cf6704b59dc92519a6e62cc3e80bdfe0exe_JC[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

cf6704b59dc92519a6e62cc3e80bdfe0exe_JC.exe
Size

67KB
MD5

cf6704b59dc92519a6e62cc3e80bdfe0
SHA1

3fd3a0714dfdf65f68ca6b93d28036f98023b9cd
SHA256

35c1b0fde64fe9ac0ab8146141b58c02174a98b201464bda8db057942c7cdb16
SHA512

38c354d485e8aaef5ee313210ff2358821aa71f9cd52643ef243570f847f15cc988d8eea8a4cf14dc776d6c6190f43e28c1a29b48eed1ce072eb95bb85558a95
SSDEEP

1536:3Ps1iJDkzI3TXik9dHVAYJSYw4fDuUsh646EwqO8K:301iJDkUSk9d1A+SYwgDu38tEhK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cf6704b59dc92519a6e62cc3e80bdfe0exe_JC.exe

Files

cf6704b59dc92519a6e62cc3e80bdfe0exe_JC.exe
.exe windows:4 windows x86

ba7cda14182f3be96c7ab1a624b84876

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapWalk
GenerateConsoleCtrlEvent
SwitchToFiber
GetConsoleFontSize
DeleteFileA
CreateEventW
GetNlsSectionName
CreateActCtxA
CreateFileA
FoldStringW
LocalHandle
VerLanguageNameA

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 52KB - Virtual size: 98KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE