JavaScriptCollectionAgent[.]dll

Sharing

Copy URL Twitter E-mail

General

Target

JavaScriptCollectionAgent.dll
Size

75KB
MD5

135b1bea1e9e35c3b94ac364819390af
SHA1

14de651cb1afce6f6326e14036047de59eb75dd5
SHA256

62a86d23033ac82fe3e9ef56c98049bbe091bfe563c528c84c8dd58493d19ded
SHA512

2aa6481e96c3d39a3f11d3e0b0ccb979fb7c8c449d6cbe30a91cdef5c90771db2a5eaa7b4522815ea22586118a6e37dcd9ad15ce5cbfd551bee82d08054554b4
SSDEEP

1536:a1K7QaaMDBc8haV/BB86RbK+w2nRVkpANxWknklf0xqVRoWf:EYQaaMDBDhahD86RbKenRVmJkklf0MVx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JavaScriptCollectionAgent.dll

Files

JavaScriptCollectionAgent.dll
.dll windows:10 windows x86 arch:x86

9f84bcb17ab0366d609f95f76ee5a2b9

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

JavaScriptCollectionAgent.pdb

Imports

msvcrt

_amsg_exit
_XcptFilter
memcpy
__CxxFrameHandler3
_CxxThrowException
?what@exception@@UBEPBDXZ
??1exception@@UAE@XZ
??0exception@@QAE@ABV0@@Z
??0exception@@QAE@ABQBDH@Z
??0exception@@QAE@ABQBD@Z
_callnewh
__dllonexit
wcscpy_s
memset
_unlock
wcsncmp
memmove
_ui64tow_s
wcstod
vswprintf_s
_vscwprintf
_wtoi
malloc
_purecall
free
memcpy_s
wcsnlen
??3@YAXPAX@Z
_lock
??1type_info@@UAE@XZ
_initterm
_onexit
_errno
realloc
_ftol2
memmove_s
_except_handler4_common
memcmp

kernel32

HeapCreate
TerminateProcess
OutputDebugStringA
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetTickCount
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
RaiseException
InitializeCriticalSection
QueryPerformanceCounter
GetLastError
QueryPerformanceFrequency
HeapDestroy
CloseHandle
K32GetProcessMemoryInfo
OpenProcess
SizeofResource
LockResource
LoadResource
FindResourceExW
HeapSize
HeapReAlloc
HeapFree
HeapAlloc
GetProcessHeap
Sleep

user32

UnregisterClassA

ole32

CoTaskMemAlloc
CoCreateInstance

oleaut32

SysAllocStringByteLen
SysStringByteLen
SysFreeString
SysAllocString
SysAllocStringLen

tdh

TdhGetPropertySize
TdhGetProperty

Exports

Exports

DllCanUnloadNow
DllGetClassObject

Sections

.text
Size: 64KB - Virtual size: 63KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9f84bcb17ab0366d609f95f76ee5a2b9

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

msvcrt

kernel32

user32

ole32

oleaut32

tdh

Exports

Exports

Sections

.text Size: 64KB - Virtual size: 63KB

.data Size: 1024B - Virtual size: 3KB

.idata Size: 2KB - Virtual size: 2KB

.rsrc Size: 3KB - Virtual size: 2KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 64KB - Virtual size: 63KB

.data
Size: 1024B - Virtual size: 3KB

.idata
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 3KB - Virtual size: 2KB

.reloc
Size: 4KB - Virtual size: 3KB