91ba0cafa021445bd9a5de50c58cc5d0exe_JC[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

91ba0cafa021445bd9a5de50c58cc5d0exe_JC.exe
Size

610KB
MD5

91ba0cafa021445bd9a5de50c58cc5d0
SHA1

c7423a48dfa49efbac66af1a549fbc3ba00b08d1
SHA256

f15996508cd0134c2fecfc754ae5a7c4f97cbd49c482c5306b225683edf0a429
SHA512

f136d3987d754895dd93c255e086c481268e42a66075a4c10e114e6c332b52ac5a35e191c0be3aae27db79f8b06f4918691c244321e17f0b870349993e2d7400
SSDEEP

12288:/9CB58nPacZ3nzTo7Ly5b+/W/Gz4Nb1+Nu59vSFb4fbYl9E5eKggGUqNf:/9o4RzOGR04Nb1+NuPSFbMCqeAGU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
91ba0cafa021445bd9a5de50c58cc5d0exe_JC.exe

Files

91ba0cafa021445bd9a5de50c58cc5d0exe_JC.exe
.exe windows:4 windows x86

140dd2a7e3aa24a5743449dfc00df5be

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalLock
GetTempPathA
LeaveCriticalSection
GetCPInfo
SignalObjectAndWait
CreateMutexA
GetSystemDirectoryW
FindClose
Sleep
FileTimeToDosDateTime
GetDateFormatW
LocalAlloc
SetFilePointer
GetDiskFreeSpaceW
GetThreadPriority
ExitThread
GetPrivateProfileStringW
lstrcpyW
GetModuleHandleA
AddAtomA
GetProcAddress
GetACP
HeapCreate
HeapDestroy
LoadLibraryW
GetTickCount
HeapFree
QueryPerformanceCounter
LoadLibraryExW
GetModuleFileNameW
GetLastError
lstrcpynW
OutputDebugStringW
RtlUnwind
GetThreadContext
GetModuleFileNameA
ReadProcessMemory
EnterCriticalSection
FormatMessageW
SetErrorMode
CreateDirectoryA
GetFileAttributesW
SetFileAttributesA
GlobalHandle
GetFileType
EnumCalendarInfoW
CreateThread
MoveFileW
InterlockedCompareExchange
GlobalAlloc
QueryPerformanceFrequency
GetSystemInfo
FlushInstructionCache
DeleteFileA
ResetEvent
SetFileAttributesW
GetLogicalDriveStringsW
FileTimeToSystemTime
GetCurrentThread
SwitchToThread
GetCommandLineW
FindFirstFileA
InterlockedExchange
GetThreadLocale
GetComputerNameW
SetEvent
HeapAlloc
GetCurrentProcessId
GetLocaleInfoW
GetFileSize
WaitForSingleObject
GetLocaleInfoA
LocalFree
VirtualAlloc
GetCurrentThreadId
GetFileTime
DuplicateHandle
DeleteFileW
FindNextFileA
GetCurrentProcess
DeleteCriticalSection
GetFileAttributesA
InitializeCriticalSection
GlobalUnlock
GetComputerNameA
WritePrivateProfileStringW
OpenProcess
GlobalMemoryStatus
lstrcmpA
ResumeThread
MultiByteToWideChar
GetModuleHandleW
InterlockedIncrement
SuspendThread
CreateDirectoryW
TlsSetValue
FindNextFileW
ReleaseMutex
lstrcmpW
GetStdHandle
MulDiv
CreateMutexW
TlsGetValue
VirtualQuery
VirtualFree
GlobalFree
WideCharToMultiByte
GetDiskFreeSpaceA
GetExitCodeThread
CloseHandle
GetVersionExA
GetPriorityClass
GetVersion
FileTimeToLocalFileTime
Beep
FormatMessageA

