bccc0e647c5e3e37b95018883ad0ef90_JC[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

bccc0e647c5e3e37b95018883ad0ef90_JC.exe
Size

2.7MB
MD5

bccc0e647c5e3e37b95018883ad0ef90
SHA1

f295b5a9ec4ebf9751cbbd05d2fcb04feff3b2cd
SHA256

b6017d2955d3bd5e8390db4f99ef9143444345b28cc834826a4a7ae05c20d63a
SHA512

3b88c1d42ba10c1648401bf8ed7bd78eceb578ac4e315002b12a2b49507cbab5c5a02d38276b5f8129b4dff34b7892041fea124c3057361d5c69ad81f4832e19
SSDEEP

24576:vKZI07b7TDTHMwPLAkvdTWKGtMlrTYPpJejyAVW1x8MYE+xw0JbIFpnQb2uaLHr/:vtZnQbn8HrIaQ0Icq0I+xwztUg6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bccc0e647c5e3e37b95018883ad0ef90_JC.exe

Files

bccc0e647c5e3e37b95018883ad0ef90_JC.exe
.exe windows:5 windows x86

b4181630234c60b7578a2471412b33f2

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

pebwatch

PebWatchIsTargetDevice
PebWatchIsComPort

kernel32

GetFileSize
DuplicateHandle
GetCurrentProcess
GetVolumeInformationW
GetFullPathNameW
CreateFileW
SetErrorMode
GetFileSizeEx
GetFileTime
GetStartupInfoW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetSystemTimeAsFileTime
HeapFree
HeapAlloc
GetCPInfo
GetConsoleCP
GetConsoleMode
RtlUnwind
RaiseException
HeapReAlloc
ExitProcess
ExitThread
HeapSize
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
GetStdHandle
SetEndOfFile
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
SetHandleCount
GetFileType
GetStartupInfoA
HeapCreate
VirtualFree
QueryPerformanceCounter
GetACP
GetOEMCP
IsValidCodePage
GetTimeZoneInformation
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
InitializeCriticalSectionAndSpinCount
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
CreateFileA
GetCurrentDirectoryA
GetDriveTypeA
GetProcessHeap
SetEnvironmentVariableA
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
GetThreadLocale
lstrlenA
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
LocalAlloc
InterlockedIncrement
GlobalFlags
FindFirstFileW
FileTimeToLocalFileTime
FileTimeToSystemTime
FindNextFileW
FindClose
InterlockedDecrement
CreateEventW
SuspendThread
SetEvent
ResumeThread
SetThreadPriority
WritePrivateProfileStringW
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesW
lstrcmpA
GetLocaleInfoW
CompareStringA
InterlockedExchange
FreeResource
GetCurrentThreadId
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
LoadLibraryW
FreeLibrary
CompareStringW
LoadLibraryA
lstrcmpW
GetModuleHandleW
GetVersionExA
FormatMessageW
LocalFree
GetCurrentProcessId
GetModuleFileNameW
MulDiv
GetModuleHandleA
GetProcAddress
GetTickCount
CreateThread
ReleaseMutex
CreateMutexA
SetFileAttributesA
SetLastError
GetLastError
FormatMessageA
lstrlenW
GetFileAttributesW
DeleteFileW
CreateProcessW
WaitForSingleObject
Process32NextW
TerminateProcess
OpenProcess
Process32FirstW
CreateToolhelp32Snapshot
Sleep
WinExec
GetCurrentDirectoryW
CloseHandle
GlobalLock
GlobalAlloc
LoadResource
LockResource
SizeofResource
FindResourceW
GlobalFree
GlobalUnlock
lstrcmpiW
MultiByteToWideChar
GetVersionExW
WideCharToMultiByte
GetModuleFileNameA

user32

UnregisterClassW
RegisterClipboardFormatW
LoadCursorW
GetSysColorBrush
DestroyMenu
SetCursor
GetMessageW
ValidateRect
SetRectEmpty
IsZoomed
GetDesktopWindow
GetActiveWindow
CreateDialogIndirectParamW
GetNextDlgTabItem
EndDialog
SetWindowContextHelpId
MapDialogRect
PostQuitMessage
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
ModifyMenuW
EnableMenuItem
CheckMenuItem
ShowWindow
MoveWindow
SetWindowTextW
IsDialogMessageW
RegisterWindowMessageW
SendDlgItemMessageW
SendDlgItemMessageA
WinHelpW
IsChild
GetCapture
SetWindowsHookExW
CallNextHookEx
GetClassLongW
GetClassNameW
SetPropW
CharUpperW
RemovePropW
GetFocus
SetFocus
GetWindowTextLengthW
GetWindowTextW
GetForegroundWindow
SetActiveWindow
BeginDeferWindowPos
EndDeferWindowPos
GetDlgItem
GetTopWindow
DestroyWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
MapWindowPoints
TrackPopupMenu
GetKeyState
SetMenu
IsWindowVisible
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
AdjustWindowRectEx
DeferWindowPos
CopyRect
PtInRect
GetDlgCtrlID
DefWindowProcW
CallWindowProcW
GetMenu
SetWindowLongW
SetWindowPos
OffsetRect
IntersectRect
SystemParametersInfoA
GetWindowPlacement
GetWindow
GetMenuState
GetMenuItemID
GetMenuItemCount
SetCapture
MessageBeep
GetWindowThreadProcessId
GetWindowLongW
GetNextDlgGroupItem
InvalidateRgn
SetRect
IsRectEmpty
CopyAcceleratorTableW
CharNextW
ReleaseCapture
GetPropW
EqualRect
EnableWindow
GetClientRect
GetParent
GetWindowRect
InvalidateRect
IsWindow
SendMessageW
TabbedTextOutW
DrawTextW
DrawTextExW
GrayStringW
FindWindowW
SetForegroundWindow
LoadImageW
LoadIconW
SetTimer
PostThreadMessageW
KillTimer
PostMessageW
UpdateWindow
IsIconic
GetSystemMetrics
DrawIcon
GetCursorPos
LoadMenuW
GetSubMenu
PeekMessageW
TranslateMessage
DispatchMessageW
CloseWindow
ScreenToClient
ClientToScreen
GetDC
GetLastActivePopup
IsWindowEnabled
MessageBoxW
GetSysColor
EndPaint
BeginPaint
GetWindowDC
ReleaseDC
WindowFromPoint

