JS0GROUP.dll

Dassault Systemes Product

Dassault Systemes

Publisher:
Dassault Systemes

Product:
Dassault Systemes Product

Description:
System

Version:
5.20.0.9302

MD5:
dfb85ee6881fb0838d8b1c2a9d805d68

SHA-1:
b6a11736c5228184a9c4f16ae96877ee724c159e

SHA-256:
2d65ce488850a3d02b15172113c0757faea1058544f5211ea030950c0ff22fac

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
12/26/2024 5:24:42 AM UTC  (today)

File size:
1.9 MB (1,957,888 bytes)

Product version:
5.20.0.9302

Copyright:
Copyright Dassault Systemes 1999-2009

Original file name:
JS0GROUP.dll

File type:
Dynamic link library (Win32 DLL)

Language:
English (United States)

Common path:
C:\Program Files\dassault systemes\b20\intel_a\code\bin\js0group.dll

File PE Metadata
Compilation timestamp:
10/29/2009 11:47:21 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
8.0

CTPH (ssdeep):
24576:DE99gLq7NIasV5gvPzZzx4AejLdrbtMEsiTyB7vPUEV3HEQq9WyMGxXOpfSqiJr:DEsLqfRBsLd3C7vzyOpxiV

Entry address:
0x137D28

Entry point:
83, 7C, 24, 08, 01, 75, 05, E8, 10, 03, 00, 00, FF, 74, 24, 04, 8B, 4C, 24, 10, 8B, 54, 24, 0C, E8, CD, FE, FF, FF, 59, C2, 0C, 00, CC, FF, 25, 48, C6, 13, 10, FF, 25, 4C, C6, 13, 10, FF, 25, 54, C6, 13, 10, 68, B5, 7D, 13, 10, 64, FF, 35, 00, 00, 00, 00, 8B, 44, 24, 10, 89, 6C, 24, 10, 8D, 6C, 24, 10, 2B, E0, 53, 56, 57, A1, C8, 67, 1C, 10, 31, 45, FC, 33, C5, 50, 89, 65, E8, FF, 75, F8, 8B, 45, FC, C7, 45, FC, FE, FF, FF, FF, 89, 45, F8, 8D, 45, F0, 64, A3, 00, 00, 00, 00, C3, 8B, 4D, F0, 64, 89, 0D, 00...
 
[+]

Entropy:
6.8798

Code size:
1.2 MB (1,288,192 bytes)

The file JS0GROUP.dll has been seen being distributed by the following 3 URLs.

https://dl-mail.ymail.com/ws/download/mailboxes/@.id==VjJ-El4SOEou8KGLfmh15FE-q7QjExgMzkBMEGEDoPnPyQsTTdgDfDR9Nx0Lz3fHj494/messages/@.id==ANqti2IAABBuVwxevwsjkIzMWc0/content/parts/@.id==2/raw?appid=YahooMailNeo&token=zitEzqOML3j84e6ealFTT5U7-km5qEQF52lp7AcCuBYgiXyXY1rwQSoq6xBv6cc2UWhjIv2uHVC2R0Wv8Q9VgQ&error=https://us-mg6.mail.yahoo.com/.../iframemsg?id=1a4f8509-be79-9981-9d18-6b16de80324a&ymreqid=098b1743-d6ce-4486-0145-590066010000

http://files.cloud.naver.com/CATIA-V5R20 [???]/.../ND-WEB Ver&attachment=2

Scan JS0GROUP.dll - Powered by Reason Core Security