20283e9b8b36e8251ab558fcb2df66cbe54dc36a7ded7a3dd33425eaab2a2222_JC[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

20283e9b8b36e8251ab558fcb2df66cbe54dc36a7ded7a3dd33425eaab2a2222_JC.exe
Size

3.9MB
MD5

b315238fea583211a25a8afff1794557
SHA1

343539eafc6a7c0cba7c4415d6a49afa62b96725
SHA256

20283e9b8b36e8251ab558fcb2df66cbe54dc36a7ded7a3dd33425eaab2a2222
SHA512

5a7e5902bcfbdc77fe026b19b2d7585f4dd34861df5a40c630a04b098bdbb1d878cbbbb547396aa80ed17bbb8ed3eee026e76c10269fec4bbee03576a3a16691
SSDEEP

98304:FYj+sSidhW9GIEskhnYrofn2d46QeWMGsQ1W0XJOE:VrmY8f2C9eB3KW0XJOE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
20283e9b8b36e8251ab558fcb2df66cbe54dc36a7ded7a3dd33425eaab2a2222_JC.exe

Files

20283e9b8b36e8251ab558fcb2df66cbe54dc36a7ded7a3dd33425eaab2a2222_JC.exe
.exe windows:4 windows x86

32c5de998b5f069b26c94c8143b13c06

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

msvcrt

strncpy

iphlpapi

GetInterfaceInfo

psapi

GetMappedFileNameW

kernel32

GetModuleFileNameW

user32

GetWindow

advapi32

RegDeleteKeyA

shell32

SHGetFolderPathW

Sections

.text
Size: 3.2MB - Virtual size: 3.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sedata
Size: 741KB - Virtual size: 744KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sedata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