552467cc93c893_JC[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

552467cc93c893_JC.exe
Size

1.3MB
MD5

552467cc93c893d3133e4cbe24162daa
SHA1

7b89c2f3c5ea3f021ffe6c529025e1c114b23ea5
SHA256

494c0593b637342b2002aac6d81e7310ed19d704f6998ba5bef55d28013e685f
SHA512

eee82607b6d04f75fab0da8b015b01af48b30482d01e174c56c5b21e1530da831e0cec826644fd58f8d54a601d8eb44d0d6223dac40f82807985ed472a9bf84d
SSDEEP

24576:q5FimGB0H3BU3K/eFQ6cVLWxwk9uACjN7Fa3XxgCsV:qS52H3Bm6m8a3BgCs

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
552467cc93c893_JC.exe

Files

552467cc93c893_JC.exe
.exe windows x86

390bd8bb55e8fe468504061bc241cb75

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalGetAtomNameA
LockFile
UnlockFile
DuplicateHandle
GetCurrentProcess
GetFullPathNameA
lstrcmpA
EnumResourceLanguagesA
ConvertDefaultLocale
GetCurrentThread
GlobalFlags
GlobalHandle
TlsGetValue
TlsAlloc
TlsSetValue
LocalReAlloc
TlsFree
InterlockedIncrement
GetCPInfo
GetOEMCP
SetErrorMode
RtlUnwind
ExitProcess
HeapAlloc
HeapFree
VirtualProtect
VirtualAlloc
GetSystemInfo
GlobalAddAtomA
GetSystemTimeAsFileTime
GetStartupInfoA
GetCommandLineA
HeapReAlloc
SetStdHandle
GetFileType
HeapSize
QueryPerformanceCounter
GetStringTypeA
GetStringTypeW
HeapDestroy
HeapCreate
VirtualFree
IsBadWritePtr
GetTimeZoneInformation
LCMapStringA
LCMapStringW
SetUnhandledExceptionFilter
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
IsBadReadPtr
IsBadCodePtr
SetEnvironmentVariableA
GlobalFindAtomA
GlobalDeleteAtom
lstrcatA
lstrcmpW
lstrcpynA
UnmapViewOfFile
CreateFileMappingA
MapViewOfFile
GetFileInformationByHandle
InterlockedDecrement
GetCurrentDirectoryA
LocalFileTimeToFileTime
RaiseException
FindFirstChangeNotificationA
FindCloseChangeNotification
FindNextChangeNotification
ResetEvent
GetOverlappedResult
GetCommTimeouts
SetCommTimeouts
WaitCommEvent
SetCommMask
GetCommState
SetCommState
SetupComm
GetDefaultCommConfigA
SetCommConfig
CancelIo
GetSystemDirectoryA
GetVolumeInformationA
GetWindowsDirectoryA
FreeResource
ClearCommError
EscapeCommFunction
LocalAlloc
ResumeThread
TerminateThread
MoveFileA
GlobalSize
GetTempPathA
RemoveDirectoryA
GetCurrentProcessId
SystemTimeToTzSpecificLocalTime
CompareFileTime
SystemTimeToFileTime
LoadLibraryA
GetProcAddress
FreeLibrary
FileTimeToLocalFileTime
CreateMutexA
SetFileTime
GetPrivateProfileStructA
FileTimeToSystemTime
GetExitCodeProcess
GetFileSize
SetEndOfFile
SetLastError
SetFilePointer
CreateDirectoryA
DeleteCriticalSection
InitializeCriticalSection
FlushFileBuffers
OpenFile
GlobalReAlloc
_lclose
_llseek
_lread
GlobalFree
GlobalAlloc
CopyFileA
SetFileAttributesA
DeleteFileA
FindNextFileA
GetFileAttributesA
FindFirstFileA
FindClose
GetFileTime
CreateThread
WaitForMultipleObjects
TerminateProcess
ConnectNamedPipe
SetEvent
ReadFile
CreateFileA
WriteFile
CreateNamedPipeA
CreateEventA
CreateProcessA
MulDiv
lstrcpyA
GlobalLock
GlobalUnlock
CompareStringW
CompareStringA
EnterCriticalSection
LeaveCriticalSection
lstrlenA
lstrcmpiA
GetVersion
MultiByteToWideChar
GetModuleFileNameA
GetCurrentThreadId
Sleep
WaitForSingleObject
CloseHandle
GetModuleHandleA
WritePrivateProfileStructA
GetLastError
FormatMessageA
LocalFree
GetLocalTime
GetTickCount
WideCharToMultiByte
FindResourceA
LoadResource
LockResource
SizeofResource
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
WritePrivateProfileStringA
GetPrivateProfileStringA
VirtualQuery
GetPrivateProfileIntA

