59eafd2de665aec098864be09ef32f70_dll64_JC[.]dll

Sharing

Copy URL Twitter E-mail

General

Target

59eafd2de665aec098864be09ef32f70_dll64_JC.dll
Size

472KB
MD5

59eafd2de665aec098864be09ef32f70
SHA1

8ad5c15ef233d986afbe251513c1aa5b66732ddc
SHA256

7278a2e1442306d7b3431edc19f716705ebbd4c9a24f37280740f28f3edcae77
SHA512

dee5faefb72e78f32805b64bf7492f7a4f4f54134eb6b71fe12df4f1c822948c1c29c9ccdf748bde0000af810fdca7122f542f0b76e7fa1865dc63f9f2a88021
SSDEEP

3072:ccVnDJ5hYCRJeNOvi+OO4GGJsO2tkMEf2TbMQdvFJLKAI8QkXmTCDx/7dKeRvv2W:ccVnt5h8yi+qPQtkT2TrdvDWPIieRvvb

Score

1^/10

Malware Config

Signatures

Files

59eafd2de665aec098864be09ef32f70_dll64_JC.dll
.dll windows:6 windows x64

f381138d67d62b7a4bd5614a0df8bff1

Code Sign

12:82:6e:fe:1b:33:99:67:bd:c6:c3:18:63:6a:59:ee
Certificate

Issuer

CN=MarSpeedpFirm,1.2.840.113549.1.9.1=#0c19537570706f7274406d61727370656564706669726d2e656475

Not Before

26/05/2020, 00:00

Not After

26/05/2021, 23:59

Subject

CN=MarSpeedpFirm,1.2.840.113549.1.9.1=#0c19537570706f7274406d61727370656564706669726d2e656475

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

wininet

InternetSetCookieExW
FtpCommandA
InternetFindNextFileW
InternetGoOnlineW
FindFirstUrlCacheGroup

kernel32

Beep
FindResourceExW
LoadResource
LockResource
SizeofResource
OpenPrivateNamespaceW
LocalReAlloc
DebugBreakProcess
ClearCommBreak
LoadLibraryW
FindResourceW
UpdateResourceW
WriteProfileStringA
MoveFileA
WaitNamedPipeA
SetComputerNameW
FindFirstVolumeA
SetFileTime
CreateSymbolicLinkW
WideCharToMultiByte
GetLocaleInfoW
FoldStringA
SetConsoleHistoryInfo
GetConsoleMode
CloseHandle
EnterCriticalSection
LeaveCriticalSection
Sleep
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetThreadPriority
SuspendThread
VirtualAlloc
VirtualQuery
GetFileAttributesExW
Heap32First
LoadLibraryA
GetProcAddress
GetModuleHandleA
FreeLibrary
InitializeCriticalSectionEx
GetThreadSelectorEntry
GetCurrentThread
GetUserDefaultLCID
IsValidLocale
EnumSystemLocalesW
HeapSize
CreateFileW
FindNextVolumeA
HeapDestroy
CreateSemaphoreW
GetModuleHandleW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
TerminateProcess
LCMapStringW
CompareStringW
GetTimeFormatW
GetDateFormatW
GetStringTypeW
SetFilePointerEx
SetStdHandle
GetStdHandle
GetFileType
GetModuleFileNameW
GetModuleHandleExW
WriteConsoleW
RtlPcToFileHeader
RaiseException
RtlLookupFunctionEntry
RtlUnwindEx
GetLastError
HeapFree
HeapAlloc
GetCommandLineA
IsDebuggerPresent
IsProcessorFeaturePresent
EncodePointer
DecodePointer
ExitProcess
AreFileApisANSI
MultiByteToWideChar
SetConsoleCtrlHandler
OutputDebugStringW
LoadLibraryExW
WriteFile
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
FatalAppExitA
FlushFileBuffers
GetConsoleCP
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
SetLastError
GetProcessHeap
GetStartupInfoW
GetModuleFileNameA
QueryPerformanceCounter
GetSystemTimeAsFileTime
GetEnvironmentStringsW
FreeEnvironmentStringsW
RtlCaptureContext
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
HeapReAlloc

comdlg32

PrintDlgA
ChooseFontW
ReplaceTextW
FindTextA
ChooseColorW
GetFileTitleW
GetFileTitleA
GetOpenFileNameW
GetOpenFileNameA
PrintDlgW

advapi32

RegLoadMUIStringW
RegSaveKeyA
SetServiceBits
InitiateSystemShutdownW

powrprof

GetPwrCapabilities
PowerCreateSetting
PowerWriteValueMin
PowerWriteDescription
PowerReadValueIncrement
SetActivePwrScheme

secur32

InitializeSecurityContextW
InitSecurityInterfaceW
AddCredentialsA

wtsapi32

WTSSetUserConfigA
WTSQuerySessionInformationA

Exports

Exports

HookBringWindowToTop
HookSetActiveWindow
HookSetForegroundWindow
HookSetWindowPos
NeedToChange

Sections

.text
Size: 210KB - Virtual size: 210KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 63KB - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 178KB - Virtual size: 188KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f381138d67d62b7a4bd5614a0df8bff1

Code Sign

12:82:6e:fe:1b:33:99:67:bd:c6:c3:18:63:6a:59:eeCertificate

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:ddCertificate

Extended Key Usages

Key Usages

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15Certificate

Extended Key Usages

Key Usages

Signer

Headers

DLL Characteristics

File Characteristics

Imports

wininet

kernel32

comdlg32

advapi32

powrprof

secur32

wtsapi32

Exports

Exports

Sections

.text Size: 210KB - Virtual size: 210KB

.rdata Size: 63KB - Virtual size: 62KB

.data Size: 178KB - Virtual size: 188KB

.pdata Size: 9KB - Virtual size: 9KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 4KB - Virtual size: 4KB

12:82:6e:fe:1b:33:99:67:bd:c6:c3:18:63:6a:59:ee
Certificate

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

.text
Size: 210KB - Virtual size: 210KB

.rdata
Size: 63KB - Virtual size: 62KB

.data
Size: 178KB - Virtual size: 188KB

.pdata
Size: 9KB - Virtual size: 9KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 4KB - Virtual size: 4KB