253a704acd7952677c70e0c2d787791b8359efe2c92a5e77acea028393a85613exe_JC[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

253a704acd7952677c70e0c2d787791b8359efe2c92a5e77acea028393a85613exe_JC.exe
Size

48KB
MD5

07b40312047f204a2c1fbd94fba6f53b
SHA1

59d7aaff5e8cba285ba18c67473cb578c64c3c7d
SHA256

253a704acd7952677c70e0c2d787791b8359efe2c92a5e77acea028393a85613
SHA512

c1aa3ed7f1bd044b31c1b629b5bdc2b9049c8d126c5fbdbb5c9ea0ec0324ffde76419c22c72cda3d3b2bdc3afa1b9df9a65493338be159aabad99889afc42f4c
SSDEEP

768:Xlz7Lhj/LSD7CENNfvSOdNjbyocZ01W3ybBId2l:9NzLqxSOdpbyjZYRl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
253a704acd7952677c70e0c2d787791b8359efe2c92a5e77acea028393a85613exe_JC.exe

Files

253a704acd7952677c70e0c2d787791b8359efe2c92a5e77acea028393a85613exe_JC.exe
.exe windows x86

b75189af1105cd1938c0c454656206e4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateFileA
WriteFile
DeleteFileA
CompareFileTime
GetFileSize
GetSystemTime
SetFilePointer
CreatePipe
SetHandleInformation
CreateProcessA
GetTickCount
PeekNamedPipe
WaitForSingleObject
ReadFile
CloseHandle
lstrlenA
GetCurrentProcessId
GetComputerNameA
CompareStringW
CompareStringA
GetLastError
SystemTimeToFileTime
Sleep
FlushFileBuffers
LCMapStringW
LCMapStringA
SetStdHandle
LoadLibraryA
GetProcAddress
GetOEMCP
GetACP
GetCPInfo
SetEnvironmentVariableA
GetStringTypeW
GetStringTypeA
MultiByteToWideChar
RtlUnwind
GetFileType
GetTimeZoneInformation
GetLocalTime
HeapFree
HeapAlloc
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle

advapi32

CryptEncrypt
CryptReleaseContext
GetUserNameA
CryptCreateHash
CryptHashData
CryptDeriveKey
CryptAcquireContextA
CryptDecrypt
CryptDestroyKey
CryptDestroyHash
CryptGenRandom

shell32

SHGetFolderPathA

crypt32

CryptBinaryToStringA
CryptStringToBinaryA

iphlpapi

GetAdaptersInfo

wininet

InternetOpenA
InternetCloseHandle
HttpOpenRequestA
HttpAddRequestHeadersA
InternetConnectA
HttpQueryInfoA
InternetReadFile
InternetSetOptionA
HttpSendRequestA

imagehlp

MakeSureDirectoryPathExists

Sections

.text
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

b75189af1105cd1938c0c454656206e4

Headers

File Characteristics

Imports

kernel32

advapi32

shell32

crypt32

iphlpapi

wininet

imagehlp

Sections

.text Size: 32KB - Virtual size: 31KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 8KB - Virtual size: 10KB

.text
Size: 32KB - Virtual size: 31KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 8KB - Virtual size: 10KB