c58a440461932c78dc7880f234af4ddd939b65aafa2a54b6c4c5f2db59dc2c94

Sharing

Copy URL

Twitter E-mail

General

Target

c58a440461932c78dc7880f234af4ddd939b65aafa2a54b6c4c5f2db59dc2c94
Size

152KB
MD5

0044a0a155348edf38e70cfa78f1f1d0
SHA1

d6c0c47c4534a2211b68c18990f037c749e73f5b
SHA256

c58a440461932c78dc7880f234af4ddd939b65aafa2a54b6c4c5f2db59dc2c94
SHA512

b9a703d131032cfde52ed15465bcae937e04ec0388c984364b81e1431170f71b55f264398f0c813e56529f45a19f6d57dc92f55a9830b07ceddb367345be4902
SSDEEP

1536:6yf9NcRRWBcIXzY7WCWZsmyzxUr5bG5NnsGPoA8rNpA1i:dNcqcIXzSWCWZsmyzCrWPoTNpB

Score

N/A

Malware Config

Signatures

Files

c58a440461932c78dc7880f234af4ddd939b65aafa2a54b6c4c5f2db59dc2c94
.exe windows x86

a154733d2b7854340d445527913305a2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

jrmac

?StartJrMac@@YAHPAUHWND__@@@Z
StopJrMac

kernel32

CloseHandle
HeapReAlloc
VirtualAlloc
HeapAlloc
VirtualQuery
InterlockedExchange
RtlUnwind
LoadLibraryA
HeapFree
VirtualFree
HeapCreate
HeapDestroy
GetStartupInfoA
GetFileType
SetHandleCount
GetCommandLineA
GetEnvironmentStringsW
GetLastError
FreeEnvironmentStringsW
GetEnvironmentStrings
MultiByteToWideChar
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetStdHandle
WriteFile
GetCurrentProcess
TerminateProcess
GetProcAddress
GetModuleFileNameA
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetVersionExA
GetStartupInfoW
lstrcpynW
GetCurrentThreadId
GetModuleFileNameW
OpenProcess
HeapSize
GetCommandLineW
lstrcmpiW
ExitProcess
GetModuleHandleA

user32

EndDialog
PostMessageW
wsprintfW
LoadStringW
LoadAcceleratorsW
GetMessageW
TranslateAcceleratorW
TranslateMessage
DispatchMessageW
CreateWindowExW
ShowWindow
UpdateWindow
LoadIconW
LoadCursorW
RegisterClassExW
EnumWindowStationsW
GetThreadDesktop
SetThreadDesktop
GetWindowThreadProcessId
OpenWindowStationW
GetProcessWindowStation
SetProcessWindowStation
EnumDesktopsW
CloseWindowStation
OpenDesktopW
EnumDesktopWindows
CloseDesktop
GetClassNameW
PostQuitMessage
BeginPaint
EndPaint
DefWindowProcW
DestroyWindow
DialogBoxParamW
FindWindowW

advapi32

CreateProcessAsUserW
GetUserNameW
RegQueryValueExW
RegCreateKeyExW
RegSetValueExW
RegCloseKey
RegDeleteValueW
RegCreateKeyW
OpenProcessToken

Sections

.text
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 120KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

a154733d2b7854340d445527913305a2

Headers

File Characteristics

Imports

jrmac

kernel32

user32

advapi32

Sections

.text Size: 16KB - Virtual size: 14KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 4KB - Virtual size: 1KB

.rsrc Size: 120KB - Virtual size: 120KB

.text
Size: 16KB - Virtual size: 14KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 4KB - Virtual size: 1KB

.rsrc
Size: 120KB - Virtual size: 120KB