libcurl.dll

  • File Path: C:\Program Files (x86)\Cisco Systems\Cisco Jabber\libcurl.dll
  • Description: libcurl Shared Library

Hashes

Type Hash
MD5 2FC02005BE9738478400C8DB2BAFEBCA
SHA1 1EC728421779D155A8360917396DF3108F806AF8
SHA256 E6200CC8661A2831515A54C14F7F803B798239870EB6650C2D57E216BCF54B78
SHA384 CB4544DD1C55ABE0B44B743FC62DAAC66C2354729A685AA058C897A80413360DCDF6362D4885A1409C19FFBD04CE7AA0
SHA512 F01C05C3708725BDBEB914E80956545574BCB4F7D50DA8F392ABADAE4373E0728560A32443B5FC31510606B1CD9F4E086412738CF7B5AE1829C96780ED1C4CAB
SSDEEP 6144:uue3oNzOrwMBBai6iQuLxVtjxIq+1JAKGANDnkiYguJ74vso/JYkXCmWXm12e/:G3wzOrlQi6scWKGANUAvlfB2e/
IMP ECAABE9377785C25BEDDF72AED75E99C
PESHA1 B098064616E73E87BA98ED7823D8F9CE3DCDE3A4
PE256 E5963979C9C1FC45109519B85C474B89F4EE22FCCA8939EB66C0D0EC690C5E6D

DLL Exports:

Function Name Ordinal Type
curl_multi_socket_all 55 Exported Function
curl_multi_strerror 56 Exported Function
curl_multi_socket_action 54 Exported Function
curl_multi_setopt 52 Exported Function
curl_multi_socket 53 Exported Function
curl_mvaprintf 60 Exported Function
curl_mvfprintf 61 Exported Function
curl_multi_wakeup 59 Exported Function
curl_multi_timeout 57 Exported Function
curl_multi_wait 58 Exported Function
curl_multi_cleanup 45 Exported Function
curl_multi_fdset 46 Exported Function
curl_multi_assign 44 Exported Function
curl_msprintf 42 Exported Function
curl_multi_add_handle 43 Exported Function
curl_multi_poll 50 Exported Function
curl_multi_remove_handle 51 Exported Function
curl_multi_perform 49 Exported Function
curl_multi_info_read 47 Exported Function
curl_multi_init 48 Exported Function
curl_mvprintf 62 Exported Function
curl_url 76 Exported Function
curl_url_cleanup 77 Exported Function
curl_unescape 75 Exported Function
curl_strequal 73 Exported Function
curl_strnequal 74 Exported Function
curl_version 81 Exported Function
curl_version_info 82 Exported Function
curl_url_set 80 Exported Function
curl_url_dup 78 Exported Function
curl_url_get 79 Exported Function
curl_pushheader_bynum 66 Exported Function
curl_share_cleanup 67 Exported Function
curl_pushheader_byname 65 Exported Function
curl_mvsnprintf 63 Exported Function
curl_mvsprintf 64 Exported Function
curl_slist_append 71 Exported Function
curl_slist_free_all 72 Exported Function
curl_share_strerror 70 Exported Function
curl_share_init 68 Exported Function
curl_share_setopt 69 Exported Function
curl_easy_upkeep 14 Exported Function
curl_escape 15 Exported Function
curl_easy_unescape 13 Exported Function
curl_easy_setopt 11 Exported Function
curl_easy_strerror 12 Exported Function
curl_free 19 Exported Function
curl_getdate 20 Exported Function
curl_formget 18 Exported Function
curl_formadd 16 Exported Function
curl_formfree 17 Exported Function
curl_easy_getinfo 4 Exported Function
curl_easy_init 5 Exported Function
curl_easy_escape 3 Exported Function
curl_easy_cleanup 1 Exported Function
curl_easy_duphandle 2 Exported Function
curl_easy_reset 9 Exported Function
curl_easy_send 10 Exported Function
curl_easy_recv 8 Exported Function
curl_easy_pause 6 Exported Function
curl_easy_perform 7 Exported Function
curl_getenv 21 Exported Function
curl_mime_headers 35 Exported Function
curl_mime_init 36 Exported Function
curl_mime_free 34 Exported Function
curl_mime_filedata 32 Exported Function
curl_mime_filename 33 Exported Function
curl_mprintf 40 Exported Function
curl_msnprintf 41 Exported Function
curl_mime_type 39 Exported Function
curl_mime_name 37 Exported Function
curl_mime_subparts 38 Exported Function
curl_global_sslset 25 Exported Function
curl_maprintf 26 Exported Function
curl_global_init_mem 24 Exported Function
curl_global_cleanup 22 Exported Function
curl_global_init 23 Exported Function
curl_mime_data_cb 30 Exported Function
curl_mime_encoder 31 Exported Function
curl_mime_data 29 Exported Function
curl_mfprintf 27 Exported Function
curl_mime_addpart 28 Exported Function

Signature

  • Status: Signature verified.
  • Serial: 59C5C9F46EA82C4C743981566B64BD6C
  • Thumbprint: 475DAEE5A6CC149389EFDE176DEA526C627D203A
  • Issuer: CN=Symantec Class 3 SHA256 Code Signing CA - G2, OU=Symantec Trust Network, O=Symantec Corporation, C=US
  • Subject: CN=Cisco Systems Inc., O=Cisco Systems Inc., L=San Jose, S=California, C=US

File Metadata

  • Original Filename: libcurl.dll
  • Product Name: The curl library
  • Company Name: The curl library, https://curl.haxx.se/
  • File Version: 7.68.0
  • Product Version: 7.68.0
  • Language: English (United States)
  • Legal Copyright: 1996 - 2019 Daniel Stenberg, daniel@haxx.se.
  • Machine Type: 32-bit

File Scan

  • VirusTotal Detections: 0/69
  • VirusTotal Link: https://www.virustotal.com/gui/file/e6200cc8661a2831515a54c14f7f803b798239870eb6650c2d57e216bcf54b78/detection/

Possible Misuse

The following table contains possible examples of libcurl.dll being misused. While libcurl.dll is not inherently malicious, its legitimate functionality can be abused for malicious purposes.

Source Source File Example License
malware-ioc amavaldo \| 4DBA5FE842B01B641A7228A4C8F805E4627C0012 \| libcurl.dll \| Injector for email creation tool \| Win32/Spy.Amavaldo.P trojan \| © ESET 2014-2018
atomic-red-team T1574.002.md GUP is an open source signed binary used by Notepad++ for software updates, and is vulnerable to DLL Side-Loading, thus enabling the libcurl dll to be loaded. MIT License. © 2018 Red Canary

MIT License. Copyright (c) 2020-2021 Strontic.