jscript.dll

  • File Path: C:\Windows\SysWOW64\jscript.dll
  • Description: Microsoft JScript

Hashes

Type Hash
MD5 DCF1667D50F0A29BA083A9E0F19F3DC8
SHA1 1E611C5009DEBDC6F41A102B9B2CE90DD22EA201
SHA256 519B56F3A2A1F6A96C95694C2AE6F38E5D0CFCFCC0232B9E6453C94A3B79C434
SHA384 26CA55982645D9A637E0C188B5C7862F5178FFF287973303C38897423DDBAD4447084D7C2417DDF3B666FEA3FB8F507F
SHA512 358AB8DBCACC7E0A7167E24C16C1F4D99B1AB8E922137857DF85FAB9F07332C959505338FB1366DF4BA9F3652E70735290A151065B6DDD0D35C216007F605D31
SSDEEP 12288:mLQkJLhgITr3gos6u8LjQQ1kyhFb9hAJnGwa7FPMeM:mLtLhg6r3gl6jjQqHIGp7lJM
IMP 29F23F104BA49E8909424C16F0F9FA60
PESHA1 4587E119BA1B3DE77B977B7114D80C78DA0506DA
PE256 A56BBB43604A187F46D5DB4C4E84F7FE6470203CE6C4C9276107500DF5F08BF7

DLL Exports:

Function Name Ordinal Type
DllRegisterServer 3 Exported Function
DllUnregisterServer 4 Exported Function
DllCanUnloadNow 1 Exported Function
DllGetClassObject 2 Exported Function

Signature

  • Status: Signature verified.
  • Serial: 3300000266BD1580EFA75CD6D3000000000266
  • Thumbprint: A4341B9FD50FB9964283220A36A1EF6F6FAA7840
  • Issuer: CN=Microsoft Windows Production PCA 2011, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
  • Subject: CN=Microsoft Windows, O=Microsoft Corporation, L=Redmond, S=Washington, C=US

File Metadata

  • Original Filename: jscript.dll.mui
  • Product Name: Microsoft JScript
  • Company Name: Microsoft Corporation
  • File Version: 5.812.10240.16384
  • Product Version: 5.812.10240.16384
  • Language: English (United States)
  • Legal Copyright: Microsoft Corporation. All rights reserved.
  • Machine Type: 32-bit

File Scan

  • VirusTotal Detections: 0/67
  • VirusTotal Link: https://www.virustotal.com/gui/file/519b56f3a2a1f6a96c95694c2ae6f38e5d0cfcfcc0232b9e6453c94a3b79c434/detection/

Possible Misuse

The following table contains possible examples of jscript.dll being misused. While jscript.dll is not inherently malicious, its legitimate functionality can be abused for malicious purposes.

Source Source File Example License
sigma image_load_wmic_remote_xsl_scripting_dlls.yml - '\jscript.dll' DRL 1.0
malware-ioc nukesped_lazarus .jscript.dll``{:.highlight .language-cmhg} © ESET 2014-2018

MIT License. Copyright (c) 2020-2021 Strontic.