1b3b2f703eabf1exe_JC[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

1b3b2f703eabf1exe_JC.exe
Size

876KB
MD5

1b3b2f703eabf110cd125f43978615cd
SHA1

67cf06744c67143eb207e774c7b262bb8e729a53
SHA256

130fe5fe27a6daca528fe0995f54471ddf1995c8085d30ce68be3ccaa9ef34ff
SHA512

362f9607f97cd98e5d09e2740b23ba61b5ea65d5fb8d75181c4527abf0e524b144d0ae68f43f4225f08786355e38c64d0dd5552613d8d94b08f4e46ace2279cd
SSDEEP

12288:QvS7JgB1XISyk3iyfUyQtItz/tcANqz2RFODWfrE9ITs2Xxq/A7:QaVgQSB3i4UPtItzlFrLTnqs

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1b3b2f703eabf1exe_JC.exe

Files

1b3b2f703eabf1exe_JC.exe
.exe windows x86

69c3dae607280b7e25f78bf1cd68bd1a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetEnvironmentVariableA
CompareStringW
CompareStringA
GetCurrentDirectoryA
GetDriveTypeA
GetStringTypeW
GetStringTypeA
IsBadCodePtr
IsBadReadPtr
GetCPInfo
GetOEMCP
GetTimeZoneInformation
SetUnhandledExceptionFilter
GetDateFormatA
GetTimeFormatA
IsBadWritePtr
LCMapStringW
LCMapStringA
GetCurrentProcessId
QueryPerformanceCounter
VirtualFree
HeapCreate
HeapDestroy
GetStartupInfoA
SetHandleCount
GetCommandLineW
GetCommandLineA
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetModuleFileNameA
GetStdHandle
HeapSize
GetFileType
SetStdHandle
VirtualQuery
GetSystemInfo
VirtualAlloc
TerminateProcess
GetDriveTypeW
OutputDebugStringA
CreateFileA
OutputDebugStringW
EnumSystemLocalesW
GetDateFormatW
GetTimeFormatW
GetWindowsDirectoryW
GetLocalTime
CreateThread
ExitThread
HeapReAlloc
GetSystemTimeAsFileTime
HeapAlloc
HeapFree
ExitProcess
RtlUnwind
GetStartupInfoW
FindResourceExW
SetErrorMode
LocalFileTimeToFileTime
SystemTimeToFileTime
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
TlsGetValue
GlobalHandle
GlobalReAlloc
InterlockedIncrement
GetCurrentDirectoryW
GetPrivateProfileStringW
WritePrivateProfileStringW
GetPrivateProfileIntW
GlobalFlags
VirtualProtect
FileTimeToLocalFileTime
FileTimeToSystemTime
FindNextFileW
LocalAlloc
LocalLock
LocalUnlock
GetShortPathNameW
GetVolumeInformationW
FindFirstFileW
FindClose
GetCurrentProcess
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
GetStringTypeExW
DeleteFileW
MoveFileW
GetDiskFreeSpaceW
GetFullPathNameW
GetTempFileNameW
GetFileTime
SetFileTime
GlobalGetAtomNameW
InterlockedDecrement
GlobalFindAtomW
GetModuleHandleA
LoadLibraryA
lstrcatW
GetVersionExA
GlobalSize
RaiseException
ResumeThread
GlobalFree
FreeResource
GlobalAddAtomW
GetCurrentThread
InterlockedExchange
GetCurrentThreadId
GlobalAlloc
FreeLibrary
GlobalDeleteAtom
lstrcmpA
lstrcmpiA
GetModuleFileNameW
GetModuleHandleW
GetProcAddress
ConvertDefaultLocale
GetVersion
EnumResourceLanguagesW
lstrcpyW
LoadLibraryW
GetLocaleInfoW
GlobalUnlock
GlobalLock
lstrcmpW
MulDiv
GetDefaultCommConfigW
CancelIo
SetLastError
WaitCommEvent
GetOverlappedResult
WriteFile
ReadFile
CreateFileW
GetLastError
FormatMessageW
LocalFree
BuildCommDCBW
GetCommModemStatus
SetCommMask
PurgeComm
SetCommState
GetCommState
SetCommTimeouts
WideCharToMultiByte
lstrcpynA
lstrlenA
ResetEvent
GetTickCount
lstrcpynW
SetEvent
Sleep
CloseHandle
CreateEventW
WaitForSingleObject
WaitForMultipleObjects
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSection
GetFileAttributesW
SetCurrentDirectoryW
lstrcmpiW
lstrlenW
MultiByteToWideChar
FindResourceW
LoadResource
LockResource
SizeofResource
GetVersionExW
GetThreadLocale
GetLocaleInfoA
GetACP

