89231f2d4d9c3c_JC[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

89231f2d4d9c3c_JC.exe
Size

1.1MB
MD5

89231f2d4d9c3c69f19bd5654940d518
SHA1

9a37a799b80f1b1534b65f040985008dabed5319
SHA256

bed0fbb0141cdfc6bf165eae7038e5c8db734ee657911905006f3cc43b49c831
SHA512

f2c0fcb7950ea4c9ab5057a88b374a4062f41186602322a3be270ef49cad856a88ddea545964831f9e7bda456f8e075494899bad91380e8d9c714a363651abf7
SSDEEP

12288:UN9iYb2TnwVc39QwnW9aT/jr/jjSvLXJ3H/7qovfOoOIcKnojG9nus44:U6nrZWQTbmF3zqouoOIcXGZu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
89231f2d4d9c3c_JC.exe

Files

89231f2d4d9c3c_JC.exe
.exe windows x86

42d96ef4d9eea71c7a51308720652c9b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ReleaseMutex
CreateMutexA
GetCurrentProcess
CreateTimerQueue
lstrlenA
CreateEventA
CreateThread
TerminateThread
GetExitCodeThread
DeleteTimerQueue
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
FlushFileBuffers
CreateFileW
HeapSize
RaiseException
HeapReAlloc
HeapAlloc
GetStringTypeW
LCMapStringW
MultiByteToWideChar
GetModuleFileNameA
SetStdHandle
RtlUnwind
GetLocaleInfoW
LoadLibraryW
InterlockedExchange
SetConsoleCtrlHandler
FatalAppExitA
HeapFree
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
LeaveCriticalSection
EnterCriticalSection
GetConsoleMode
GetConsoleCP
SetFilePointer
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
LoadLibraryA
GetProcAddress
FreeLibrary
SetEvent
OpenEventA
WaitForMultipleObjectsEx
ReadFileEx
CancelIo
WaitForSingleObject
CreateTimerQueueTimer
SetLastError
DeleteTimerQueueTimer
GetLastError
CloseHandle
ChangeTimerQueueTimer
GetModuleHandleA
Sleep
CreateFileA
QueryPerformanceCounter
HeapDestroy
HeapCreate
GetCurrentThread
InterlockedDecrement
GetCurrentThreadId
InterlockedIncrement
TlsFree
TlsSetValue
TlsGetValue
DeviceIoControl
WriteConsoleW
GetCommandLineA
HeapSetInformation
GetStartupInfoW
DecodePointer
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
EncodePointer
TerminateProcess
IsProcessorFeaturePresent
GetModuleHandleW
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameW
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
InitializeCriticalSectionAndSpinCount
GetFileType
DeleteCriticalSection
TlsAlloc
IsValidLocale

advapi32

RegCloseKey
RegQueryValueExA
RegOpenKeyExA
RegDeleteValueA
RegCreateKeyExA
RegNotifyChangeKeyValue

user32

MsgWaitForMultipleObjects
LoadCursorA
RegisterClassExA
CreateWindowExA
GetMessageA
TranslateMessage
DispatchMessageA
DestroyIcon
SetWindowLongA
SetClassLongA
FindWindowA
EndPaint
PostQuitMessage
DestroyWindow
DefWindowProcA
DrawTextExA
IsWindow
GetWindowLongA
InvalidateRect
UpdateWindow
SetLayeredWindowAttributes
ShowWindow
PostMessageA
FillRect
GetDC
ReleaseDC
SetWindowPos
SetWindowRgn
GetSystemMetrics
LoadImageA
RegisterWindowMessageA
BeginPaint

gdi32

CreateSolidBrush
DeleteObject
CreateDCA
CreateCompatibleDC
GetObjectA
CreateRoundRectRgn
SelectObject
GetPixel
SetPixelV
DeleteDC
CreateRectRgn
CombineRgn
SetTextColor
SetBkMode
CreateFontIndirectA
CreateCompatibleBitmap
BitBlt

shell32

Shell_NotifyIconA

msimg32

GradientFill

shlwapi

ColorAdjustLuma
StrRChrA
StrStrA
ColorRGBToHLS
ColorHLSToRGB

imm32

ImmDisableIME

Sections

.text
Size: 107KB - Virtual size: 106KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 413KB - Virtual size: 412KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 572KB - Virtual size: 576KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

42d96ef4d9eea71c7a51308720652c9b

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

advapi32

user32

gdi32

shell32

msimg32

shlwapi

imm32

Sections

.text Size: 107KB - Virtual size: 106KB

.rdata Size: 14KB - Virtual size: 14KB

.data Size: 6KB - Virtual size: 13KB

.rsrc Size: 413KB - Virtual size: 412KB

.reloc Size: 572KB - Virtual size: 576KB

.text
Size: 107KB - Virtual size: 106KB

.rdata
Size: 14KB - Virtual size: 14KB

.data
Size: 6KB - Virtual size: 13KB

.rsrc
Size: 413KB - Virtual size: 412KB

.reloc
Size: 572KB - Virtual size: 576KB