7990f6fefa188d_JC[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

7990f6fefa188d_JC.exe
Size

2.4MB
MD5

7990f6fefa188d9673dea961222a7dc1
SHA1

e871afcd57ec0960fa87c5de1fab94a831311ceb
SHA256

f19d2394583f6cace56543f7220620b0ea08b1043aafa614e2dff514a2a4b687
SHA512

95d94e047ac8a4c8134098828425d3a6e1297da6348d772764678bc16679f7cb9f4fb608bbc1a61465fb7ed4deac31c5bc277bc970d6211ee318bf8466556bf9
SSDEEP

49152:+mIfQf0D1MsToxyrIYLNiXicJFFRGNzj3:OQf0D11h7wRGpj3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7990f6fefa188d_JC.exe

Files

7990f6fefa188d_JC.exe
.exe windows x86

bf3cf436ec29cbd6ed8d09a4f0c73023

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

timeGetTime

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

kernel32

FlushFileBuffers
SetEndOfFile
SetErrorMode
HeapAlloc
GetStartupInfoW
RaiseException
HeapReAlloc
VirtualAlloc
RtlUnwind
ExitProcess
HeapSize
SetUnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
GetEnvironmentStringsW
GetCommandLineA
GetCommandLineW
SetHandleCount
GetFileType
GetStartupInfoA
HeapDestroy
HeapCreate
VirtualFree
GetSystemTimeAsFileTime
TerminateProcess
UnhandledExceptionFilter
IsDebuggerPresent
GetConsoleCP
GetConsoleMode
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
LCMapStringA
LCMapStringW
SetStdHandle
GetConsoleOutputCP
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
WritePrivateProfileStringW
GetThreadLocale
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
GlobalHandle
TlsGetValue
GlobalFlags
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSection
InterlockedIncrement
ConvertDefaultLocale
EnumResourceLanguagesW
lstrcmpA
GetLocaleInfoW
GetCurrentThreadId
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
lstrcmpW
FreeResource
GlobalLock
GlobalUnlock
FormatMessageW
MulDiv
GetSystemDirectoryA
GetModuleHandleA
FindResourceA
GetWindowsDirectoryA
RemoveDirectoryA
GetComputerNameA
GetCurrentDirectoryA
GetModuleFileNameA
CreateDirectoryA
GetLocalTime
DeleteFileA
SetCurrentDirectoryA
GetTempPathA
GetCurrentProcessId
CreateEventA
GetOverlappedResult
ReadFile
QueryPerformanceCounter
QueryPerformanceFrequency
GetTickCount
LocalAlloc
CreateFileA
DeviceIoControl
LocalFree
GetSystemInfo
GetProcessAffinityMask
GetCurrentThread
GetCurrentProcess
SetFilePointer
GetVersionExA
LoadLibraryA
CreateMutexA
SetLastError
ReleaseMutex
lstrlenA
lstrcmpiA
CompareStringW
WriteConsoleA
GetVersion
InterlockedExchange
GetProcessHeap
HeapFree
GetVersionExW
GlobalMemoryStatus
GetTempPathW
WinExec
lstrlenW
lstrcatW
lstrcpyW
CreateFileW
FreeLibrary
WriteFile
GetLastError
LoadLibraryW
WriteConsoleW
CreateThread
GetProcAddress
ExitThread
Sleep
SetThreadPriority
GetStdHandle
GetModuleHandleW
GetModuleFileNameW
InterlockedDecrement
MultiByteToWideChar
WaitForSingleObject
CloseHandle
WideCharToMultiByte
GlobalSize
GlobalReAlloc
GlobalAlloc
GlobalFree
GetComputerNameW
GetCurrentDirectoryW
SizeofResource
LoadResource
FindResourceW
SetCurrentDirectoryW
LockResource
FreeEnvironmentStringsW

