3bb8179100dd9c_JC[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

3bb8179100dd9c_JC.exe
Size

1.9MB
MD5

3bb8179100dd9c80e9d2594714b2c64b
SHA1

6ca324278741c7df900e078321c8d250d3af5f9b
SHA256

3d8f1c00330dd66afa07431fac1e188003bdc6c3965a846b0ee76979bb9b4877
SHA512

6f6d2c8704bb3cf0ecbcc241e9918de96aa12d53bd6a0cf031dd30693c003f3c855bfb4ddb0d0065e5962c1879d3e649d3d807479457a33882e8375605bc8af2
SSDEEP

49152:Yt3403dJNRUa4P/MS5aQDnsANwM9mPFBrFOwV431rFI8J1rxuRcR3US+:03dJNRUa4P/MS9nsANwM9mPFBVAFI8Jy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3bb8179100dd9c_JC.exe

Files

3bb8179100dd9c_JC.exe
.exe windows x86

275f44abfa37bfc7435152ab95db077a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

gdiplus

GdipDeletePen
GdipSetPenDashStyle
GdipCreatePen1
GdipReleaseDC
GdipSetSmoothingMode
GdipTranslateWorldTransform
GdipSetPageUnit
GdipDrawBeziers
GdiplusStartup
GdipCreateFromHDC
GdiplusShutdown
GdipDeleteGraphics

kernel32

GetSystemInfo
VirtualQuery
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
SetHandleCount
GetStartupInfoA
HeapCreate
VirtualFree
QueryPerformanceCounter
GetCPInfo
GetACP
GetFileType
IsValidCodePage
GetTimeFormatA
GetDateFormatA
GetTimeZoneInformation
GetConsoleCP
GetConsoleMode
LCMapStringW
InitializeCriticalSectionAndSpinCount
LCMapStringA
GetStringTypeA
GetStringTypeW
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
GetCurrentDirectoryA
GetDriveTypeA
CreateFileA
SetEnvironmentVariableA
SetStdHandle
ExitProcess
Sleep
HeapReAlloc
RtlUnwind
RaiseException
GetSystemTimeAsFileTime
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
GetStartupInfoW
SetErrorMode
FindResourceExW
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
LocalAlloc
GlobalFlags
GetTickCount
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesW
GetLocaleInfoW
CompareStringA
InterlockedExchange
GlobalGetAtomNameW
GetDiskFreeSpaceW
GetTempFileNameW
GetFileSizeEx
GetFileAttributesW
SetFileAttributesW
GetShortPathNameW
VirtualAlloc
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
ReadFile
lstrcmpiW
GetStringTypeExW
MoveFileW
GetThreadLocale
lstrlenA
VirtualProtect
GetCurrentProcessId
LocalFree
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
GetVersionExW
CompareStringW
LoadLibraryA
GetVersionExA
GetModuleHandleA
lstrcmpA
GetLocaleInfoA
DeleteFileW
GetCurrentThreadId
WideCharToMultiByte
CreateDirectoryW
CreateProcessW
FreeResource
lstrcpynW
lstrcmpW
FindClose
GetPrivateProfileIntW
lstrcpyW
FreeLibrary
LoadLibraryW
GetWindowsDirectoryW
CopyFileW
InterlockedIncrement
LocalFileTimeToFileTime
SystemTimeToFileTime
SetFileTime
GetLocalTime
GetFileTime
GetLastError
FileTimeToLocalFileTime
FileTimeToSystemTime
GetFullPathNameW
FindNextFileW
SetCurrentDirectoryW
GetCurrentDirectoryW
FindFirstFileW
FormatMessageW
GetModuleFileNameW
lstrlenW
SetLastError
InterlockedDecrement
GetCurrentProcess
GetModuleHandleW
GetProcAddress
MultiByteToWideChar
HeapFree
GetProcessHeap
HeapAlloc
GetPrivateProfileStringW
WritePrivateProfileStringW
MulDiv
CloseHandle
GlobalFree
GlobalUnlock
WriteFile
CreateFileW
GlobalLock
GlobalAlloc
FindResourceW
LoadResource
LockResource
SizeofResource
GetVolumeInformationW
HeapSize
GetOEMCP

