45c44eca9f3d83577c76d413259b844549012defe8d31bd0f34924f0d991625c_JC[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

45c44eca9f3d83577c76d413259b844549012defe8d31bd0f34924f0d991625c_JC.exe
Size

912KB
MD5

c5b3f7c9084de3319e54e5557ce6099d
SHA1

3a87e31136d04125d27a49b2ae3fa7842db0f6d1
SHA256

45c44eca9f3d83577c76d413259b844549012defe8d31bd0f34924f0d991625c
SHA512

d88397193a9b63e580230801bbff417e2324811afcfdeabfcbe4599a8e7b9db9ec2817d320f2a71514138bd3142eab93edf35de17043d816fe66508759fa8117
SSDEEP

24576:mnqR6WsL/nUEbZjBCW4V9CNLPWJycq9BPFh14DsO9YAZUA:Z6DDUEHI9++63n14Dh9x

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
45c44eca9f3d83577c76d413259b844549012defe8d31bd0f34924f0d991625c_JC.exe

Files

45c44eca9f3d83577c76d413259b844549012defe8d31bd0f34924f0d991625c_JC.exe
.exe windows:4 windows x86

62016c965c083431836eb161c9bf6f4e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateEventA
CreateDirectoryA
FindClose
CreateThread
FindFirstFileA
CopyFileA
SetFileTime
ReadFile
LocalAlloc
GetFileSize
LocalFree
WriteFile
SetFilePointer
CreateFileA
LockResource
LoadResource
SizeofResource
FindResourceA
DeleteFileA
GetTempPathA
GetTickCount
GetExitCodeThread
SetEndOfFile
LCMapStringW
LCMapStringA
GetStringTypeW
GetStringTypeA
MultiByteToWideChar
FlushFileBuffers
SetStdHandle
IsBadCodePtr
IsBadReadPtr
SetUnhandledExceptionFilter
LoadLibraryA
GetFileType
GetACP
GetCPInfo
IsBadWritePtr
HeapReAlloc
VirtualAlloc
GetLastError
VirtualFree
SetEvent
WaitForSingleObject
GetOEMCP
CloseHandle
TerminateProcess
GetCurrentProcess
SetHandleCount
GetEnvironmentStringsW
GetStdHandle
HeapCreate
HeapDestroy
RtlUnwind
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
UnhandledExceptionFilter
GetModuleFileNameA
HeapAlloc
HeapFree
GetProcAddress
WideCharToMultiByte
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings

user32

SetWindowTextA
LoadIconA
PostMessageA
SendDlgItemMessageA
SetDlgItemTextA
GetDlgItem
UpdateWindow
MessageBoxA
CreateDialogParamA
SendMessageA
PostQuitMessage
DestroyIcon
IsDialogMessageA
TranslateMessage
ShowWindow
GetMessageA
DispatchMessageA

shell32

SHGetMalloc
SHGetPathFromIDListA
ShellExecuteA
SHGetSpecialFolderLocation

comctl32

InitCommonControlsEx

Sections

.text
Size: 56KB - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 840KB - Virtual size: 840KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

62016c965c083431836eb161c9bf6f4e

Headers

File Characteristics

Imports

kernel32

user32

shell32

comctl32

Sections

.text Size: 56KB - Virtual size: 52KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 8KB - Virtual size: 17KB

.rsrc Size: 840KB - Virtual size: 840KB

.text
Size: 56KB - Virtual size: 52KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 8KB - Virtual size: 17KB

.rsrc
Size: 840KB - Virtual size: 840KB