user32

GetTabbedTextExtentW
FindWindowW
DrawIcon
SetWindowRgn
GetSysColorBrush
GetAsyncKeyState
MapDialogRect
GetMenuItemInfoW
GetDialogBaseUnits
MessageBeep
GetDCEx
LockWindowUpdate
CopyAcceleratorTableW
CreateMenu
IsClipboardFormatAvailable
LoadCursorW
DestroyCursor
UpdateWindow
SetForegroundWindow
PostThreadMessageW
GetParent
EnableWindow
GetForegroundWindow
IsChild
SendDlgItemMessageA
RemovePropW
GetPropW
SetPropW
SendMessageW
GetSysColor
IsWindow
InvalidateRect
SetTimer
KillTimer
PostMessageW
IsZoomed
LoadIconW
GetWindowRect
GetDC
ReleaseDC
GetFocus
GetDlgItem
SendMessageTimeoutW
MessageBoxW
InflateRect
DrawEdge
GetClientRect
RedrawWindow
SystemParametersInfoW
CopyRect
PtInRect
MapWindowPoints
GetWindowLongW
DrawFocusRect
CreatePopupMenu
AppendMenuW
GetMenuItemCount
CallWindowProcW
SetWindowLongW
PostQuitMessage
EndDialog
GetNextDlgTabItem
IsWindowEnabled
DestroyWindow
CreateDialogIndirectParamW
GetSystemMetrics
SetActiveWindow
GetActiveWindow
GetClassNameW
GetClassLongW
GetClassInfoExW
CreateWindowExW
GetCapture
WinHelpW
RegisterWindowMessageW
wsprintfW
DestroyMenu
LoadAcceleratorsW
LoadMenuW
DestroyIcon
DefFrameProcW
DefMDIChildProcW
DrawMenuBar
BringWindowToTop
TranslateMDISysAccel
TranslateAcceleratorW
FillRect
TabbedTextOutW
DrawTextW
DrawTextExW
GrayStringW
ClientToScreen
GetWindowDC
SetCursorPos
SetCapture
WindowFromPoint
SetRect
CharUpperW
SetParent
GetSystemMenu
DeleteMenu
IsRectEmpty
UnpackDDElParam
ReuseDDElParam
ReleaseCapture
InsertMenuItemW
SetRectEmpty
SetMenu
EndPaint
GetTabbedTextExtentA
RegisterClipboardFormatW
BeginPaint
GetDesktopWindow
LoadBitmapW
GetMenuCheckMarkDimensions
CheckMenuItem
EnableMenuItem
GetMenuState
GetLastActivePopup
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
ScrollWindow
TrackPopupMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
ShowScrollBar
GetMenu
AdjustWindowRectEx
ScreenToClient
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
GetClassInfoW
RegisterClassW
SetWindowPlacement
DefWindowProcW
OffsetRect
IntersectRect
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetWindow
GetWindowTextLengthW
GetWindowTextW
SetWindowPos
SetFocus
ShowWindow
MoveWindow
GetDlgCtrlID
SetWindowTextW
IsDialogMessageW
IsDlgButtonChecked
SetDlgItemTextW
SendDlgItemMessageW
GetMenuStringW
GetMenuItemID
InsertMenuW
GetSubMenu
RemoveMenu
UnregisterClassW
ShowOwnedPopups
SetCursor
SetWindowsHookExW
CallNextHookEx
GetMessageW
TranslateMessage
DispatchMessageW
IsWindowVisible
LoadImageW
CopyIcon
LoadStringW
DrawIconEx
DrawStateW
DrawFrameControl
SetClipboardData
CloseClipboard
OpenClipboard
GetClipboardData
SendMessageA
PostMessageA
CharToOemW
GetWindowLongA
GetWindowTextA
PostThreadMessageA
GetClassNameA
GetKeyState
PeekMessageW
GetCursorPos
ValidateRect
SetMenuItemBitmaps
ModifyMenuW