user32

GetNextDlgGroupItem
UnpackDDElParam
ReuseDDElParam
DestroyMenu
LoadAcceleratorsW
InsertMenuItemW
CreatePopupMenu
BringWindowToTop
TranslateAcceleratorW
CharUpperW
MapDialogRect
GetAsyncKeyState
SetRectEmpty
IsZoomed
LoadMenuW
GetMessageW
TranslateMessage
ValidateRect
SetWindowRgn
DrawIcon
GetWindowThreadProcessId
InsertMenuW
RemoveMenu
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
MoveWindow
IsDialogMessageW
SetDlgItemTextW
SendDlgItemMessageW
SendDlgItemMessageA
WinHelpW
GetCapture
GetClassNameW
SetPropW
GetPropW
RemovePropW
SetFocus
GetWindowTextLengthW
GetWindowTextW
GetForegroundWindow
GetLastActivePopup
DispatchMessageW
GetTopWindow
GetMessageTime
GetMessagePos
PeekMessageW
MapWindowPoints
ScrollWindow
TrackPopupMenu
SetMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
SetForegroundWindow
ShowScrollBar
GetClassInfoExW
GetClassInfoW
AdjustWindowRectEx
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
InvalidateRgn
CallWindowProcW
SetWindowPos
IntersectRect
SystemParametersInfoA
IsIconic
GetWindowPlacement
RegisterWindowMessageW
SetActiveWindow
CreateDialogIndirectParamW
IsWindowEnabled
GetNextDlgTabItem
EndDialog
ScreenToClient
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
GetDCEx
GetWindow
GetClassLongW
IsRectEmpty
EndDeferWindowPos
BeginDeferWindowPos
GetSysColorBrush
IsChild
UpdateWindow
MessageBoxW
EnableMenuItem
GetSystemMenu
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExW
DrawStateW
SetTimer
KillTimer
SystemParametersInfoW
GetActiveWindow
wsprintfA
ModifyMenuW
GetMenuItemID
IsWindowVisible
DrawMenuBar
GetMenuState
SetMenuInfo
CheckMenuItem
GetDlgCtrlID
GetSubMenu
GetMenuItemCount
SetMenuItemInfoW
GetMenuItemInfoW
EnumChildWindows
LoadStringW
wsprintfW
GetMenuStringW
CheckMenuRadioItem
AppendMenuW
CopyIcon
RedrawWindow
GetDlgItem
LoadBitmapW
SetWindowLongW
MessageBeep
IsWindow
GetFocus
SetWindowTextW
GetWindowLongW
GetParent
LoadCursorW
SetCursor
UnregisterClassW
DestroyWindow
SetCapture
RegisterClassW
DefWindowProcW
EndPaint
DrawFocusRect
SetRect
CharNextW
DestroyIcon
LockWindowUpdate
GetTabbedTextExtentA
PostThreadMessageW
CreateMenu
CopyAcceleratorTableW
BeginPaint
ReleaseCapture
ShowOwnedPopups
SetWindowContextHelpId
RegisterClipboardFormatW
PostQuitMessage
SetParent
DeleteMenu
GetWindowDC
WindowFromPoint
PostMessageW
ShowWindow
CreateWindowExW
DestroyCursor
CreateCursor
GetSystemMetrics
LoadIconW
DrawIconEx
GetWindowRect
SetCursorPos
ClientToScreen
GetKeyState
GetCursorPos
OffsetRect
SendMessageW
InvalidateRect
PtInRect
FillRect
GetSysColor
CopyRect
InflateRect
GetClientRect
FrameRect
ReleaseDC
GetDC
EnumDisplaySettingsW
GetMonitorInfoW
MonitorFromWindow
GetDesktopWindow
EnableWindow
GetMenu

