rijin_v2_1[.]dll

Sharing

Copy URL

Twitter E-mail

General

Target

rijin_v2_1.dll
Size

9.1MB
MD5

c7e7cca112e94cc43ff3224c14e1ab6d
SHA1

a5ffee2c8c0abf7448729afd0be46622c54c86c7
SHA256

3d1d84ef6504a9220cc700236cb0273a4a6d59791e78ba4d818ceb45601055a1
SHA512

ca30bdd17bc313db81a35ea91ca3840c18488e79d22951ec953aa368720a0f65df1f2ae63e0f451bb75b9627465eb879ab5567e31902955c1f688ce8fe658d90
SSDEEP

196608:JXnEDBCn/lmIIxxiJZtHbKgYOwkIQ+734Ok:JXMhg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
rijin_v2_1.dll

Files

rijin_v2_1.dll
.dll windows:4 windows x86 arch:x86

bc18ac0e7688cc6c3f986a016cfa28df

Headers

File Characteristics

IMAGE_FILE_DLL

Imports

kernelbase

FlsGetValue

ntdll

RtlUserThreadStart
RtlFreeHeap
RtlAllocateHeap

kernel32

BaseThreadInitThunk
CloseHandle
CreateThread
CreateToolhelp32Snapshot
ExitProcess
GetCommandLineW
GetCurrentProcessId
GetTickCount
LoadLibraryA
Module32First
Module32Next
MultiByteToWideChar
QueryPerformanceCounter
QueryPerformanceFrequency
Sleep

libfbxsdk

?SetEnable@FbxLimitsUtilities@fbxsdk_2014_1@@QAEXW4EType@12@_N@Z

shlwapi

StrCpyW

ucrtbase

_o__get_invalid_parameter_handler

secur32

SaslIdentifyPackageW

appcore

PsmRegisterServiceProcess
PsmRegisterServiceProcess
PsmRegisterServiceProcess
PsmRegisterServiceProcess
PsmRegisterServiceProcess
GetPackageTargetPlatformProperty
PsmRegisterServiceProcess
GetPackageTargetPlatformProperty
PsmRegisterServiceProcess
GetPackageTargetPlatformProperty

tier0

CreateSimpleThread
Msg
Msg

wininet

InternetReadFile
HttpSendRequestA
HttpQueryInfoA
InternetSetOptionA
InternetCloseHandle
HttpOpenRequestA
InternetConnectA
InternetOpenA

user32

FindWindowW
GetAsyncKeyState
GetCursorPos
GetKeyNameTextW
MapVirtualKeyW
MessageBoxA
ScreenToClient
wsprintfA
wsprintfW

winmm

PlaySoundA

Sections

pd_rec0
Size: 6.4MB - Virtual size: 6.4MB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

pd_rec1
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

pd_rec2
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

pd_rec3
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

bc18ac0e7688cc6c3f986a016cfa28df

Headers

File Characteristics

Imports

kernelbase

ntdll

kernel32

libfbxsdk

shlwapi

ucrtbase

secur32

appcore

tier0

wininet

user32

winmm

Sections

pd_rec0 Size: 6.4MB - Virtual size: 6.4MB

pd_rec1 Size: 1.1MB - Virtual size: 1.1MB

pd_rec2 Size: 36KB - Virtual size: 36KB

pd_rec3 Size: 1.5MB - Virtual size: 1.5MB

pd_rec0
Size: 6.4MB - Virtual size: 6.4MB

pd_rec1
Size: 1.1MB - Virtual size: 1.1MB

pd_rec2
Size: 36KB - Virtual size: 36KB

pd_rec3
Size: 1.5MB - Virtual size: 1.5MB