user32

PostThreadMessageA
SetWindowContextHelpId
MapDialogRect
GetMessageA
ValidateRect
PostQuitMessage
DestroyMenu
GetWindowDC
ClientToScreen
SetMenuItemBitmaps
ModifyMenuA
GetMenuCheckMarkDimensions
LoadBitmapA
SetDlgItemTextA
RegisterWindowMessageA
WinHelpA
GetCapture
CreateWindowExA
GetClassInfoExA
SetPropA
GetPropA
RemovePropA
IsChild
GetWindowTextLengthA
GetLastActivePopup
GetTopWindow
GetMessageTime
GetMessagePos
MapWindowPoints
TrackPopupMenu
UpdateWindow
GetMenuItemID
GetMenuItemCount
AdjustWindowRectEx
EqualRect
GetClassInfoA
RegisterClassA
SetWindowPlacement
DefWindowProcA
OffsetRect
IntersectRect
SystemParametersInfoA
GetWindowPlacement
GetActiveWindow
CreateDialogIndirectParamA
IsWindowEnabled
EndDialog
MessageBoxA
EnumWindows
RegisterClipboardFormatA
ScreenToClient
LoadMenuA
UnregisterClassA
GetClipboardData
SendMessageW
GetDesktopWindow
wsprintfA
GetDlgItemTextA
DrawFocusRect
PtInRect
GetKeyboardLayoutNameA
LoadKeyboardLayoutA
UnloadKeyboardLayout
VkKeyScanExA
SetCursorPos
mouse_event
DrawFrameControl
InflateRect
CopyRect
GetSysColor
FrameRect
VkKeyScanA
MapVirtualKeyA
keybd_event
DestroyWindow
EnumChildWindows
SetWindowTextA
GetKeyState
SetRect
UnhookWindowsHookEx
SetWindowsHookExA
SetActiveWindow
GetSystemMetrics
EnableWindow
SendMessageA
SendDlgItemMessageA
IsWindow
PostMessageA
GetParent
CharUpperA
TabbedTextOutA
DrawTextA
DrawTextExA
GrayStringA
TranslateMessage
IsDialogMessageA
GetDlgCtrlID
SetFocus
AttachThreadInput
ShowWindow
GetWindow
GetClassNameA
GetForegroundWindow
SetForegroundWindow
GetNextDlgTabItem
GetFocus
InvalidateRect
IsIconic
GetSystemMenu
GetMenu
GetSubMenu
GetMenuState
EnableMenuItem
GetNextDlgGroupItem
InvalidateRgn
CopyAcceleratorTableA
CheckMenuItem
DeleteMenu
DrawIcon
GetAsyncKeyState
CallNextHookEx
DestroyIcon
FindWindowA
GetCursorPos
WindowFromPoint
GetWindowThreadProcessId
ReleaseCapture
LoadCursorA
CharNextA
MessageBeep
GetSysColorBrush
MoveWindow
DispatchMessageA
PeekMessageA
LoadImageA
ReleaseDC
GetDC
FillRect
CreatePopupMenu
AppendMenuA
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
SetCursor
SetWindowLongA
RedrawWindow
CallWindowProcA
EndPaint
GetWindowTextA
GetClientRect
BeginPaint
GetWindowLongA
GetDlgItem
SetRectEmpty
IsRectEmpty
GetWindowRect
SetTimer
KillTimer
SetWindowPos
IsWindowVisible
SetCapture
LoadIconA
GetClassLongA