user32

SetWindowLongW
SetWindowLongA
LoadKeyboardLayoutW
GetCursorPos
CheckMenuItem
InsertMenuW
CharLowerW
EnableWindow
MapVirtualKeyW
SetCapture
MsgWaitForMultipleObjects
MessageBoxW
EnableScrollBar
GetMenuItemCount
LoadCursorW
InflateRect
DrawIcon
OffsetRect
GetKeyboardType
GetKeyboardLayout
GetClassNameA
CharUpperBuffW
MessageBoxA
GetActiveWindow
WaitMessage
RedrawWindow
SetFocus
BeginPaint
ShowScrollBar
GetIconInfo
SetTimer
DestroyCursor
SystemParametersInfoW
GetMenuState
PostThreadMessageW
DrawTextA
PeekMessageA
GetMenuItemInfoW
TranslateMessage
RemoveMenu
DispatchMessageW
CallWindowProcW
DestroyMenu
EndPaint
GetSysColorBrush
RegisterClassW
GetMessageA
OpenClipboard
PostThreadMessageA
GetMenuItemID
GetMenuStringW
GetSysColor
MsgWaitForMultipleObjectsEx
GetScrollRange
GetScrollPos
SetWindowsHookExW
CreatePopupMenu
SetClipboardData
DefMDIChildProcW
LoadBitmapW
GetKeyboardState
ReleaseCapture
DrawIconEx
ActivateKeyboardLayout
KillTimer
UnregisterClassW
LoadStringW
DeleteMenu
RemovePropW
SetActiveWindow
RegisterClipboardFormatW
CreateMenu
GetDCEx
GetSubMenu
DefWindowProcA
CallNextHookEx
CloseClipboard
UpdateWindow
GetMessagePos
SendMessageTimeoutA
PostMessageA
DefWindowProcW
MapWindowPoints
SetPropW
PostMessageW
AttachThreadInput
UnhookWindowsHookEx
GetKeyboardLayoutList
DispatchMessageA
DrawEdge
GetDC
ScrollWindow
SetMenu
DefFrameProcW
GetMessageW
IsDialogMessageA
ScreenToClient
LoadIconW
RegisterWindowMessageW
SetCursor
FrameRect
CharLowerBuffW
TrackPopupMenu
ReleaseDC
PeekMessageW
GetFocus
GetClipboardData
DestroyIcon
IsDialogMessageW
SetClassLongW
ClientToScreen
TranslateMDISysAccel
SetMenuItemInfoW
LoadImageA
SetRect
MessageBeep
DrawFrameControl
InsertMenuItemW
GetMenu
GetSystemMenu
PostQuitMessage
CharNextW
GetCursor
DrawFocusRect
SendMessageA
GetPropW

gdi32

SaveDC
UnrealizeObject
GetDCOrgEx
GetBitmapBits
SelectClipRgn
SetBkColor
GetPixel
CheckColorsInGamut
GetDeviceCaps
CreateBrushIndirect
GdiFlush
PlayEnhMetaFile
GetCurrentObject
GetTextFaceA
GetSystemPaletteEntries
DeleteObject
CombineRgn
SetBrushOrgEx
GetTextExtentPoint32W
GetStockObject
GetRgnBox
CreateDCW
GetTextMetricsW
GetTextExtentPoint32A
TextOutA
RectVisible
GetBrushOrgEx
SetDIBColorTable
SelectPalette
MaskBlt
SetMapMode
SetStretchBltMode
BitBlt
StretchBlt
GetDIBits
ResizePalette
SetWinMetaFileBits
MoveToEx
IntersectClipRect
FrameRgn
SetViewportOrgEx
RealizePalette
GetPaletteEntries
PatBlt
GetClipBox
SetEnhMetaFileBits
CreateHalftonePalette
CreateBitmap
DeleteDC
DeleteEnhMetaFile
StartDocA
GetDIBColorTable
CreateFontIndirectW
LineTo
SetROP2
Rectangle
EndDoc
ExtTextOutW
GetNearestPaletteIndex
CreateCompatibleDC
CreateDIBitmap
CreateCompatibleBitmap
CreateDIBSection
GetCurrentPositionEx
GetWinMetaFileBits
CreateSolidBrush
SetTextColor
GetObjectType
CreateRectRgnIndirect
SelectObject
SetWindowOrgEx
EndPage
SetPixel
CreateFontW
StretchDIBits
GetObjectW
RestoreDC
ExcludeClipRect
CreateRoundRectRgn
CreatePenIndirect
CreateFontA
CreateRectRgn
CreatePen
StartPage
SetBkMode
CreatePalette

