12531997fe9384436ff2c8c469677060_JC[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

12531997fe9384436ff2c8c469677060_JC.exe
Size

354KB
MD5

12531997fe9384436ff2c8c469677060
SHA1

8c2d08b5f02e75e8c57f8a981b7e6944b0cc6b65
SHA256

a627499d843febf094acbef12746b89c94a92dd03612c262005f3a9dea0225d2
SHA512

c76740417ac07325b135f28a0f906dc060bd3766105835ebb7c16b910e8489c104a3b1c690649a2fb21e1efba7de3353d4cb2a0f5e875b1b1f9d79890a8279da
SSDEEP

6144:5U5npygCyAblhbUtPR4N8m7eV+wGGXmr9I3kK:5U5nBqfadqeVTGEaIUK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
12531997fe9384436ff2c8c469677060_JC.exe

Files

12531997fe9384436ff2c8c469677060_JC.exe
.exe windows x86

744598c5d3266582aebdfea740a21972

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFileAttributesExW
DeleteFileW
MoveFileW
WideCharToMultiByte
CreateFileW
SetFilePointer
WriteFile
CreateEventW
GetCommandLineW
LocalFree
OpenMutexW
GetTempPathW
GetVersionExA
HeapDestroy
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
GetProcessHeap
InterlockedCompareExchange
LoadLibraryA
IsProcessorFeaturePresent
VirtualFree
VirtualAlloc
InterlockedExchange
GetACP
GetLocaleInfoA
GetThreadLocale
lstrlenW
FlushFileBuffers
CreateFileA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
GetConsoleMode
GetLocalTime
GetLastError
EnumSystemLocalesA
GetUserDefaultLCID
GetStringTypeW
GetStringTypeA
GetLocaleInfoW
LCMapStringW
LCMapStringA
IsValidCodePage
GetOEMCP
GetCPInfo
GetCurrentProcessId
QueryPerformanceCounter
HeapCreate
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetStartupInfoA
GetFileType
SetHandleCount
GetCommandLineA
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetModuleFileNameA
GetStdHandle
ExitProcess
GetModuleHandleA
RtlUnwind
CreateThread
ExitThread
GetSystemTimeAsFileTime
IsDebuggerPresent
SetUnhandledExceptionFilter
TerminateProcess
GetStartupInfoW
GetConsoleCP
OutputDebugStringA
LoadLibraryW
GetModuleFileNameW
SetLastError
GetCurrentThreadId
FlushInstructionCache
GetCurrentProcess
Sleep
GetModuleHandleW
GetProcAddress
FreeLibrary
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
RaiseException
WaitForSingleObject
UnhandledExceptionFilter
VirtualFreeEx
ReadProcessMemory
CloseHandle
VirtualAllocEx
OpenProcess
GetVersionExW
InterlockedIncrement
FindResourceExW
LoadResource
LockResource
SizeofResource
FindResourceW
InterlockedDecrement
GetTickCount
MulDiv
IsValidLocale
MultiByteToWideChar

user32

UnregisterClassA
GetPropW
GetDesktopWindow
SetPropW
DispatchMessageW
TranslateMessage
GetMessageW
BringWindowToTop
SetForegroundWindow
GetWindow
RedrawWindow
WindowFromPoint
PostQuitMessage
SetWindowTextW
CreateDialogParamW
GetClientRect
GetDlgItem
CopyRect
OffsetRect
DrawTextW
SystemParametersInfoW
GetWindowThreadProcessId
GetClassNameW
EnumChildWindows
FindWindowW
LoadImageW
LoadIconW
DestroyIcon
SetWindowRgn
SendMessageW
GetWindowRgn
DrawIconEx
GetMonitorInfoW
MonitorFromPoint
UpdateLayeredWindow
GetParent
TrackMouseEvent
GetDlgCtrlID
GetSystemMetrics
EndPaint
BeginPaint
MoveWindow
PostMessageW
DefWindowProcW
IsWindowVisible
SetWindowPos
GetWindowLongW
SetWindowLongW
UpdateWindow
ShowWindow
CreateWindowExW
RegisterClassExW
GetClassInfoExW
GetKeyState
UnregisterClassW
DestroyWindow
ScreenToClient
LoadCursorW
SetCursor
ReleaseCapture
GetCapture
KillTimer
GetWindowRect
GetCursorPos
SetTimer
InvalidateRect
IsWindow
PtInRect
SetRect
LoadBitmapW
ReleaseDC
GetDC
MapWindowPoints

advapi32

RegCloseKey
RegQueryValueExW
RegOpenKeyExW

shell32

SHGetSpecialFolderPathW
Shell_NotifyIconW
CommandLineToArgvW
SHCreateDirectoryExW

shlwapi

PathFileExistsW

gdi32

GetDeviceCaps
BitBlt
DeleteObject
SetBkMode
SetTextColor
Rectangle
DeleteDC
ExtCreateRegion
CombineRgn
CreateSolidBrush
CreateDIBSection
CreateCompatibleDC
GetObjectW
CreateFontIndirectW
PatBlt
SetBkColor
CreateRectRgn
PtInRegion
CreateFontW
SelectObject

ws2_32

htons
htonl

imm32

ImmDisableIME

Sections

.text
Size: 156KB - Virtual size: 153KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 32KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 8KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 148KB - Virtual size: 148KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

744598c5d3266582aebdfea740a21972

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

shlwapi

gdi32

ws2_32

imm32

Sections

.text Size: 156KB - Virtual size: 153KB

.rdata Size: 32KB - Virtual size: 30KB

.data Size: 8KB - Virtual size: 16KB

.rsrc Size: 148KB - Virtual size: 148KB

.text
Size: 156KB - Virtual size: 153KB

.rdata
Size: 32KB - Virtual size: 30KB

.data
Size: 8KB - Virtual size: 16KB

.rsrc
Size: 148KB - Virtual size: 148KB