jaccessinspector[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

jaccessinspector.exe
Size

97KB
MD5

10d2f61fd0b3d113531f2d814c3605d3
SHA1

3af1e37fdb8ca56aa08237f49a6043b086eb1952
SHA256

09ff61c2cc1b4e06232f68c064e696ccc3cacf66c208078f4c18774fef3b8bf6
SHA512

0975a399e85dd7594617e2dce9daf928fe774617aa7582f820088ae817a110beb362dcffab06fb54423aa739b1d28b601d5dbf33c8b8322f68c15112510c9f15
SSDEEP

3072:hQ3I2A/Ckm0whuj6bok6Qb7WV90vzmSy8sVHjLYqx+FBVdSH/6yTA7Os9xQk/dNw:b2A/Ckm0whuj6bok6Qb7WV90vzmSy8sl

Score

1^/10

Malware Config

Signatures

Files

jaccessinspector.exe
.exe windows x64

02ec8c3949ca3ffd9950daa4f60503d0

Code Sign

12:f0:27:7e:0f:23:3b:39:f9:41:9b:06:e8:cd:e3:52
Certificate

Issuer

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

14/04/2015, 00:00

Not After

13/04/2018, 23:59

Subject

CN=Oracle America\, Inc.,OU=Code Signing Bureau,O=Oracle America\, Inc.,L=Redwood Shores,ST=California,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

3d:78:d7:f9:76:49:60:b2:61:7d:f4:f0:1e:ca:86:2a
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

10/12/2013, 00:00

Not After

09/12/2023, 23:59

Subject

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12
Certificate

Issuer

CN=VeriSign Universal Root Certification Authority,OU=VeriSign Trust Network+OU=(c) 2008 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

12/01/2016, 00:00

Not After

11/01/2031, 23:59

Subject

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

54:58:f2:aa:d7:41:d6:44:bc:84:a9:7b:a0:96:52:e6
Certificate

Issuer

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

02/01/2017, 00:00

Not After

01/04/2028, 23:59

Subject

CN=Symantec SHA256 TimeStamping Signer - G2,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

5f:c5:3f:46:79:7b:0b:ef:a9:91:b7:e0:6f:a6:d2:60:6c:68:aa:da
Signer

Actual PE Digest

5f:c5:3f:46:79:7b:0b:ef:a9:91:b7:e0:6f:a6:d2:60:6c:68:aa:da

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

advapi32

RegCreateKeyExA
RegFlushKey
RegOpenKeyExA
RegQueryValueExA
RegSetValueExA
RegCloseKey

user32

GetDlgItemInt
IsDialogMessageA
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExA
GetWindow
GetTopWindow
GetParent
GetDesktopWindow
OffsetRect
CopyRect
WindowFromPoint
GetCursorPos
GetWindowRect
SetWindowTextA
UpdateWindow
CheckMenuItem
GetMenu
GetSystemMetrics
TranslateAcceleratorA
LoadAcceleratorsA
EnableWindow
KillTimer
SetTimer
GetFocus
SetFocus
GetDlgItem
EndDialog
CreateDialogParamA
SetWindowPos
ShowWindow
PostQuitMessage
PostMessageA
DispatchMessageA
TranslateMessage
GetMessageA
wsprintfA
SetDlgItemTextA
RegisterWindowMessageA
GetDlgCtrlID

msvcr120

__crtTerminateProcess
__crtSetUnhandledExceptionFilter
?_type_info_dtor_internal_method@type_info@@QEAAXXZ
?terminate@@YAXXZ
_commode
_fmode
_acmdln
_initterm
_initterm_e
__setusermatherr
_configthreadlocale
_ismbblead
_cexit
_exit
exit
__set_app_type
__getmainargs
_amsg_exit
__crtGetShowWindowMode
strlen
strncat
strncpy
??2@YAPEAX_K@Z
strcpy
fflush
fprintf
sprintf
vsprintf
asctime
_localtime64
_time64
_XcptFilter
??3@YAXPEAX@Z
memcpy
memmove
_CxxThrowException
__CxxFrameHandler3
fopen
_snprintf
__crt_debugger_hook
__crtUnhandledException
_purecall
__crtCaptureCurrentContext
__crtCapturePreviousContext
_lock
_unlock
_calloc_crt
__dllonexit
__C_specific_handler
_onexit

msvcp120

?_Winerror_map@std@@YAPEBDH@Z
?_Syserror_map@std@@YAPEBDH@Z
??0id@locale@std@@QEAA@_K@Z
?_Xout_of_range@std@@YAXPEBD@Z
?_Xlength_error@std@@YAXPEBD@Z
?_Xbad_alloc@std@@YAXXZ

kernel32

GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
DecodePointer
EncodePointer
IsProcessorFeaturePresent
IsDebuggerPresent
GetCurrentThreadId
FormatMessageA
LoadLibraryA
GetProcAddress
FreeLibrary
GetLastError

Sections

.text
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 140B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

02ec8c3949ca3ffd9950daa4f60503d0

Code Sign

12:f0:27:7e:0f:23:3b:39:f9:41:9b:06:e8:cd:e3:52Certificate

Extended Key Usages

Key Usages

3d:78:d7:f9:76:49:60:b2:61:7d:f4:f0:1e:ca:86:2aCertificate

Extended Key Usages

Key Usages

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12Certificate

Extended Key Usages

Key Usages

54:58:f2:aa:d7:41:d6:44:bc:84:a9:7b:a0:96:52:e6Certificate

Extended Key Usages

Key Usages

5f:c5:3f:46:79:7b:0b:ef:a9:91:b7:e0:6f:a6:d2:60:6c:68:aa:daSigner

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

user32

msvcr120

msvcp120

kernel32

Sections

.text Size: 60KB - Virtual size: 60KB

.rdata Size: 17KB - Virtual size: 16KB

.data Size: 3KB - Virtual size: 5KB

.pdata Size: 4KB - Virtual size: 3KB

.rsrc Size: 4KB - Virtual size: 4KB

.reloc Size: 512B - Virtual size: 140B

12:f0:27:7e:0f:23:3b:39:f9:41:9b:06:e8:cd:e3:52
Certificate

3d:78:d7:f9:76:49:60:b2:61:7d:f4:f0:1e:ca:86:2a
Certificate

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12
Certificate

54:58:f2:aa:d7:41:d6:44:bc:84:a9:7b:a0:96:52:e6
Certificate

5f:c5:3f:46:79:7b:0b:ef:a9:91:b7:e0:6f:a6:d2:60:6c:68:aa:da
Signer

.text
Size: 60KB - Virtual size: 60KB

.rdata
Size: 17KB - Virtual size: 16KB

.data
Size: 3KB - Virtual size: 5KB

.pdata
Size: 4KB - Virtual size: 3KB

.rsrc
Size: 4KB - Virtual size: 4KB

.reloc
Size: 512B - Virtual size: 140B