user32

UnregisterClassW
LoadCursorW
GetSysColorBrush
DestroyMenu
PostQuitMessage
GetMessageW
TranslateMessage
GetCursorPos
ValidateRect
GetWindowThreadProcessId
SetWindowTextW
IsDialogMessageW
SetDlgItemTextW
SetDlgItemInt
EndPaint
BeginPaint
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
ShowWindow
LoadIconW
SendDlgItemMessageW
SendDlgItemMessageA
WinHelpW
GetCapture
SetWindowsHookExW
CallNextHookEx
GetClassLongW
GetClassNameW
SetPropW
GetPropW
RemovePropW
SetFocus
GetWindowTextLengthW
GetWindowTextW
GetForegroundWindow
GetLastActivePopup
UnregisterClassA
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
MapWindowPoints
TrackPopupMenu
GetKeyState
SetForegroundWindow
GetMenu
PostMessageW
CreateWindowExW
GetClassInfoW
RegisterClassW
AdjustWindowRectEx
ScreenToClient
CopyRect
PtInRect
GetDlgCtrlID
DefWindowProcW
CallWindowProcW
SetWindowPos
SystemParametersInfoA
GetWindowPlacement
GetWindow
GetDesktopWindow
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamW
DestroyWindow
IsWindow
GetWindowLongW
GetDlgItem
IsWindowEnabled
GetNextDlgTabItem
EndDialog
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
GetFocus
GetParent
EnableMenuItem
CheckMenuItem
GetMenuState
GetMenuItemID
GetMenuItemCount
GetSubMenu
wsprintfA
AppendMenuW
CreatePopupMenu
ClientToScreen
PeekMessageW
ModifyMenuW
DestroyCursor
CreateCursor
SetWindowLongW
SetCursor
UpdateWindow
InvalidateRect
OffsetRect
GetSysColor
DrawIcon
GetSystemMetrics
IsIconic
SetTimer
LoadImageW
KillTimer
DestroyIcon
MessageBoxW
wsprintfW
GetWindowDC
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
ReleaseDC
GetClientRect
GetDC
SendMessageW
EnableWindow
GetWindowRect
LoadBitmapW
RegisterWindowMessageW
GetClassInfoExW
IsWindowVisible
DispatchMessageW

gdi32

DeleteDC
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
Escape
ExtTextOutW
TextOutW
RectVisible
PtVisible
DeleteObject
CreateCompatibleBitmap
RealizePalette
SelectPalette
GetObjectW
GetStockObject
CreateCompatibleDC
SetMapMode
SetBkMode
RestoreDC
SaveDC
SetBkColor
SetTextColor
GetClipBox
CreateSolidBrush
GetTextExtentPoint32W
CreateFontIndirectW
GetPixel
CreateBitmap
CreateFontW
CreatePalette
GetSystemPaletteEntries
GetDeviceCaps
BitBlt
GetDIBits

winspool.drv

OpenPrinterW
ClosePrinter
DocumentPropertiesW

advapi32

RegSetValueExW
RegCreateKeyExW
RegEnumKeyW
RegDeleteKeyW
RegQueryValueExW
RegOpenKeyW
ImpersonateSelf
OpenThreadToken
AllocateAndInitializeSid
FreeSid
InitializeSecurityDescriptor
GetLengthSid
InitializeAcl
AddAccessAllowedAce
SetSecurityDescriptorDacl
SetSecurityDescriptorGroup
SetSecurityDescriptorOwner
IsValidSecurityDescriptor
AccessCheck
RevertToSelf
RegOpenKeyExA
RegQueryValueExA
OpenSCManagerA
ControlService
StartServiceA
OpenServiceA
DeleteService
CreateServiceA
CloseServiceHandle
OpenProcessToken
RegCloseKey
RegQueryValueW
RegOpenKeyExW

shell32

ShellExecuteW

shlwapi

PathFindFileNameW
PathFindExtensionW

ole32

CoInitializeEx
CoSetProxyBlanket
CoCreateInstance
CoUninitialize
CoInitialize
CoInitializeSecurity

oleaut32

SafeArrayGetElemsize
SysAllocString
SysAllocStringByteLen
SysStringByteLen
SysFreeString
VariantChangeType
VariantClear
VariantInit
SysStringLen
SafeArrayGetElement
SafeArrayGetVartype

Sections

.text
Size: 896KB - Virtual size: 895KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 208KB - Virtual size: 204KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 92KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

bf3cf436ec29cbd6ed8d09a4f0c73023

Headers

File Characteristics

Imports

winmm

version

kernel32

user32

gdi32

winspool.drv

advapi32

shell32

shlwapi

ole32

oleaut32

Sections

.text Size: 896KB - Virtual size: 895KB

.rdata Size: 208KB - Virtual size: 204KB

.data Size: 92KB - Virtual size: 112KB

.rsrc Size: 1.2MB - Virtual size: 1.2MB

.text
Size: 896KB - Virtual size: 895KB

.rdata
Size: 208KB - Virtual size: 204KB

.data
Size: 92KB - Virtual size: 112KB

.rsrc
Size: 1.2MB - Virtual size: 1.2MB