gdi32

GetDeviceCaps
GetTextMetricsW
GetStockObject
CreateRectRgnIndirect
GetMapMode
GetBkColor
GetTextColor
GetRgnBox
CreateBitmap
DeleteDC
ExtSelectClipRgn
ScaleWindowExtEx
SetWindowExtEx
SetWindowOrgEx
ScaleViewportExtEx
BitBlt
CreateCompatibleBitmap
GetTextExtentPoint32W
CreateCompatibleDC
OffsetViewportOrgEx
SetViewportOrgEx
GetWindowExtEx
GetViewportExtEx
GetObjectW
DeleteObject
IntersectClipRect
ExcludeClipRect
GetClipBox
SetMapMode
SetTextColor
SetBkMode
SetBkColor
RestoreDC
SaveDC
CreateSolidBrush
SelectObject
Escape
ExtTextOutW
TextOutW
RectVisible
PtVisible
SetViewportExtEx

comdlg32

GetFileTitleW

winspool.drv

DocumentPropertiesW
ClosePrinter
OpenPrinterW

advapi32

RegSetValueExW
RegOpenKeyW
RegQueryValueW
RegEnumKeyW
RegDeleteKeyW
RegQueryValueExW
RegCreateKeyExW
RegCloseKey
RegOpenKeyExW

shell32

SHGetSpecialFolderPathW
ShellExecuteW
Shell_NotifyIconW

comctl32

_TrackMouseEvent
InitCommonControlsEx

shlwapi

PathFindFileNameW
PathStripToRootW
PathIsUNCW
PathFindExtensionW

oledlg

OleUIBusyW

ole32

CoTaskMemFree
CreateStreamOnHGlobal
CoRegisterMessageFilter
OleFlushClipboard
CoTaskMemAlloc
CLSIDFromProgID
CLSIDFromString
CoGetClassObject
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
OleUninitialize
CoFreeUnusedLibraries
OleInitialize
CoRevokeClassObject
OleIsCurrentClipboard

oleaut32

SysFreeString
SysAllocStringLen
VariantClear
VariantChangeType
VariantInit
VariantCopy
SafeArrayDestroy
VariantTimeToSystemTime
SystemTimeToVariantTime
OleCreateFontIndirect
SysAllocString
SysStringLen

gdiplus

GdiplusStartup
GdipDisposeImage
GdipCloneImage
GdipCreateBitmapFromStream
GdipCreateFromHDC
GdipDeleteGraphics
GdipDrawImageRectI
GdipCreateImageAttributes
GdipDisposeImageAttributes
GdipSetImageAttributesColorMatrix
GdipGetImageWidth
GdipGetImageHeight
GdipDrawImageRectRect
GdiplusShutdown

setupapi

SetupDiGetDeviceRegistryPropertyW
SetupDiGetClassDevsW
SetupDiGetDeviceInterfaceDetailW
SetupDiEnumDeviceInterfaces

ws2_32

inet_addr
select
WSAGetLastError
htons
shutdown
setsockopt
sendto
ntohl
recv
socket
__WSAFDIsSet
closesocket
gethostbyname
send
getsockopt
accept
recvfrom
WSAStartup
ioctlsocket
connect

Sections

.text
Size: 534KB - Virtual size: 533KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 101KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 14KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2.0MB - Virtual size: 2.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 54KB - Virtual size: 53KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b4181630234c60b7578a2471412b33f2

Headers

DLL Characteristics

File Characteristics

Imports

pebwatch

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

gdiplus

setupapi

ws2_32

Sections

.text Size: 534KB - Virtual size: 533KB

.rdata Size: 101KB - Virtual size: 100KB

.data Size: 14KB - Virtual size: 30KB

.rsrc Size: 2.0MB - Virtual size: 2.0MB

.reloc Size: 54KB - Virtual size: 53KB

.text
Size: 534KB - Virtual size: 533KB

.rdata
Size: 101KB - Virtual size: 100KB

.data
Size: 14KB - Virtual size: 30KB

.rsrc
Size: 2.0MB - Virtual size: 2.0MB

.reloc
Size: 54KB - Virtual size: 53KB