gdi32

ScaleViewportExtEx
SetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
ExtSelectClipRgn
SetViewportExtEx
CreateRectRgnIndirect
GetRgnBox
OffsetViewportOrgEx
SetViewportOrgEx
GetWindowExtEx
GetViewportExtEx
SetMapMode
RestoreDC
SaveDC
CreateBitmap
SetBkColor
CreateFontIndirectA
Ellipse
GetBkColor
GetDIBits
FillRgn
CreatePolygonRgn
CreateBrushIndirect
SetAbortProc
StartDocA
StartPage
EndPage
EndDoc
CreateDCA
CreateSolidBrush
StretchDIBits
SetTextColor
SetBkMode
GetTextExtentPointA
MoveToEx
LineTo
Polyline
CreatePen
Polygon
GetStockObject
GetTextMetricsA
Rectangle
LPtoDP
DPtoLP
GetTextColor
GetDeviceCaps
CreateDIBSection
DeleteObject
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
SetDIBColorTable
SelectObject
DeleteDC
StretchBlt
BitBlt
GetMapMode
CreateCompatibleDC
GetObjectA
CreateCompatibleBitmap
GetClipBox

comdlg32

GetFileTitleA
PrintDlgA
GetSaveFileNameA
ChooseFontA
ChooseColorA
GetOpenFileNameA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegSetValueExA
RegCreateKeyExA
RegQueryValueExA
RegEnumValueA
RegQueryInfoKeyA
RegOpenKeyExA
RegOpenKeyA
RegDeleteKeyA
RegEnumKeyA
RegCloseKey
RegDeleteValueA
RegQueryValueA

shell32

SHBrowseForFolderA
SHGetSpecialFolderPathA
SHGetMalloc
SHGetPathFromIDListA
SHGetSpecialFolderLocation
ShellExecuteExA

comctl32

ord17

shlwapi

PathIsUNCA
PathFindExtensionA
PathFindFileNameA
PathStripToRootA
UrlEscapeA

oledlg

ord8

ole32

StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CoUninitialize
CoGetClassObject
CoFreeUnusedLibraries
CoRegisterMessageFilter
OleFlushClipboard
CLSIDFromString
CLSIDFromProgID
CoTaskMemAlloc
CoTaskMemFree
CoInitialize
OleInitialize
CoCreateInstance
OleIsCurrentClipboard
CoRevokeClassObject
CreateStreamOnHGlobal
CoCreateGuid
CreateILockBytesOnHGlobal
OleUninitialize

oleaut32

VarBstrFromDate
OleLoadPicture
SysAllocString
VariantClear
SysAllocStringLen
VariantChangeType
VariantInit
SysStringLen
SysAllocStringByteLen
VarDateFromStr
SafeArrayDestroy
OleCreateFontIndirect
VariantTimeToSystemTime
SysFreeString
VariantCopy
SystemTimeToVariantTime

ws2_32

bind
WSAGetLastError
recvfrom
socket
setsockopt
inet_addr
htons
sendto
closesocket
gethostbyname
inet_ntoa
WSACleanup
WSAStartup

wininet

InternetCheckConnectionA
InternetOpenA
InternetOpenUrlA
InternetCloseHandle
InternetReadFile

gdiplus

GdipAlloc
GdipDrawImageI
GdipGetImageGraphicsContext
GdipFree
GdiplusShutdown
GdiplusStartup
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromFileICM
GdipCreateBitmapFromFile
GdipGetImagePalette
GdipGetImagePaletteSize
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipDisposeImage
GdipDeleteGraphics
GdipCloneImage

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

mpr

WNetGetConnectionA
WNetAddConnection2A

Sections

.text
Size: 944KB - Virtual size: 942KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 184KB - Virtual size: 181KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 204KB - Virtual size: 201KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

390bd8bb55e8fe468504061bc241cb75

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

ws2_32

wininet

gdiplus

version

mpr

Sections

.text Size: 944KB - Virtual size: 942KB

.rdata Size: 184KB - Virtual size: 181KB

.data Size: 16KB - Virtual size: 38KB

.rsrc Size: 204KB - Virtual size: 201KB

.text
Size: 944KB - Virtual size: 942KB

.rdata
Size: 184KB - Virtual size: 181KB

.data
Size: 16KB - Virtual size: 38KB

.rsrc
Size: 204KB - Virtual size: 201KB