1081bf3c40aba19ced51d6a075e0b380_JC[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

1081bf3c40aba19ced51d6a075e0b380_JC.exe
Size

716KB
MD5

1081bf3c40aba19ced51d6a075e0b380
SHA1

a3f1abb1eb71475fc65efe08988e4b795df1ff69
SHA256

682c7c3df9a428f9776b35a8c44b93c67374378087336520a44aba53165ee6cc
SHA512

e12f2fa9684222c86dd345f13494dc3876262e5c6ad0cfa189e4dbfc8aa30def144a04d510d3b98cca482fd665c8281e57b80fc0c440f8957dd6a737da00e22d
SSDEEP

6144:FlYXwhXH+tLoh8skk1osMC9KAv9E1ycvVVEbC3Do:FHCoWskk1HM8v9Sv7n30

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1081bf3c40aba19ced51d6a075e0b380_JC.exe

Files

1081bf3c40aba19ced51d6a075e0b380_JC.exe
.exe windows:5 windows x86

d04c0492fb4db80e54e10961a250f533

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_AGGRESIVE_WS_TRIM
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WideCharToMultiByte
MultiByteToWideChar
GetCurrentProcess
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
InterlockedIncrement
VirtualQuery
GetModuleFileNameA
GetModuleFileNameW
GetModuleHandleW
lstrcmpiA
InterlockedCompareExchange
InterlockedExchange
FreeLibrary
LoadLibraryW
ExpandEnvironmentStringsW
GetFullPathNameW
GetDriveTypeW
SearchPathW
lstrlenW
OutputDebugStringW
GetCommandLineA
HeapReAlloc
HeapAlloc
HeapFree
RaiseException
ExitProcess
InterlockedDecrement
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
GetTickCount
GetCurrentThreadId
GetSystemTimeAsFileTime
LeaveCriticalSection
EnterCriticalSection
VirtualAlloc
OutputDebugStringA
RtlUnwind
WriteFile
GetACP
GetOEMCP
HeapSize
LoadLibraryExA
InitializeCriticalSection
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
VirtualProtect
SetFilePointer
GetConsoleCP
GetConsoleMode
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA
CloseHandle
FlushFileBuffers
Sleep
GetProcAddress
GetLastError
SetLastError
GetModuleHandleA
GetVersionExW
GetVersionExA
QueryPerformanceCounter
GetCurrentProcessId
GetSystemInfo
FindFirstChangeNotificationA

advapi32

GetTraceLoggerHandle
GetTraceEnableFlags
GetTraceEnableLevel
UnregisterTraceGuids
TraceEvent
RegQueryValueExW
RegCloseKey
RegOpenKeyExW
RegisterTraceGuidsW

crypt32

CryptFindCertificateKeyProvInfo

rtm

RtmGetAddressFamilyInfo

Sections

CODE
Size: 34KB - Virtual size: 34KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 652KB - Virtual size: 651KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d04c0492fb4db80e54e10961a250f533

Headers

File Characteristics

Imports

kernel32

advapi32

crypt32

rtm

Sections

CODE Size: 34KB - Virtual size: 34KB

.data Size: 20KB - Virtual size: 43KB

.rdata Size: 652KB - Virtual size: 651KB

.reloc Size: 5KB - Virtual size: 5KB

CODE
Size: 34KB - Virtual size: 34KB

.data
Size: 20KB - Virtual size: 43KB

.rdata
Size: 652KB - Virtual size: 651KB

.reloc
Size: 5KB - Virtual size: 5KB