38c43f8c653a3a799e88c7125a1be94b_JC[.]exe | Triage

Sharing

General

Target

38c43f8c653a3a799e88c7125a1be94b_JC.exe
Size

315KB
MD5

38c43f8c653a3a799e88c7125a1be94b
SHA1

95cfcaa0a7c581bd82966639456318d2ba2ce70a
SHA256

08237fffe86e0d95af97fb97e8c35308d98227a77654be9bad24c9b3535e0cbc
SHA512

25958d3c88b426478b16f730d1c141b01f68fa639b38aee85109a7190a26ed19bb90fb9851489ab6dd9579fb3fe61c4a292edbef08f0887d673139ac0614ee91
SSDEEP

6144:TOAztL6W+JJMPkZ5tJb52Wd83erDPKmjxTz7HbYcPCVYhg+Kc:TOMFwMPkDH/QiPLxvzblu2FKc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
38c43f8c653a3a799e88c7125a1be94b_JC.exe

Files

38c43f8c653a3a799e88c7125a1be94b_JC.exe
.exe windows:5 windows x86

f11f6549e50349d6f9e15c2e49acd8e8

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
GetProcAddress
VirtualAlloc
VirtualFree
VirtualProtect

user32

EndPaint

advapi32

RegCloseKey

shell32

ShellExecuteA

ws2_32

htonl

iphlpapi

GetAdaptersInfo

Sections

OIYTGFRT
Size: - Virtual size: 384KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

OIYTGFRT
Size: 301KB - Virtual size: 304KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE