ff331ea7bbf32ca6b5d868575c0e6d10exe_JC[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

ff331ea7bbf32ca6b5d868575c0e6d10exe_JC.exe
Size

681KB
MD5

ff331ea7bbf32ca6b5d868575c0e6d10
SHA1

a2b20a13142fd104f5812195a7bdf95a06b00084
SHA256

12e804839ca3b20dd793d57ed984da437b9e2f4fe15d34c81418aee99dbd4ea3
SHA512

09e53e832a47e1a6ec255ef817b2f3919272b238dbcb628fe7f9014d6b28a37e703984d4a05d47d2ac08057a81a9226f3854e41c6b348fc826349c3b05f1a08d
SSDEEP

6144:TISKWm/QH4KoxTfpDXZe259wVqP96BP9/yWVbUyLEfoUzsJoN6/gcQ:TIStMTxTrAG9k9bdUgT4IQ

Score

1^/10

Malware Config

Signatures

Files

ff331ea7bbf32ca6b5d868575c0e6d10exe_JC.exe
.exe windows:4 windows x86

79c181497f57639b8f9d14dc99711b1c

Code Sign

7c:ec:88:7e:3a:0e:10:a6:3f:47:c7:2b:25:75:1a:b9
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

28/01/2011, 00:00

Not After

27/01/2013, 23:59

Subject

CN=Lavasoft Limited,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Lavasoft Limited,L=Sliema,ST=SLM,C=MT

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

7c:62:d7:5a:cc:05:cd:7d:a7:71:ef:a0:dc:a5:f9:7d:37:4b:b0:36
Signer

Actual PE Digest

7c:62:d7:5a:cc:05:cd:7d:a7:71:ef:a0:dc:a5:f9:7d:37:4b:b0:36

Digest Algorithm

sha1

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetSystemTimeAsFileTime
QueryPerformanceCounter
GetTickCount
GetCurrentProcess
GetCurrentProcessId
MultiByteToWideChar
VirtualAllocEx
LocalAlloc

advapi32

ImpersonateSelf
RevertToSelf
GetFileSecurityW
AccessCheck
FreeSid
LookupAccountSidW
AllocateAndInitializeSid
RegDeleteKeyW
RegCloseKey
RegQueryValueExW
RegEnumKeyExW
GetSecurityInfo
SetEntriesInAclW
SetSecurityInfo
RegOpenKeyExW
RegSetValueExW
ConvertStringSecurityDescriptorToSecurityDescriptorW
GetTokenInformation
SetSecurityDescriptorOwner
OpenSCManagerW
RegConnectRegistryW
GetUserNameW
OpenThreadToken
OpenProcessToken
LookupPrivilegeValueW
AdjustTokenPrivileges
CheckTokenMembership

shlwapi

StrStrIW
StrCmpNIW

user32

CreateWindowExA
CreateDialogParamA
LoadBitmapA

Sections

.text
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 73KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 632KB - Virtual size: 631KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

79c181497f57639b8f9d14dc99711b1c

Code Sign

7c:ec:88:7e:3a:0e:10:a6:3f:47:c7:2b:25:75:1a:b9Certificate

Extended Key Usages

Key Usages

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7Certificate

Extended Key Usages

Key Usages

7c:62:d7:5a:cc:05:cd:7d:a7:71:ef:a0:dc:a5:f9:7d:37:4b:b0:36Signer

Headers

File Characteristics

Imports

kernel32

advapi32

shlwapi

user32

Sections

.text Size: 23KB - Virtual size: 23KB

.rdata Size: 1KB - Virtual size: 1KB

.data Size: 20KB - Virtual size: 73KB

.rsrc Size: 632KB - Virtual size: 631KB

7c:ec:88:7e:3a:0e:10:a6:3f:47:c7:2b:25:75:1a:b9
Certificate

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

7c:62:d7:5a:cc:05:cd:7d:a7:71:ef:a0:dc:a5:f9:7d:37:4b:b0:36
Signer

.text
Size: 23KB - Virtual size: 23KB

.rdata
Size: 1KB - Virtual size: 1KB

.data
Size: 20KB - Virtual size: 73KB

.rsrc
Size: 632KB - Virtual size: 631KB