40d0894034b1658e7c8048d7121e253f_JC[.]exe | Triage

Sharing

General

Target

40d0894034b1658e7c8048d7121e253f_JC.exe
Size

221KB
MD5

40d0894034b1658e7c8048d7121e253f
SHA1

8405a247c812697f33cbbead0526a67185d17765
SHA256

7f791a7a5d8711cf859050bb42573d84817bc2ed3c271e0ef7529572b11766eb
SHA512

c2c014229ba2f1869f50e27180269d027654337b3ec4b91cbe6f9bbc61852e9950c2b232f61c772b64b84f5c9cc8788d8c76c0e7135b49e9e26497bffabb2ca9
SSDEEP

3072:wMZSE872f0+hkJBeY7YwnUZ8+dC7OKOR7Yn2uYCsnOHPuB6s11mGZGW+:vZSE8UGJwiYwUfWeR7oHYnOW111mFW+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
40d0894034b1658e7c8048d7121e253f_JC.exe

Files

40d0894034b1658e7c8048d7121e253f_JC.exe
.exe windows:4 windows x86

4517235d6f012421e28370dfa4e6f8c4

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_ISOLATION

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
GetProcAddress

ole32

CoInitialize

rpcrt4

RpcMgmtEpUnregister

Sections

.MPRESS1
Size: 165KB - Virtual size: 264KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE