jscript.dll

  • File Path: C:\Windows\system32\jscript.dll
  • Description: Microsoft JScript

Hashes

Type Hash
MD5 7D6A30A57AE3E21D9B7E175BF26A2043
SHA1 C9B93652B364D950CDD55662866D39ED5DCAD4F6
SHA256 BEA20CA2B67EC1A81E25D26F401C14F3472989A704EAB1253C831239213D4C76
SHA384 E7EEED40838D25FCBEC082CD7186E82CE73C8D8DDADF81843967ED0F7246D593BD3B30E7131B7379ED852B32FF2A78C3
SHA512 099B82C7CB22C73F7D9A8DD7F45756FD8EA54E55F751A5882790F8407C1A6AD1B455F1119507A40CAFDA6A343939D98166FA408AB7DD99861CED8E3B113AEFF8
SSDEEP 24576:LethOat0y2lI5UgpexuA7c9si3REgp2BJkGPub:LGhOG5Ug0xuAQ9si3REgp2BHPub
IMP 222EB2C3F30BAD0FF29F68FA76B2919A
PESHA1 528D2849E3154806986820034F08F9D2E600C683
PE256 A14B5A57C621B74BCC1BBC44395DC0C25CB077E5417ACB90649E85CE74015C80

DLL Exports:

Function Name Ordinal Type
DllRegisterServer 3 Exported Function
DllUnregisterServer 4 Exported Function
DllCanUnloadNow 1 Exported Function
DllGetClassObject 2 Exported Function

Signature

  • Status: Signature verified.
  • Serial: 330000026551AE1BBD005CBFBD000000000265
  • Thumbprint: E168609353F30FF2373157B4EB8CD519D07A2BFF
  • Issuer: CN=Microsoft Windows Production PCA 2011, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
  • Subject: CN=Microsoft Windows, O=Microsoft Corporation, L=Redmond, S=Washington, C=US

File Metadata

  • Original Filename: jscript.dll.mui
  • Product Name: Microsoft JScript
  • Company Name: Microsoft Corporation
  • File Version: 5.812.10240.16384
  • Product Version: 5.812.10240.16384
  • Language: English (United States)
  • Legal Copyright: Microsoft Corporation. All rights reserved.
  • Machine Type: 64-bit

File Scan

  • VirusTotal Detections: 0/66
  • VirusTotal Link: https://www.virustotal.com/gui/file/bea20ca2b67ec1a81e25d26f401c14f3472989a704eab1253c831239213d4c76/detection/

Possible Misuse

The following table contains possible examples of jscript.dll being misused. While jscript.dll is not inherently malicious, its legitimate functionality can be abused for malicious purposes.

Source Source File Example License
sigma image_load_wmic_remote_xsl_scripting_dlls.yml - '\jscript.dll' DRL 1.0
malware-ioc nukesped_lazarus .jscript.dll``{:.highlight .language-cmhg} © ESET 2014-2018

MIT License. Copyright (c) 2020-2021 Strontic.