04eda95779ded417ce8c151a83ce783f2369df3e660caf7ba3a09fb0310352f4_JC[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

04eda95779ded417ce8c151a83ce783f2369df3e660caf7ba3a09fb0310352f4_JC.exe
Size

343KB
MD5

c4ddd8bb189f2874fd7a9369ece35c92
SHA1

e53e275bbe5b1347b81e98f55d5f5e4928e005a8
SHA256

04eda95779ded417ce8c151a83ce783f2369df3e660caf7ba3a09fb0310352f4
SHA512

05ecde33d466ed86c562f3a6ef0db774ef8881f91ef494a24eef4f6b6e96a90c650c2d8c32711ee9528a858350461f0adf3e823577a214e83b410024cffee856
SSDEEP

6144:OGk39+NYmFGGF2Cx9hZs8KBUsq4eetIVz7m4:nQyYmFfv9/BKBdrdKVW4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
04eda95779ded417ce8c151a83ce783f2369df3e660caf7ba3a09fb0310352f4_JC.exe

Files

04eda95779ded417ce8c151a83ce783f2369df3e660caf7ba3a09fb0310352f4_JC.exe
.exe windows x86

8801a5787fb0afca6c87d6856306680b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

_llseek
InterlockedIncrement
MoveFileExW
OpenJobObjectA
InterlockedDecrement
GetLogicalDriveStringsW
GetSystemWindowsDirectoryW
GetProfileStringW
SetConsoleScreenBufferSize
OpenSemaphoreA
GetTickCount
GenerateConsoleCtrlEvent
GetConsoleAliasExesW
WaitNamedPipeW
GetDateFormatA
EnumTimeFormatsW
GetUserDefaultLangID
GetCommandLineA
GlobalAlloc
SetFileShortNameW
LoadLibraryW
ReadConsoleInputA
_hread
GetCalendarInfoA
GetConsoleAliasExesLengthW
DeleteVolumeMountPointW
GetFileAttributesA
GetExitCodeProcess
GetTimeFormatW
SetConsoleMode
GetConsoleAliasW
GetWriteWatch
TerminateProcess
LocalHandle
lstrcatA
GetStartupInfoW
GetDriveTypeW
SetCurrentDirectoryA
GetStartupInfoA
OpenMutexW
GetHandleInformation
GetCurrentDirectoryW
SetLastError
ReadConsoleOutputCharacterA
GetProcAddress
PeekConsoleInputW
MoveFileW
OpenWaitableTimerA
LoadLibraryA
InterlockedExchangeAdd
GetFileType
BuildCommDCBAndTimeoutsW
GetNumberFormatW
GlobalGetAtomNameW
AddAtomA
CreateIoCompletionPort
GetModuleHandleA
CreateMutexA
FreeEnvironmentStringsW
FindNextFileW
CreateMailslotA
EnumDateFormatsW
QueryPerformanceFrequency
GetUserDefaultUILanguage
EndUpdateResourceA
GetWindowsDirectoryW
FindFirstVolumeW
GetVolumeNameForVolumeMountPointW
MoveFileWithProgressW
DebugBreak
EnumSystemLocalesW
DeleteFileA
SetInformationJobObject
GetPrivateProfileIntW
SetProcessAffinityMask
GetLastError
WideCharToMultiByte
MoveFileA
HeapFree
HeapAlloc
GetCommandLineW
HeapSetInformation
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
EncodePointer
TlsAlloc
TlsGetValue
TlsSetValue
DecodePointer
TlsFree
GetModuleHandleW
GetCurrentThreadId
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetCurrentProcess
HeapCreate
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameW
EnterCriticalSection
LeaveCriticalSection
SetFilePointer
GetEnvironmentStringsW
SetHandleCount
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
LCMapStringW
MultiByteToWideChar
GetStringTypeW
Sleep
IsProcessorFeaturePresent
RtlUnwind
SetStdHandle
GetConsoleCP
GetConsoleMode
FlushFileBuffers
HeapReAlloc
HeapSize
ReadFile
WriteConsoleW
CloseHandle
CreateFileW
RaiseException

gdi32

GetTextFaceW
GetCharWidthA

Sections

.text
Size: 104KB - Virtual size: 103KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 167KB - Virtual size: 30.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 71KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8801a5787fb0afca6c87d6856306680b

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

gdi32

Sections

.text Size: 104KB - Virtual size: 103KB

.data Size: 167KB - Virtual size: 30.8MB

.rsrc Size: 71KB - Virtual size: 70KB

.text
Size: 104KB - Virtual size: 103KB

.data
Size: 167KB - Virtual size: 30.8MB

.rsrc
Size: 71KB - Virtual size: 70KB