52b973c029f230ba1049d1438ff7a960exe_JC[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

52b973c029f230ba1049d1438ff7a960exe_JC.exe
Size

440KB
MD5

52b973c029f230ba1049d1438ff7a960
SHA1

c7c8790cd93463fea65921abfb44a5ed81788ab5
SHA256

a8987722e326199edfa57b05912e962115d7e408ece800b53ed84a78d6a195a6
SHA512

7b3b7aff02e7e15c557c618abfd243bb3b6510914aa8b2ea1eef76186c2ef7045a3848cded0b4530c67c113824c5b066fbca18df0f8a09e3e76795947d458605
SSDEEP

6144:LQkAFTZe+DD2/wNvGaNgmQPzSI58KP0Pt8piGijRTGJd9jB:kTFTZFDGwtGigBFeKP0Pt+iGEMTd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
52b973c029f230ba1049d1438ff7a960exe_JC.exe

Files

52b973c029f230ba1049d1438ff7a960exe_JC.exe
.exe windows x86

61bfc8ce3e6e77a9f89e6662e5905239

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetFilePointer
FlushFileBuffers
GetConsoleMode
GetConsoleCP
LCMapStringW
LCMapStringA
GetStringTypeW
MultiByteToWideChar
GetStringTypeA
GetLocaleInfoA
WriteConsoleA
HeapSize
IsValidCodePage
GetOEMCP
GetACP
SizeofResource
HeapReAlloc
VirtualAlloc
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
VirtualFree
GetFileType
SetHandleCount
GetEnvironmentStringsW
WideCharToMultiByte
GetConsoleOutputCP
WriteConsoleW
SetStdHandle
CreateFileA
CloseHandle
CreateToolhelp32Snapshot
GetModuleHandleA
LoadLibraryA
GetProcAddress
GetLastError
HeapCreate
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
InitializeCriticalSectionAndSpinCount
EnterCriticalSection
OpenProcess
GetProcessTimes
HeapAlloc
LoadResource
GetCPInfo
GetEnvironmentVariableW
LeaveCriticalSection
DeleteCriticalSection
GetModuleFileNameA
GetStdHandle
WriteFile
InterlockedDecrement
GetCurrentThreadId
SetLastError
InterlockedIncrement
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
HeapFree
RtlUnwind
RaiseException
GetStartupInfoA
GetModuleHandleW
Sleep
ExitProcess
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetCommandLineA

user32

LoadCursorA
DialogBoxParamA
EndDeferWindowPos
ModifyMenuA
UpdateWindow
BeginDeferWindowPos
LookupIconIdFromDirectory
SetTimer
GetWindowRect
InsertMenuItemA
GetMenuItemID
KillTimer
LoadIconA
GetClientRect
CreateMenu
SendMessageA
SetRectEmpty
GetDC
MessageBoxA
CreateWindowExA
DefWindowProcA
LoadAcceleratorsA
ShowWindow
SetMenu
CreatePopupMenu
FrameRect
AppendMenuA
GetMenuItemCount
DeferWindowPos

gdi32

SetTextColor
CreateHatchBrush
DeleteDC
SetBkColor
EnumObjects
CreateDCA
CreateBitmap
SetBkMode
DeleteObject
SelectObject
SelectClipRgn
Rectangle
GetStockObject
ExtEscape

shell32

SHBrowseForFolderA

ole32

OleDraw

psapi

QueryWorkingSet
InitializeProcessForWsWatch
EnumProcesses
GetWsChanges

avifil32

AVIFileInit
AVIFileOpenA

comctl32

ord6
ord17

opengl32

glLoadIdentity
glColor3f
glEnable
glLightfv
glVertex3f
glShadeModel
glBegin
glVertex2d
glEnd
glClear

Sections

.text
Size: 202KB - Virtual size: 202KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 134KB - Virtual size: 133KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 97KB - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

61bfc8ce3e6e77a9f89e6662e5905239

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

shell32

ole32

psapi

avifil32

comctl32

opengl32

Sections

.text Size: 202KB - Virtual size: 202KB

.rdata Size: 134KB - Virtual size: 133KB

.data Size: 5KB - Virtual size: 12KB

.rsrc Size: 97KB - Virtual size: 96KB

.text
Size: 202KB - Virtual size: 202KB

.rdata
Size: 134KB - Virtual size: 133KB

.data
Size: 5KB - Virtual size: 12KB

.rsrc
Size: 97KB - Virtual size: 96KB