProcessHeap
GetProcAddress
GetModuleHandleA
RtlUnwind
GetCommandLineA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetCPInfo
InterlockedIncrement
InterlockedDecrement
GetOEMCP
IsValidCodePage
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
LCMapStringA
LCMapStringW
HeapCreate
ExitProcess
WriteFile
GetStdHandle
SetHandleCount
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetSystemTimeAsFileTime
GetStringTypeA
GetStringTypeW

user32

SetWindowTextW
DispatchMessageW
GetWindowTextA
GetParent
IsWindow
SendMessageA
EnumWindows
GetWindowLongA
EnumChildWindows
GetClassNameA
UnregisterClassA

advapi32

RegQueryValueExA
RegCloseKey
RegOpenKeyA

Exports

Exports

_chiwnmsdpsncjdspwjhhsp@8
_choewnmdsdzxwpm@4

Sections

.text
Size: 96KB - Virtual size: 92KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 271KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 176B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

220c7a1fc5f2d666fb90146d7b73d802

Headers

File Characteristics

Imports

kernel32

user32

advapi32

Exports

Exports

Sections

.text Size: 96KB - Virtual size: 92KB

.rdata Size: 20KB - Virtual size: 16KB

.data Size: 8KB - Virtual size: 271KB

.rsrc Size: 4KB - Virtual size: 176B

.reloc Size: 12KB - Virtual size: 8KB

.text
Size: 96KB - Virtual size: 92KB

.rdata
Size: 20KB - Virtual size: 16KB

.data
Size: 8KB - Virtual size: 271KB

.rsrc
Size: 4KB - Virtual size: 176B

.reloc
Size: 12KB - Virtual size: 8KB