advapi32

RegCreateKeyExA
RegDeleteValueA
GetUserNameA
RegCloseKey
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
RegOpenKeyExW
RegSetValueExA
GetUserNameW
RegFlushKey
RegQueryValueExW
RegEnumKeyA
RegQueryInfoKeyW
AllocateAndInitializeSid
RegCreateKeyExW
RegOpenKeyExA
RegQueryValueExA
FreeSid

shell32

SHGetSpecialFolderPathW
SHGetSpecialFolderLocation
SHGetPathFromIDListA
ShellExecuteExA
ShellExecuteA
SHGetMalloc
Shell_NotifyIconW
ShellExecuteExW

ole32

OleUninitialize
CoTaskMemAlloc
CoInitialize
CoCreateInstance
CoUninitialize
OleInitialize

oleaut32

SafeArrayPtrOfIndex
SafeArrayGetLBound
VariantClear
SysReAllocStringLen
SysAllocStringLen
VariantChangeType
GetErrorInfo
VariantInit
VariantCopy
SetErrorInfo
SysFreeString
CreateErrorInfo
SafeArrayGetUBound
SafeArrayCreate

comctl32

InitializeFlatSB
FlatSB_SetScrollProp
FlatSB_GetScrollInfo
ImageList_DragMove
ImageList_SetIconSize
FlatSB_GetScrollPos
ImageList_BeginDrag
ImageList_GetDragImage
ImageList_GetImageCount
ImageList_Write
ImageList_Remove
ImageList_DrawEx
ImageList_Create
ImageList_DragEnter
ImageList_GetBkColor
_TrackMouseEvent
ImageList_DragLeave
ImageList_DragShowNolock
ImageList_Add
ImageList_SetBkColor
FlatSB_SetScrollPos
ImageList_EndDrag
ImageList_Destroy
FlatSB_SetScrollInfo
ImageList_SetImageCount
ImageList_GetIconSize
ord17
ImageList_Draw
ImageList_Read
ImageList_Replace

winmm

PlaySoundA

msimg32

TransparentBlt
AlphaBlend

version

VerQueryValueW
GetFileVersionInfoSizeA
GetFileVersionInfoSizeW
GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoW

wsock32

htons
socket
recvfrom
ioctlsocket
bind
sendto
recv
setsockopt
send
select
gethostbyname
closesocket
connect
WSAStartup
WSACleanup

msvcrt

_controlfp
strlen
fputs
fprintf
__set_app_type
__CxxFrameHandler
isspace
free
calloc
atoi
_exit
isalnum
isalpha
exit
wcslen
memcpy
memcmp
memmove
__getmainargs
__p___initenv
_isatty
??1type_info@@UAE@XZ
_except_handler3
_XcptFilter
__setusermatherr
fclose
_fileno
malloc
wcsncmp
_adjust_fdiv
?terminate@@YAXXZ
_beginthreadex
__p__commode
_onexit
fflush
memset
__p__fmode
_CxxThrowException
_purecall
_initterm
fputc
__dllonexit
_iob
fgetc

Sections

.text
Size: 178KB - Virtual size: 178KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.g1wx
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 88KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 265KB - Virtual size: 268KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 39KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

140dd2a7e3aa24a5743449dfc00df5be

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

comctl32

winmm

msimg32

version

wsock32

msvcrt

Sections

.text Size: 178KB - Virtual size: 178KB

.g1wx Size: 23KB - Virtual size: 22KB

.rdata Size: 88KB - Virtual size: 88KB

.data Size: 265KB - Virtual size: 268KB

.CRT Size: 512B - Virtual size: 8B

.tls Size: 512B - Virtual size: 9B

.rsrc Size: 39KB - Virtual size: 39KB

.reloc Size: 14KB - Virtual size: 13KB

.text
Size: 178KB - Virtual size: 178KB

.g1wx
Size: 23KB - Virtual size: 22KB

.rdata
Size: 88KB - Virtual size: 88KB

.data
Size: 265KB - Virtual size: 268KB

.CRT
Size: 512B - Virtual size: 8B

.tls
Size: 512B - Virtual size: 9B

.rsrc
Size: 39KB - Virtual size: 39KB

.reloc
Size: 14KB - Virtual size: 13KB