52d5c7a2500fe307c171263759ee5900exe_JC[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

52d5c7a2500fe307c171263759ee5900exe_JC.exe
Size

824KB
MD5

52d5c7a2500fe307c171263759ee5900
SHA1

738cb53e5d4e8a767196710ccbca980a8b6ec84a
SHA256

f536ce2e2e3e4c6a72cd06dff02d43b21ce4122141188ff63c608e945247fa66
SHA512

39959c5505f2fce77319a719106d2c846531342c450830bf24751246314dfb215933607f7bb9fe400823fe6812f765e226074b689760984db23a2bcbb9e3d698
SSDEEP

12288:TIjTKDLnq3vibf3ji+N1R32PuBF5tYmjJJkAz9eDuUlnYQmRnk8gucnq6:TIjTKDLq3viLjN1kPuBRhJvz9qYDa8fM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
52d5c7a2500fe307c171263759ee5900exe_JC.exe

Files

52d5c7a2500fe307c171263759ee5900exe_JC.exe
.exe windows:4 windows x86

499f77e53a49757f8649c31143c67b3d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetVersion
EnterCriticalSection
GlobalDeleteAtom
GetLastError
GetCommandLineA
GlobalAddAtomA
GetFileAttributesA
GetFullPathNameA
GetModuleFileNameA
GetModuleHandleA
WriteProfileStringA
GetProfileStringA
GetTickCount
GetCurrentThreadId
FindClose
FindNextFileA
FindFirstFileA
GetWindowsDirectoryA
lstrcmpA
LoadLibraryA
FreeLibrary
GetCurrentProcess
GetProcAddress
InitializeCriticalSection
DeleteCriticalSection
CloseHandle
QueryPerformanceFrequency
QueryPerformanceCounter
GetTempPathA
CreateFileA
OutputDebugStringA
WriteFile
OpenProcess
HeapAlloc
GetProcessHeap
HeapFree
GetVersionExA
GlobalFree
GlobalAlloc
WaitForSingleObject
GetExitCodeProcess
CreateProcessA
GetStartupInfoA
MultiByteToWideChar
DeleteFileA
CreateDirectoryA
CopyFileA
GetDiskFreeSpaceA
FlushFileBuffers
QueryDosDeviceA
GetDriveTypeA
lstrcatA
GetLogicalDrives
MoveFileA
Sleep
CompareFileTime
GetFileSize
GetFileTime
OpenFile
GetPrivateProfileStringA
GetPrivateProfileSectionA
WritePrivateProfileStringA
GetCurrentDirectoryA
GetSystemDefaultLangID
SetLastError
GetSystemInfo
LocalFree
FormatMessageA
GetEnvironmentVariableA
GetShortPathNameA
GetSystemDirectoryA
GetLocaleInfoA
GetUserDefaultLangID
CreateThread
ResumeThread
GetExitCodeThread
CreateMutexA
OpenMutexA
ReleaseMutex
CreateEventA
OpenEventA
ResetEvent
SetEvent
PulseEvent
LocalAlloc
InterlockedExchange
RaiseException
GetCurrentThread
lstrcmpiA
GlobalLock
SetThreadPriority
SuspendThread
lstrlenA
lstrcpynA
lstrcpyA
TlsAlloc
GlobalUnlock
GlobalHandle
TlsFree
GlobalReAlloc
TlsSetValue
LocalReAlloc
TlsGetValue
MulDiv
GlobalFlags
InterlockedDecrement
GetPrivateProfileIntA
InterlockedIncrement
WideCharToMultiByte
GlobalFindAtomA
GlobalGetAtomNameA
LeaveCriticalSection
LockResource
LoadResource
FindResourceA
GetProcessVersion
DuplicateHandle
ReadFile
SetFilePointer
LockFile
UnlockFile
SetEndOfFile
GetVolumeInformationA
GetStringTypeExA
GetThreadLocale
LocalFileTimeToFileTime
SystemTimeToFileTime
SetFileTime
SetFileAttributesA
FileTimeToSystemTime
FileTimeToLocalFileTime
LocalUnlock
LocalLock
SetErrorMode
GetCPInfo
GetOEMCP
GetTempFileNameA
SizeofResource
RtlUnwind
GetTimeZoneInformation
GetSystemTime
GetLocalTime
ExitProcess
TerminateProcess
ExitThread
HeapReAlloc
HeapSize
GetACP
SetStdHandle
GetFileType
FatalAppExitA
LCMapStringA
LCMapStringW
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
HeapDestroy
HeapCreate
VirtualFree
GetStringTypeA
GetStringTypeW
VirtualAlloc
IsBadWritePtr
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
IsValidLocale
IsValidCodePage
EnumSystemLocalesA
GetUserDefaultLCID
SetConsoleCtrlHandler
GetLocaleInfoW
CompareStringA
CompareStringW
SetEnvironmentVariableA

ole32

CoInitialize
CoCreateInstance

wininet

FtpRemoveDirectoryA
FtpCreateDirectoryA
InternetCrackUrlA
InternetCanonicalizeUrlA
InternetQueryOptionA
InternetOpenA
InternetCloseHandle
InternetOpenUrlA
InternetSetOptionExA
InternetSetStatusCallback
InternetSetCookieA
InternetGetCookieA
InternetSetFilePointer
InternetWriteFile
InternetReadFile
InternetQueryDataAvailable
InternetConnectA
FtpDeleteFileA
FtpRenameFileA
InternetGetLastResponseInfoA
HttpOpenRequestA
FtpSetCurrentDirectoryA
FtpGetCurrentDirectoryA
FtpOpenFileA
FtpPutFileA
FtpGetFileA
GopherCreateLocatorA
GopherGetAttributeA
GopherOpenFileA
HttpSendRequestExA
InternetErrorDlg
HttpAddRequestHeadersA
HttpSendRequestA
HttpEndRequestA
HttpQueryInfoA
FtpFindFirstFileA
InternetFindNextFileA
GopherFindFirstFileA

Sections

.text
Size: 516KB - Virtual size: 514KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 60KB - Virtual size: 152KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.didat
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 112KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

499f77e53a49757f8649c31143c67b3d

Headers

File Characteristics

Imports

kernel32

ole32

wininet

Sections

.text Size: 516KB - Virtual size: 514KB

.rdata Size: 68KB - Virtual size: 67KB

.data Size: 60KB - Virtual size: 152KB

.idata Size: 8KB - Virtual size: 7KB

.didat Size: 12KB - Virtual size: 11KB

.rsrc Size: 44KB - Virtual size: 43KB

.reloc Size: 112KB - Virtual size: 112KB

.text
Size: 516KB - Virtual size: 514KB

.rdata
Size: 68KB - Virtual size: 67KB

.data
Size: 60KB - Virtual size: 152KB

.idata
Size: 8KB - Virtual size: 7KB

.didat
Size: 12KB - Virtual size: 11KB

.rsrc
Size: 44KB - Virtual size: 43KB

.reloc
Size: 112KB - Virtual size: 112KB