017fd0d4362e62a3f75ea8068720ce72_JC[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

017fd0d4362e62a3f75ea8068720ce72_JC.exe
Size

324KB
MD5

017fd0d4362e62a3f75ea8068720ce72
SHA1

e5888a3e4411d260ed04814a13bfae87d29d685d
SHA256

f6f7d7296bb5a0c4c1b51a2af02cdfa6aa8f7e306ddf3622c0444eb85f5150e9
SHA512

0c953e76f7ce7a91ae96f87fa2c0f939a82bedbc68308487e53965dfcd54266eeb5471ebb56b1d7354c64d7b8fa2fa761ce12bde10315c3f92cd5013e6508dff
SSDEEP

6144:Sey3DpWfqbb1dDiycwEnaKAX7dBVBh48HCmBI4WSz:1y3oYBdDiycPniX7dBhZBI4Wa

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
017fd0d4362e62a3f75ea8068720ce72_JC.exe

Files

017fd0d4362e62a3f75ea8068720ce72_JC.exe
.exe windows:4 windows x86

d960b1f343d837470c072a4e558f2ea6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

SHBrowseForFolder
CommandLineToArgvW

user32

RegisterClassExA
RegisterClassA
CreateWindowExA
IsDlgButtonChecked
CharPrevExA
GetSysColorBrush
ShowWindow
DestroyCursor
CallWindowProcW
MapVirtualKeyW
MessageBoxA

comctl32

DrawInsert
_TrackMouseEvent
CreateStatusWindowA
ImageList_AddMasked
ImageList_GetImageRect
ImageList_Replace
ImageList_Copy
InitCommonControlsEx
ImageList_SetFlags
ImageList_GetFlags

gdi32

SetBrushOrgEx
EnumFontFamiliesW
CreatePolygonRgn
GdiFlush
ResetDCA
PlgBlt
StretchBlt

advapi32

RegCloseKey
CryptGenRandom
CryptDecrypt
CryptSetHashParam

comdlg32

GetFileTitleW
FindTextW
FindTextA

kernel32

GetLocaleInfoA
LCMapStringA
SetStdHandle
HeapSize
CreateMutexA
FreeEnvironmentStringsA
InitializeCriticalSection
ReadFile
LoadLibraryA
GetModuleFileNameW
GetProcessHeap
GetLastError
HeapAlloc
FlushFileBuffers
CompareStringW
CompareStringA
InterlockedExchange
GetConsoleOutputCP
RtlUnwind
GetSystemTimeAsFileTime
MultiByteToWideChar
CreateFileA
InterlockedIncrement
SetLastError
GetCurrentThreadId
GetVersionExA
TlsFree
SetEnvironmentVariableA
SetConsoleCtrlHandler
TlsSetValue
MapViewOfFileEx
QueryPerformanceCounter
DeleteCriticalSection
GetCurrentThread
HeapDestroy
TlsGetValue
UnhandledExceptionFilter
WriteConsoleW
GetStartupInfoA
GetCurrentProcess
GetEnvironmentStringsW
GetModuleFileNameA
ExitProcess
FreeEnvironmentStringsW
GetTimeZoneInformation
SetLocalTime
SetUnhandledExceptionFilter
GetStringTypeA
GetCommandLineW
GetACP
IsValidLocale
GetTickCount
GetTimeFormatA
EnumSystemLocalesA
GetCommandLineA
FindResourceW
GetLocaleInfoW
GetProcAddress
GetUserDefaultLCID
VirtualAlloc
SetFilePointer
VirtualFree
WriteFile
EnterCriticalSection
IsDebuggerPresent
HeapReAlloc
CloseHandle
GetFileType
FreeLibrary
GetEnvironmentStrings
GetCurrentProcessId
TerminateProcess
IsValidCodePage
SetFileAttributesA
GetCPInfo
TlsAlloc
WideCharToMultiByte
SetHandleCount
GetStringTypeW
GetProfileSectionA
WriteConsoleA
GetModuleHandleA
GetStartupInfoW
InterlockedDecrement
VirtualQuery
OpenMutexA
GetStdHandle
GetDateFormatA
GetOEMCP
GetEnvironmentVariableW
GetConsoleCP
HeapFree
LCMapStringW
Sleep
HeapCreate
GetConsoleMode
LeaveCriticalSection

Sections

.text
Size: 198KB - Virtual size: 198KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 22KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 91KB - Virtual size: 91KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d960b1f343d837470c072a4e558f2ea6

Headers

File Characteristics

Imports

shell32

user32

comctl32

gdi32

advapi32

comdlg32

kernel32

Sections

.text Size: 198KB - Virtual size: 198KB

.rdata Size: 22KB - Virtual size: 38KB

.data Size: 91KB - Virtual size: 91KB

.rsrc Size: 10KB - Virtual size: 10KB

.text
Size: 198KB - Virtual size: 198KB

.rdata
Size: 22KB - Virtual size: 38KB

.data
Size: 91KB - Virtual size: 91KB

.rsrc
Size: 10KB - Virtual size: 10KB