8f63ea31bfb5d8ab05d2a980189251b0_JC[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8f63ea31bfb5d8ab05d2a980189251b0_JC.exe
Size

204KB
MD5

8f63ea31bfb5d8ab05d2a980189251b0
SHA1

0d41f03eb76e106437f207f830701e66b783d1aa
SHA256

240ec7a1586a8b31f86dee1b58ee577ccaf6fd61cafb57f311b6f51a08cc9104
SHA512

baf46e86b7e28127afcac947de2a8205bdec538dd0800c829afe11b4aa7d3f1f9ae10d9289101c132099e2d4252f86c28fbbed1318cd16526519f0f82b54d68d
SSDEEP

3072:UBI5ArKGCnhgU1XA+ArXjeaMoh6lgUaVwQ+/76bSSN+PS7VyoCeJ6ikkCxmE7O0S:UK5ArKjbAxXSaegUqGeGpBohM1mE7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8f63ea31bfb5d8ab05d2a980189251b0_JC.exe

Files

8f63ea31bfb5d8ab05d2a980189251b0_JC.exe
.exe windows x86

b85f7741a49f0e564ff0742d092b0400

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleFileNameW
CreateFileW
GetFileSize
ReadFile
CloseHandle
VirtualAlloc
GetModuleHandleA
GetProcAddress
LoadLibraryA
VirtualFree
GetProcessHeap
GetCurrentProcess
TerminateProcess
HeapAlloc
HeapFree

Sections

.text
Size: 179KB - Virtual size: 178KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 48B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