428cdbfdd8cae967798f3e5331b9d860_dll64_JC[.]dll

Sharing

Copy URL Twitter E-mail

General

Target

428cdbfdd8cae967798f3e5331b9d860_dll64_JC.dll
Size

12KB
MD5

428cdbfdd8cae967798f3e5331b9d860
SHA1

db665c5abe2fab1b1ef0707280dc8751675df420
SHA256

ae3a501c0ee09588a6e0c459d875d71698f783d4439123e92f01dc7bf49639a1
SHA512

74b7fe053d93eb998431579027d3b8e732ef7f6bd21560b557e05567f199d0cfe8d39accb7b0a69b0846ade8f480fbed46984bb9c6d26491cdbed28701122718
SSDEEP

192:MWnw6SMlLjR7CiubTvrJpOue1qvGcqgz8pptf:NFVKzDOuT+gz8pn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
428cdbfdd8cae967798f3e5331b9d860_dll64_JC.dll

Files

428cdbfdd8cae967798f3e5331b9d860_dll64_JC.dll
.dll windows:6 windows x64

b7b86a79048044d07db6b7de63b7c90e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

kernel32

RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
DisableThreadLibraryCalls
InitializeSListHead
IsDebuggerPresent

vcruntime140

__C_specific_handler
__std_type_info_destroy_list
memset
memcpy
memmove

api-ms-win-crt-heap-l1-1-0

free
calloc

api-ms-win-crt-runtime-l1-1-0

_seh_filter_dll
_configure_narrow_argv
_initialize_narrow_environment
_initialize_onexit_table
_initterm
_execute_onexit_table
_cexit
_initterm_e
_wassert

Exports

Exports

CFB_decrypt
CFB_encrypt
CFB_start_operation
CFB_stop_operation
PyInit__raw_cfb

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1024B - Virtual size: 576B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 248B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 44B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b7b86a79048044d07db6b7de63b7c90e

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

vcruntime140

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-runtime-l1-1-0

Exports

Exports

Sections

.text Size: 5KB - Virtual size: 4KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 512B - Virtual size: 1KB

.pdata Size: 1024B - Virtual size: 576B

.rsrc Size: 512B - Virtual size: 248B

.reloc Size: 512B - Virtual size: 44B

.text
Size: 5KB - Virtual size: 4KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 512B - Virtual size: 1KB

.pdata
Size: 1024B - Virtual size: 576B

.rsrc
Size: 512B - Virtual size: 248B

.reloc
Size: 512B - Virtual size: 44B