Static task
static1
Behavioral task
behavioral1
Sample
a3344cddb1b1be8a1890d28d56d14900exe_JC.exe
Resource
win7-20230831-en
Behavioral task
behavioral2
Sample
a3344cddb1b1be8a1890d28d56d14900exe_JC.exe
Resource
win10v2004-20230915-en
General
-
Target
a3344cddb1b1be8a1890d28d56d14900exe_JC.exe
-
Size
62KB
-
MD5
a3344cddb1b1be8a1890d28d56d14900
-
SHA1
8e969f1c3650ecc6c43e9dbc84c557d08482ce0b
-
SHA256
4d52bb65b20e7609f816af1587d8c88b184bff1e6d866287da00f2ee3b3a16da
-
SHA512
dd54d946da38b38cc0e8549fff3cfab458123d57db4ef34d8a1f3cc9cd0aa15ec8f73ba58e77de7cb3e66001d3edf4f37613a11ea688a1789e187802baf2fd37
-
SSDEEP
1536:DYbgj8mDJCSlDdw6HAFDMo1hOwhLmtPbSipXg3u:jj7CKi6HYD/hLeDRpQe
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource a3344cddb1b1be8a1890d28d56d14900exe_JC.exe
Files
-
a3344cddb1b1be8a1890d28d56d14900exe_JC.exe.exe windows:4 windows x86
692267f3ea7110997de9e8d5fa3902a0
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
ReadProcessMemory
GetCPInfo
GetWindowsDirectoryW
GetShortPathNameA
GetTapePosition
InterlockedIncrement
GetThreadTimes
GetProcAddress
GetConsoleAliasW
Process32First
GetVolumePathNamesForVolumeNameA
Sections
.text Size: 13KB - Virtual size: 13KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
rdata Size: - Virtual size: 64KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.data Size: 47KB - Virtual size: 66KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE