4410a5e10e9552894991e694074c6d00_JC[.]exe | Triage

Sharing

General

Target

4410a5e10e9552894991e694074c6d00_JC.exe
Size

333KB
MD5

4410a5e10e9552894991e694074c6d00
SHA1

4331706357276fc33965494e1100792a0eeb796b
SHA256

a16a68812c916b28777daf96a82fcff7f33d5c5c94027be27ed4c12b0ccc83c7
SHA512

25ce99eb05c77ce3e669de6048ce3e7d7aef2a32f6f03e42a1188eb9980e0a68432ce8b77a34dbf3576795ac73127d7513f96d5666b72165c723d126980b9299
SSDEEP

6144:asgDYs7ivUxR3JyVVVhmb9ObGT4F53eRFM/O17x0M7unOuO5Lvxk3:asgESlJyrTI9O8aYR717x0M7/G

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4410a5e10e9552894991e694074c6d00_JC.exe

Files

4410a5e10e9552894991e694074c6d00_JC.exe
.exe windows:5 windows x86

a47ce5d99cbb64369bb7347a4fefab1a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
GetProcAddress

user32

GetDC

advapi32

RegCloseKey

shell32

ShellExecuteA

ws2_32

gethostbyaddr

iphlpapi

GetAdaptersInfo

wtsapi32

WTSRegisterSessionNotification

oleacc

LresultFromObject

gdi32

SaveDC

winspool.drv

OpenPrinterW

oleaut32

VariantClear

Sections

.MPRESS1
Size: 280KB - Virtual size: 568KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE