jbit[.]exe | Triage

Sharing

General

Target

jbit.exe
Size

81.1MB
MD5

8eda3b52a16bb07d5a03441c10296502
SHA1

35ac1bafbedf456bf4cca1606673501a5200e623
SHA256

23abe80bf01902aca2c57c6494ef60780187a870d01d964790306a10b3fa23ad
SHA512

9f9e09c7b1645785d560f6cdd408714a544ef058197731626cf66d8708b43ef35b7116c7b5a15986fb7b11ff3513387db97e06dae42650ab0310ece0c943cac8
SSDEEP

1572864:bUSBvWtkRbCHf7RKxFOBS/DllaKg1h6xyPbm2oXMyOwGR2sedKdiizqZ4ujuw5b9:bRBvw4wDqFWS/DDumMP63XVXY2sedKdM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs
Checks for missing Authenticode signature.

Processes:

resource

jbit.exe

Files

jbit.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 81.0MB - Virtual size: 81.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 56KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