Static task
static1
Behavioral task
behavioral1
Sample
790b64a5860a5069fedcb660efdffce2b5ab2195086100a6079697b662f0c198_JC.exe
Resource
win7-20230831-en
Behavioral task
behavioral2
Sample
790b64a5860a5069fedcb660efdffce2b5ab2195086100a6079697b662f0c198_JC.exe
Resource
win10v2004-20230915-en
General
-
Target
790b64a5860a5069fedcb660efdffce2b5ab2195086100a6079697b662f0c198_JC.exe
-
Size
570KB
-
MD5
9bb98f2989a73a1e3d8d490669462422
-
SHA1
480b65fe568acd420dacd4b935529f2505e94151
-
SHA256
790b64a5860a5069fedcb660efdffce2b5ab2195086100a6079697b662f0c198
-
SHA512
f84fe96c065c214d3ae623d81da9e0aacc0fdfb3751baa02505b4348d89e6c4a6d29703e579aef5f48ddbb1956c154e228b2337657b135b0a973cc9907e1651e
-
SSDEEP
12288:MTQp8eHRevUGXTYJ0M8SbYrAwhLtaczsQc0TwmqyAAJtT:cc82RGFj80pwY5aczXTNqyz
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource 790b64a5860a5069fedcb660efdffce2b5ab2195086100a6079697b662f0c198_JC.exe
Files
-
790b64a5860a5069fedcb660efdffce2b5ab2195086100a6079697b662f0c198_JC.exe.exe windows:4 windows x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 568KB - Virtual size: 567KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