gdi32

ExcludeClipRect
IntersectClipRect
SetTextAlign
SelectClipRgn
CreateRectRgn
GetViewportExtEx
GetWindowExtEx
StartDocW
Ellipse
PtVisible
RectVisible
Escape
SetViewportOrgEx
OffsetViewportOrgEx
ScaleViewportExtEx
SetWindowOrgEx
ScaleWindowExtEx
GetCurrentPositionEx
ExtSelectClipRgn
CreatePatternBrush
GetClipBox
SetWorldTransform
DPtoLP
StartPage
EndPage
SetAbortProc
AbortDoc
EndDoc
CreateEllipticRgn
LPtoDP
SetRectRgn
CombineRgn
GetMapMode
GetViewportOrgEx
GetBkColor
GetCharWidthW
StretchDIBits
GetNearestColor
GetBkMode
GetPolyFillMode
GetROP2
GetStretchBltMode
GetTextAlign
GetTextFaceW
GetTextExtentPoint32A
GetWindowOrgEx
EnumFontFamiliesExW
GetRgnBox
ExtCreatePen
FillRgn
CreatePolygonRgn
GetTextColor
SetGraphicsMode
SetTextColor
SetStretchBltMode
SetROP2
CreateEnhMetaFileW
SelectObject
CreateCompatibleDC
GetObjectW
CreateSolidBrush
CreatePen
GetTextExtentPoint32W
SetPolyFillMode
SetBkMode
RestoreDC
GetDeviceCaps
SetPixel
GetPixel
EnumFontFamiliesW
CreateBitmap
StretchBlt
CreateRectRgnIndirect
GetCurrentObject
GetTextMetricsW
SetViewportExtEx
SetWindowExtEx
SetMapMode
CreateDIBSection
DeleteEnhMetaFile
GetEnhMetaFileW
PatBlt
ExtTextOutW
SetBkColor
Rectangle
LineTo
MoveToEx
CreateFontIndirectW
DeleteObject
TextOutW
CreateCompatibleBitmap
CreateFontW
GetDIBits
RealizePalette
SelectPalette
GetStockObject
CreateDCW
DeleteDC
CloseEnhMetaFile
BitBlt
SaveDC

comdlg32

GetFileTitleW

winspool.drv

ClosePrinter
OpenPrinterW
GetJobW
DocumentPropertiesW

advapi32

RegSetValueW
RegCreateKeyW
RegDeleteValueW
RegEnumKeyW
RegDeleteKeyW
GetFileSecurityW
SetFileSecurityW
RegOpenKeyW
RegSetValueExW
RegCreateKeyExW
RegQueryValueExW
RegOpenKeyExW
RegCloseKey
RegQueryValueW

shell32

SHBrowseForFolderW
SHGetPathFromIDListW
DragAcceptFiles
SHGetFileInfoW
DragFinish
DragQueryFileW
ExtractIconW
ShellExecuteW

comctl32

InitCommonControlsEx

shlwapi

PathIsDirectoryW
PathRemoveFileSpecW
PathFindExtensionW
PathStripToRootW
PathIsUNCW
PathFileExistsW
PathFindFileNameW

oledlg

OleUIBusyW

ole32

OleDestroyMenuDescriptor
OleCreateMenuDescriptor
OleTranslateAccelerator
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
CoInitializeEx
CoUninitialize
CLSIDFromString
CoTaskMemAlloc
CoTaskMemFree
CoInitialize
CLSIDFromProgID
OleRun
CoCreateInstance
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoRegisterMessageFilter
OleFlushClipboard
OleIsCurrentClipboard
CoRevokeClassObject
IsAccelerator
CoGetClassObject

oleaut32

VarUdateFromDate
SafeArrayDestroy
SysStringByteLen
SysStringLen
SysAllocStringByteLen
SafeArrayPutElement
SafeArrayCreate
VariantCopy
VariantInit
VariantChangeType
VariantClear
SysFreeString
SysAllocString
VarDateFromStr
SysAllocStringLen
SystemTimeToVariantTime
VariantTimeToSystemTime
OleCreateFontIndirect
GetErrorInfo

iphlpapi

GetAdaptersInfo

Sections

.text
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 286KB - Virtual size: 286KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 19KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 316KB - Virtual size: 315KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

275f44abfa37bfc7435152ab95db077a

Headers

DLL Characteristics

File Characteristics

Imports

gdiplus

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

iphlpapi

Sections

.text Size: 1.3MB - Virtual size: 1.3MB

.rdata Size: 286KB - Virtual size: 286KB

.data Size: 19KB - Virtual size: 39KB

.rsrc Size: 316KB - Virtual size: 315KB

.text
Size: 1.3MB - Virtual size: 1.3MB

.rdata
Size: 286KB - Virtual size: 286KB

.data
Size: 19KB - Virtual size: 39KB

.rsrc
Size: 316KB - Virtual size: 315KB