JS-NJ-OA1135[.]zip

Sharing

Copy URL Twitter E-mail

General

Target

JS-NJ-OA1135.zip
Size

8KB
MD5

fb2a92512a7c3548326eb6fd1b2d3005
SHA1

0504b6e124968a212538ae32885869deec8596a3
SHA256

4a58b26b556d79a21bc6f34850bb924bbf9d77731329faf78c0f6d282ca2bb1f
SHA512

60efd3fde877f2c1744195956da7485882dce1692d3491f9b8f0c84a85885bac96da5a825dfec4ed0dedac62ad63932ecf8dabfc87206c13e5d2fced03e42fa6
SSDEEP

192:quKUJrw/cG+ehXhJjj17bfyLGBb+Yxfca/U4fBV8uH522HZg:quUcG+ehXhJv1fyLGffLdBV8o2Mg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/JS-NJ-OA1135.exe

Files

JS-NJ-OA1135.zip
.zip
JS-NJ-OA1135.exe
.exe windows x86

200bd8706c36bf07f7ef1b236749fd70

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

ShellExecuteW

kernel32

GetLastError
SetEvent
CreateEventExW
WaitForSingleObject
FindPackagesByPackageFamily
UnhandledExceptionFilter
CloseHandle
GetCurrentProcess
TerminateProcess
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
GetTickCount
RaiseException
SetUnhandledExceptionFilter

msvcrt

__CxxFrameHandler3
?terminate@@YAXXZ
_controlfp
_except_handler4_common
exit
_callnewh
malloc
free
_wcmdln
_initterm
__setusermatherr
__p__commode
__set_app_type
__wgetmainargs
_purecall
_cexit
_XcptFilter
_exit
_amsg_exit
__p__fmode

advapi32

EventRegister
EventSetInformation
EventWriteTransfer

api-ms-win-core-winrt-l1-1-0

RoInitialize
RoActivateInstance

api-ms-win-core-winrt-string-l1-1-0

WindowsDeleteString
WindowsCreateStringReference
WindowsCreateString

api-ms-win-core-winrt-error-l1-1-1

RoGetMatchingRestrictedErrorInfo
SetRestrictedErrorInfo

api-ms-win-core-synch-l1-2-0

Sleep

api-ms-win-core-processthreads-l1-1-2

GetStartupInfoW

api-ms-win-core-libraryloader-l1-2-0

GetModuleHandleA

Sections

.text
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 936B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 604B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

200bd8706c36bf07f7ef1b236749fd70

Headers

DLL Characteristics

File Characteristics

Imports

shell32

kernel32

msvcrt

advapi32

api-ms-win-core-winrt-l1-1-0

api-ms-win-core-winrt-string-l1-1-0

api-ms-win-core-winrt-error-l1-1-1

api-ms-win-core-synch-l1-2-0

api-ms-win-core-processthreads-l1-1-2

api-ms-win-core-libraryloader-l1-2-0

Sections

.text Size: 8KB - Virtual size: 7KB

.data Size: 512B - Virtual size: 936B

.idata Size: 2KB - Virtual size: 1KB

.rsrc Size: 18KB - Virtual size: 17KB

.reloc Size: 1024B - Virtual size: 604B

.text
Size: 8KB - Virtual size: 7KB

.data
Size: 512B - Virtual size: 936B

.idata
Size: 2KB - Virtual size: 1KB

.rsrc
Size: 18KB - Virtual size: 17KB

.reloc
Size: 1024B - Virtual size: 604B