05f1f949cff8fc27b479f40b7f04b970_dll64_JC[.]dll

Sharing

Copy URL Twitter E-mail

General

Target

05f1f949cff8fc27b479f40b7f04b970_dll64_JC.dll
Size

590KB
MD5

05f1f949cff8fc27b479f40b7f04b970
SHA1

a67b3caf2f72420918ebd31a54f1a83a7e1a8e79
SHA256

6c9464db0c22ca911b6dcfc49b967cc8da6a28fe56d0d5f1a8b2d565bb680d87
SHA512

c48672e739129f1d8205a16a1cd53f9dc24655e5bfcfd5f2a370efd191bb6dfc83cae3592387f1b9eeeeb9002f8adf945b0b6b2ba0ab333dc665593f40aa73fa
SSDEEP

12288:7X78OR3S1AEYMvMb+QFthhSWFXu901RCb:7X78OR3Sd0+gthT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
05f1f949cff8fc27b479f40b7f04b970_dll64_JC.dll

Files

05f1f949cff8fc27b479f40b7f04b970_dll64_JC.dll
.dll regsvr32 windows:5 windows x64

ccbf3c721c5647ce1c12f0be83bddd48

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

msvcr100

?_type_info_dtor_internal_method@type_info@@QEAAXXZ
__crt_debugger_hook
_onexit
_lock
__dllonexit
_unlock
__CppXcptFilter
_amsg_exit
_encoded_null
??3@YAXPEAX@Z
_initterm_e
_initterm
_malloc_crt
__C_specific_handler
?terminate@@YAXXZ
??_V@YAXPEAX@Z
??_U@YAPEAX_K@Z
memcmp
memcpy
_vsnwprintf
_waccess
vswprintf_s
swprintf_s
feof
fclose
fseek
ftell
fread
_wfopen_s
wcscpy_s
_aligned_malloc
_aligned_free
memmove
malloc
free
??2@YAPEAX_K@Z
__clean_type_info_names_internal
__CxxFrameHandler3
cos
sin
log
atan
expf
memset
logf
log10f
cosf
tan
sinf
sqrtf
powf
log10
pow
exp
sqrt

kernel32

GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
QueryPerformanceCounter
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
Sleep
DecodePointer
EncodePointer
CreateThread
CloseHandle
FindNextChangeNotification
CreateEventW
SetEvent
FindCloseChangeNotification
WaitForSingleObject
FindFirstChangeNotificationW
GetModuleFileNameW
CreateDirectoryW
GetTickCount
DeleteCriticalSection
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
WaitForMultipleObjects

advapi32

RegSetValueExW
RegCloseKey
RegOpenKeyExW
RegQueryValueExW
RegCreateKeyExW
RegDeleteKeyExW

ole32

StringFromGUID2
CoTaskMemFree
StringFromCLSID
CoTaskMemAlloc

Exports

Exports

CreateEngineObject
CreateEngineObjectEx
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
GetDriverCodeName
GetDriverVersion
ReleaseEngineObject

Sections

.text
Size: 140KB - Virtual size: 140KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

RT_CODE
Size: 512B - Virtual size: 3B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 437KB - Virtual size: 437KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ccbf3c721c5647ce1c12f0be83bddd48

Headers

DLL Characteristics

File Characteristics

Imports

msvcr100

kernel32

advapi32

ole32

Exports

Exports

Sections

.text Size: 140KB - Virtual size: 140KB

RT_CODE Size: 512B - Virtual size: 3B

.rdata Size: 437KB - Virtual size: 437KB

.data Size: 1024B - Virtual size: 3KB

.pdata Size: 7KB - Virtual size: 6KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 140KB - Virtual size: 140KB

RT_CODE
Size: 512B - Virtual size: 3B

.rdata
Size: 437KB - Virtual size: 437KB

.data
Size: 1024B - Virtual size: 3KB

.pdata
Size: 7KB - Virtual size: 6KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 1KB - Virtual size: 1KB