00b6ade6a2ab611fc1f14269e91980fc7f550dd55e018ecf63a2f4c36ec9e03fexe_JC[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

00b6ade6a2ab611fc1f14269e91980fc7f550dd55e018ecf63a2f4c36ec9e03fexe_JC.exe
Size

308KB
MD5

cae0f536e562615b8e4788a0d0ab3617
SHA1

dd97e1c6f3cb6d1405191a88236aa59e3beecd9c
SHA256

00b6ade6a2ab611fc1f14269e91980fc7f550dd55e018ecf63a2f4c36ec9e03f
SHA512

dad26c3be2e1b7e63c34117bbe8f07db5808d04134777bb87a2386146920dfa6694e9350422cd92b52cdcf71facc105c0b2144916329a5f53485c38d2998c513
SSDEEP

3072:8sWtVEOJa7TijcC27WjQZO7AWaCWuB1jLTg4xGwhCCvPCNLCPIL6ZkBjv6PTNs1o:4tzoijfKWVNLPTqw1v6NLv6Zcm+sB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
00b6ade6a2ab611fc1f14269e91980fc7f550dd55e018ecf63a2f4c36ec9e03fexe_JC.exe

Files

00b6ade6a2ab611fc1f14269e91980fc7f550dd55e018ecf63a2f4c36ec9e03fexe_JC.exe
.dll windows x64

230c2064c7853810ac54060ba958b0e7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

kernel32

GetProcessHeap
HeapAlloc
HeapFree
HeapReAlloc
CloseHandle
GetModuleHandleA
GetProcAddress
TryAcquireSRWLockExclusive
ReleaseSRWLockExclusive
GetStdHandle
GetConsoleMode
GetLastError
WaitForSingleObject
WriteConsoleW
SetLastError
WaitForSingleObjectEx
LoadLibraryA
CreateMutexA
GetCurrentProcess
ReleaseMutex
GetEnvironmentVariableW
RtlLookupFunctionEntry
GetModuleHandleW
FormatMessageW
GetModuleFileNameW
GetCommandLineW
CreateFileW
GetFullPathNameW
GetEnvironmentStringsW
FreeEnvironmentStringsW
CompareStringOrdinal
GetSystemDirectoryW
GetWindowsDirectoryW
AcquireSRWLockExclusive
CreateProcessW
GetFileAttributesW
DuplicateHandle
CreateThread
GetCurrentProcessId
CreateNamedPipeW
SetThreadStackGuarantee
GetCurrentThread
ReadFileEx
SleepEx
WriteFileEx
ExitProcess
GetCurrentDirectoryW
RtlCaptureContext
AcquireSRWLockShared
ReleaseSRWLockShared
SetFilePointerEx
GetConsoleOutputCP
QueryPerformanceCounter
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
RtlVirtualUnwind
IsDebuggerPresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetStartupInfoW
IsProcessorFeaturePresent
RtlUnwindEx
InterlockedFlushSList
EncodePointer
RaiseException
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
LoadLibraryExW
RtlPcToFileHeader
TerminateProcess
GetModuleHandleExW
FindClose
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetCommandLineA
MultiByteToWideChar
WideCharToMultiByte
FlsAlloc
FlsGetValue
FlsSetValue
FlsFree
LCMapStringW
GetFileType
GetStringTypeW
HeapSize
SetStdHandle
FlushFileBuffers
WriteFile

bcrypt

BCryptGenRandom
BCryptOpenAlgorithmProvider
BCryptCloseAlgorithmProvider

Exports

Exports

DllMain
PSGetPropertyDescription

Sections

.text
Size: 217KB - Virtual size: 216KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 74KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 348B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

230c2064c7853810ac54060ba958b0e7

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

bcrypt

Exports

Exports

Sections

.text Size: 217KB - Virtual size: 216KB

.rdata Size: 74KB - Virtual size: 74KB

.data Size: 3KB - Virtual size: 7KB

.pdata Size: 10KB - Virtual size: 9KB

_RDATA Size: 512B - Virtual size: 348B

.reloc Size: 2KB - Virtual size: 2KB

.text
Size: 217KB - Virtual size: 216KB

.rdata
Size: 74KB - Virtual size: 74KB

.data
Size: 3KB - Virtual size: 7KB

.pdata
Size: 10KB - Virtual size: 9KB

_RDATA
Size: 512B - Virtual size: 348B

.reloc
Size: 2KB - Virtual size: 2KB