68dbc20b53a77f3c59cf10c6d47398f0_JC[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

68dbc20b53a77f3c59cf10c6d47398f0_JC.exe
Size

365KB
MD5

68dbc20b53a77f3c59cf10c6d47398f0
SHA1

79257e2cb1cbf37270e57bc9babb5116366891f2
SHA256

c9c3a6567e8fbc8c1696c85d7b3b7bf051ca1fff24c214b8e8bffdece927c93e
SHA512

87a16213ece61f7209f1c2b603f6f087c561f00a6f5a668da17a04d1771f87bfd45028a277174c57c7dd1866ed67bfd3601ea804d58924608c6b6df0269b086e
SSDEEP

3072:J+kktHrkoL5A9qqkiz1T+t6Tz/i+k0MmDuk7vJZ18YJ1qowCde1mYKaphB:qLkoL5A9XkG1TC+Pqk7vJcx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
68dbc20b53a77f3c59cf10c6d47398f0_JC.exe

Files

68dbc20b53a77f3c59cf10c6d47398f0_JC.exe
.exe windows:5 windows x86

6cea58b3de67c1821ec4c3cb5a8d3837

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mfc120

ord12057
ord5797
ord3801
ord366
ord1067
ord6729
ord990
ord6226
ord14441
ord6227
ord14442
ord6225
ord14440
ord7848
ord12345
ord14240
ord11802
ord11803
ord1985
ord11847
ord7789
ord12759
ord4039
ord4100
ord9234
ord14366
ord7770
ord14368
ord12355
ord12356
ord2442
ord10211
ord5241
ord8167
ord4537
ord12677
ord12740
ord10264
ord12065
ord8229
ord1463
ord7507
ord8311
ord7771
ord7306
ord8028
ord1521
ord2944
ord4764
ord8308
ord503
ord1139
ord5467
ord4662
ord4682
ord2199
ord6443
ord7971
ord3831
ord6366
ord887
ord1384
ord4826
ord3645
ord3746
ord3646
ord5306
ord13914
ord14009
ord4425
ord13335
ord13267
ord8595
ord3782
ord10867
ord6367
ord3098
ord4167
ord8964
ord2168
ord2256
ord6103
ord501
ord1138
ord4042
ord5466
ord3247
ord997
ord8062
ord1467
ord1502
ord7348
ord11949
ord6096
ord13537
ord2716
ord9048
ord11990
ord1106
ord8878
ord10844
ord11218
ord10302
ord4041
ord458
ord3353
ord3354
ord3117
ord6408
ord3256
ord3253
ord10088
ord8055
ord10118
ord10120
ord10119
ord10117
ord10121
ord5536
ord11546
ord11547
ord8977
ord11907
ord3787
ord11756
ord14361
ord8803
ord6844
ord10831
ord9094
ord3217
ord13658
ord12077
ord12075
ord1706
ord1718
ord1726
ord1722
ord1731
ord4863
ord4904
ord4871
ord4883
ord4879
ord4875
ord4912
ord4900
ord4867
ord4916
ord4889
ord14367
ord14281
ord6745
ord11538
ord13488
ord5814
ord2638
ord11942
ord3890
ord3321
ord3322
ord3216
ord11986
ord5136
ord5433
ord5643
ord9186
ord5409
ord5139
ord5295
ord5119
ord7574
ord7575
ord7565
ord5293
ord8064
ord3765
ord12069
ord12037
ord1061
ord5646
ord10083
ord1656
ord6007
ord6098
ord13541
ord7297
ord2717
ord1524
ord1041
ord9047
ord12038
ord4851
ord4858
ord4893
ord4450
ord5672
ord9528
ord4442
ord3008
ord2478
ord14369
ord316
ord2158
ord1504
ord2365

msvcr120

_setmbcp
_getcwd
_read
_putenv
_fileno
_unlink
_controlfp_s
_invoke_watson
__crtSetUnhandledExceptionFilter
_except_handler4_common
?terminate@@YAXXZ
_commode
_fmode
_acmdln
_initterm
_initterm_e
__setusermatherr
_configthreadlocale
_ismbblead
_cexit
_exit
__set_app_type
__getmainargs
_amsg_exit
__crtGetShowWindowMode
_XcptFilter
__crtTerminateProcess
__crtUnhandledException
_crt_debugger_hook
_onexit
__dllonexit
_calloc_crt
_unlock
_lock
??1type_info@@UAE@XZ
memset
_telli64
_lseeki64
_access
_time64
_localtime64
_ltoa
_atoi64
getenv
atol
atoi
exit
sprintf
printf
_fseeki64
fseek
fprintf
fgets
fflush
feof
fclose
_fsopen
__iob_func
strncpy
strncmp
strncat
tolower
toupper
isdigit
islower
isupper
isalpha
free
__CxxFrameHandler3
_chdir

kernel32

OutputDebugStringW
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
IsProcessorFeaturePresent
IsDebuggerPresent
EncodePointer
WinExec
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
GetLastError
DecodePointer

user32

FillRect
MessageBoxA
GetClientRect
DrawIcon
AppendMenuA
GetSystemMenu
GetSystemMetrics
IsIconic
SendMessageA
EnableWindow
LoadIconW

gdi32

CreateSolidBrush

Sections

.text
Size: 72KB - Virtual size: 72KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 414KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 277KB - Virtual size: 277KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6cea58b3de67c1821ec4c3cb5a8d3837

Headers

DLL Characteristics

File Characteristics

Imports

mfc120

msvcr120

kernel32

user32

gdi32

Sections

.text Size: 72KB - Virtual size: 72KB

.rdata Size: 13KB - Virtual size: 13KB

.data Size: 1024B - Virtual size: 414KB

.rsrc Size: 277KB - Virtual size: 277KB

.text
Size: 72KB - Virtual size: 72KB

.rdata
Size: 13KB - Virtual size: 13KB

.data
Size: 1024B - Virtual size: 414KB

.rsrc
Size: 277KB - Virtual size: 277KB