2ba20d331654f88ef70c2ef21177144a_JC[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2ba20d331654f88ef70c2ef21177144a_JC.exe
Size

290KB
MD5

2ba20d331654f88ef70c2ef21177144a
SHA1

a858c4b69510308345e9ab1a9ba2249bb575b396
SHA256

51ad5e982a454280607f74a02021701f8c77acf9d353913d0ab2a166d707497e
SHA512

ceb2d89e14e050c57ec02f12795b772299d7e8cd7037e4f1e6ad3670c3715333ee19f896f853323810b57aa1a658269f3f45c4e2aa3c4d02f5ae8fec1e222d14
SSDEEP

6144:zCKw0+tZvozAx9/dpwwyQHhjqZDq8NjPCjEGpAJiJ/L4Is:2JH0Ze8NzIWez4Is

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2ba20d331654f88ef70c2ef21177144a_JC.exe

Files

2ba20d331654f88ef70c2ef21177144a_JC.exe
.exe windows:5 windows x86

0f8f365fd263ee2eb3ef080790a84df4

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
GetProcAddress
VirtualAlloc
VirtualFree
VirtualProtect

user32

EndPaint

advapi32

RegCloseKey

shell32

ShellExecuteW

ws2_32

WSAStartup

iphlpapi

GetAdaptersInfo

Sections

KOHGGFTR
Size: - Virtual size: 400KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

KOHGGFTR
Size: 288KB - Virtual size: 292KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE