9240668dc43382c64fec4dccb180e800exe_JC[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

9240668dc43382c64fec4dccb180e800exe_JC.exe
Size

779KB
MD5

9240668dc43382c64fec4dccb180e800
SHA1

0ba3afd858a6adfda361c72327f1307fa3469785
SHA256

a7060d36c599001822afae090fb9d7b395807591e0edf36946c88211387a941a
SHA512

33245270a6974b4476e5b7980e0f0ed0850051a9731218f063b5b5f374d3482c3ac2e5b9581b7f53ca94626762021ace5122228c08cca7e23ddbb4eb28a9c78d
SSDEEP

6144:AX/794tcirUsz7+smmuofY6A+72P8E/NdI1ieyb:sOt7rB/AAKoQfI1e

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9240668dc43382c64fec4dccb180e800exe_JC.exe

Files

9240668dc43382c64fec4dccb180e800exe_JC.exe
.exe windows:4 windows x86

c930c798d3ec384eb7545b5f3c358e2a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_XcptFilter
malloc
free
_amsg_exit
_initterm
wcschr
_wcsicmp
memset

advapi32

RegOpenKeyExW
RegCloseKey
RegQueryValueExW

kernel32

GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
CloseHandle
GetCurrentProcess
DeviceIoControl
lstrcmpiW
InterlockedIncrement
GetVersionExW
HeapFree
GetProcessHeap
SetLastError
GetLastError
HeapAlloc
CompareStringW
DelayLoadFailureHook
GetProcAddress
FreeLibrary
InterlockedCompareExchange
LoadLibraryExA
InterlockedExchange
Sleep
QueryPerformanceCounter
GetTickCount
VirtualAllocEx
SetCurrentDirectoryA
GlobalAlloc

mprapi

MprAdminMIBServerConnect
MprConfigGetGuidName
MprConfigInterfaceEnum
MprConfigGetFriendlyName
MprAdminInterfaceConnect
MprAdminInterfaceDisconnect
MprAdminServerConnect
MprAdminIsServiceRunning
MprConfigServerConnect
MprAdminMIBServerDisconnect
MprAdminServerDisconnect
MprConfigServerDisconnect
MprConfigBufferFree
MprConfigInterfaceGetInfo
MprConfigInterfaceGetHandle
MprAdminInterfaceSetInfo
MprAdminInterfaceGetInfo
MprAdminInterfaceGetHandle
MprConfigInterfaceSetInfo
MprAdminBufferFree

ntdll

RtlNtStatusToDosError
RtlInitUnicodeString
RtlGUIDFromString
NtOpenFile

ole32

CoTaskMemFree
CoSetProxyBlanket
CoCreateInstance
CoInitialize
CoUninitialize

rpcrt4

UuidFromStringW

setupapi

SetupDiEnumDeviceInfo
SetupDiSetClassInstallParamsW
SetupDiOpenDevRegKey
CM_Get_DevNode_Status_Ex
SetupDiDestroyDeviceInfoList
SetupDiChangeState
SetupDiGetClassDevsW

iphlpapi

NhGetInterfaceNameFromGuid

user32

LoadStringA

imm32

ImmSendIMEMessageExW

gdi32

CreateSolidBrush

Sections

.text
Size: 66KB - Virtual size: 65KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 650KB - Virtual size: 650KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 48KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c930c798d3ec384eb7545b5f3c358e2a

Headers

File Characteristics

Imports

msvcrt

advapi32

kernel32

mprapi

ntdll

ole32

rpcrt4

setupapi

iphlpapi

user32

imm32

gdi32

Sections

.text Size: 66KB - Virtual size: 65KB

.rdata Size: 650KB - Virtual size: 650KB

.data Size: 48KB - Virtual size: 57KB

.rsrc Size: 3KB - Virtual size: 3KB

.reloc Size: 6KB - Virtual size: 6KB

.text
Size: 66KB - Virtual size: 65KB

.rdata
Size: 650KB - Virtual size: 650KB

.data
Size: 48KB - Virtual size: 57KB

.rsrc
Size: 3KB - Virtual size: 3KB

.reloc
Size: 6KB - Virtual size: 6KB