1b1a6b29795655434c3ef05b7e9ae17a_JC[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1b1a6b29795655434c3ef05b7e9ae17a_JC.exe
Size

343KB
MD5

1b1a6b29795655434c3ef05b7e9ae17a
SHA1

fd4317c16d6a5074a05ad68f40e2c2460cdad292
SHA256

73fedef313617e8568f4ed8625d6bf3785b6b2738b6c56338db18f88daa27ba1
SHA512

9a092b6ea138c21bea3cf9e0bea091fd69b2aaf1604a902567b726ef9fb38f3c3c6bc506b636e9b6bc7818e17ceea61cf43604e52bcefdab368881299821d892
SSDEEP

6144:SaVKyyzwbnUkoiqwcAR92o29tZTEr6UTdO5CksxCDy9pPbzBHU2ytlu5:g7yUTihRQhE9ONs46pP3BHUbty

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1b1a6b29795655434c3ef05b7e9ae17a_JC.exe

Files

1b1a6b29795655434c3ef05b7e9ae17a_JC.exe
.exe windows:5 windows x86

04436556038016bdc579850c86f036aa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
GetProcAddress
VirtualAlloc
VirtualFree
VirtualProtect

user32

EndPaint

advapi32

RegCloseKey

shell32

ShellExecuteA

ws2_32

WSAStartup

iphlpapi

GetAdaptersInfo

Sections

YHGSDW
Size: - Virtual size: 424KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

YHGSDW
Size: 340KB - Virtual size: 344KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE