jester | 10c3846867f70dd26c5a54332ed22070c9e5e0e4f52f05fdae12ead801f7933b[.]bin | Triage

Submit
Reports

Overview

overview

Static

static

10c3846867...3b.exe

windows7_x64

10c3846867...3b.exe

windows10-2004_x64

Sharing

Static task

static1

ads555man jester

Behavioral task

behavioral1

Sample

10c3846867f70dd26c5a54332ed22070c9e5e0e4f52f05fdae12ead801f7933b.exe

Resource

win7-en-20211208

jester ads555man collection spyware stealer

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

10c3846867f70dd26c5a54332ed22070c9e5e0e4f52f05fdae12ead801f7933b.exe

Resource

win10v2004-en-20220113

jester ads555man collection spyware stealer

windows10-2004_x64

0 signatures

0 seconds

General

Target

10c3846867f70dd26c5a54332ed22070c9e5e0e4f52f05fdae12ead801f7933b.bin
Size

223KB
MD5

8879ae061540ce3de496adec3683b0fe
SHA1

4b5f73578a49ca01cc2ba7b414bcf1edfbefa079
SHA256

10c3846867f70dd26c5a54332ed22070c9e5e0e4f52f05fdae12ead801f7933b
SHA512

bf01d7738c47c1f24dab0e70643568f99b73049804a53ac23b492c80e2558aa4166a84d4c247bf3149523096a7379ca4835a24abc6de18cf38d45562e0b98da3

Score

10^/10

ads555man jester

Malware Config

Extracted

Family

jester

Botnet

ads555man

C2

http://jesterdcuxzbey4xvlwwheoecpltru5be2mzuk4w7a7nrhckdjjhrbyd.onion/report/ads555man

https://api.anonfiles.com/upload?token=d26d620842507144

Mutex

efbb42d7-d0db-4f16-a194-3d9d9d1fc654

Attributes

license_key
65EEBAF23D4744267D131CD5BA37E706

Signatures

Jester family
jester

Files

10c3846867f70dd26c5a54332ed22070c9e5e0e4f52f05fdae12ead801f7933b.bin
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Code Sign

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 217KB - Virtual size: 216KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2024

Terms | Privacy