5abb7f303993ec6e3165dbcabd1a1f668ffd0d90bfbf2259f78e596006f7ba29_JC[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5abb7f303993ec6e3165dbcabd1a1f668ffd0d90bfbf2259f78e596006f7ba29_JC.exe
Size

520KB
MD5

7c32e339454b4004b24f03dea493b99b
SHA1

7248167f9a6e2f65cd3fd17a06f81ae92c1255e0
SHA256

5abb7f303993ec6e3165dbcabd1a1f668ffd0d90bfbf2259f78e596006f7ba29
SHA512

884bdcc69ed54ff98fd19bfd429aec95954c7f22e8ed9f9972d0b72dd9e65d3fcc93da4917df42db29d875469b21be54f34949d5727b2779e7be7d1ab1ee09bf
SSDEEP

12288:2pazYUnBT5Fuwy/6ONsZisS/CXPbnkjXj5Lg6vUwryWeU:28zYqhuwY6ONBsSwDkjXjts+Db

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5abb7f303993ec6e3165dbcabd1a1f668ffd0d90bfbf2259f78e596006f7ba29_JC.exe

Files

5abb7f303993ec6e3165dbcabd1a1f668ffd0d90bfbf2259f78e596006f7ba29_JC.exe
.exe windows:5 windows x86

5a7186700e800593eaa3c00276a7d99c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

UrlCanonicalizeA

advapi32

OpenThreadToken

kernel32

LoadLibraryW
SetStdHandle
AllocConsole
SetTimeZoneInformation
Beep
DeleteCriticalSection
GetOEMCP
IsProcessorFeaturePresent
LeaveCriticalSection
MoveFileW
WaitForSingleObject
GetModuleHandleW
TerminateProcess
CreateEventA
GetSystemTimeAsFileTime

oleaut32

GetRecordInfoFromGuids
GetErrorInfo

ole32

CoGetCallerTID

setupapi

SetupDiGetDeviceRegistryPropertyA
SetupDiEnumDeviceInfo
SetupDiGetClassDevsA

msvcrt

memset

user32

GetUpdateRgn
CreateWindowExA
DispatchMessageA
RegisterClassA
SetMenu
DefWindowProcA
GetMessageA
AppendMenuA

Sections

.text
Size: 32KB - Virtual size: 30KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 452KB - Virtual size: 450KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 864B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