gdi32

RestoreDC
SaveDC
SetBkColor
SetTextColor
GetClipBox
PatBlt
CreateRectRgnIndirect
CreateDCW
CopyMetaFileW
GetDeviceCaps
CreateCompatibleDC
CreateBitmap
GetObjectW
CreateFontIndirectW
GetTextExtentPoint32W
CreateSolidBrush
SelectPalette
GetObjectType
EnumMetaFile
PlayMetaFile
CreatePen
CreateCompatibleBitmap
StretchDIBits
GetCharWidthW
CreateFontW
GetBkColor
DPtoLP
StartPage
EndPage
SetAbortProc
AbortDoc
EndDoc
GetTextMetricsW
GetViewportOrgEx
Rectangle
CreateEllipticRgn
LPtoDP
Ellipse
SetRectRgn
CombineRgn
GetMapMode
GetNearestColor
GetBkMode
GetPolyFillMode
GetROP2
GetViewportExtEx
GetTextColor
GetTextAlign
GetTextFaceW
GetTextExtentPoint32A
GetWindowOrgEx
EnumFontFamiliesExW
CreateMetaFileW
CloseMetaFile
DeleteMetaFile
GetWindowExtEx
BitBlt
SetBkMode
StartDocW
PtVisible
RectVisible
TextOutW
ExtTextOutW
Escape
SelectObject
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
SetPolyFillMode
SetROP2
SetStretchBltMode
SetMapMode
ExcludeClipRect
IntersectClipRect
LineTo
MoveToEx
SetTextAlign
DeleteObject
StretchBlt
GetMetaFileBitsEx
SetMetaFileBitsEx
GetTextExtentPointW
SetDIBColorTable
GetDIBColorTable
GetObjectA
Polyline
GetDIBits
SetDIBits
SetWindowExtEx
ScaleWindowExtEx
GetCurrentPositionEx
DeleteDC
SelectClipRgn
CreateRectRgn
GetPixel
CreatePatternBrush
GetStretchBltMode
PlayMetaFileRecord
GetStockObject

comdlg32

GetFileTitleW
CommDlgExtendedError
FindTextW
ReplaceTextW
PrintDlgW
ChooseFontW
ChooseColorW
GetSaveFileNameW
GetOpenFileNameW

winspool.drv

ClosePrinter
DocumentPropertiesW
OpenPrinterW
GetJobW

advapi32

GetUserNameW
RegDeleteValueW
RegCreateKeyExW
GetFileSecurityW
SetFileSecurityW
RegCreateKeyW
RegSetValueExW
RegSetValueW
RegQueryValueW
RegOpenKeyW
RegEnumKeyW
RegDeleteKeyW
RegOpenKeyExW
RegQueryValueExW
RegCloseKey

shell32

SHGetFileInfoW
DragQueryFileW
DragFinish
ExtractIconW
ShellExecuteExW
SHGetPathFromIDListW
SHGetMalloc
SHBrowseForFolderW
ShellExecuteW
DragAcceptFiles

comctl32

CreatePropertySheetPageW
DestroyPropertySheetPage
PropertySheetW
ImageList_GetImageInfo
ord17
ImageList_Destroy
ImageList_DrawEx
ImageList_Draw

shlwapi

PathIsUNCW
PathFindFileNameW
PathStripToRootW
PathFindExtensionW

ole32

OleDestroyMenuDescriptor
OleCreateMenuDescriptor
IsAccelerator
OleTranslateAccelerator
CoCreateInstance
CoInitialize
CoGetClassObject
CoUninitialize
OleUninitialize
OleInitialize

oleaut32

VarBstrFromCy
SysAllocString
VariantCopy
SafeArrayRedim
SafeArrayCreate
SafeArrayGetDim
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayAccessData
VarUdateFromDate
SafeArrayUnaccessData
VariantInit
VariantChangeType
VariantClear
SysAllocStringLen

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW
VerQueryValueA

Sections

.text
Size: 508KB - Virtual size: 504KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 200KB - Virtual size: 197KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 152KB - Virtual size: 148KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

69c3dae607280b7e25f78bf1cd68bd1a

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

ole32

oleaut32

version

Sections

.text Size: 508KB - Virtual size: 504KB

.rdata Size: 200KB - Virtual size: 197KB

.data Size: 12KB - Virtual size: 30KB

.rsrc Size: 152KB - Virtual size: 148KB

.text
Size: 508KB - Virtual size: 504KB

.rdata
Size: 200KB - Virtual size: 197KB

.data
Size: 12KB - Virtual size: 30KB

.rsrc
Size: 152KB - Virtual size: 148KB