ce6f6239f9e764f8eb0a16e5cd61cd30exe_JC[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ce6f6239f9e764f8eb0a16e5cd61cd30exe_JC.exe
Size

56KB
MD5

ce6f6239f9e764f8eb0a16e5cd61cd30
SHA1

bc13092e08b8700e96b3edbfff673e2eb03feb24
SHA256

d19a3f81b274b871c6419068f54d5c3dfc9ff38212aa3f8a3b018a8b45e83f2f
SHA512

b9c333590c160cd2c72b9ac57c85a777641497c8c5e148b15baaa625c2b21172cf0dd6ed931fe40c126f60149084f2ae3d9101078d21f872ad8ac97a016eddb4
SSDEEP

1536:ztHot+A9ig6PawFIox4Y18JBygkpSmdosQ84v:doBoPawGuCJBybEDsQB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ce6f6239f9e764f8eb0a16e5cd61cd30exe_JC.exe

Files

ce6f6239f9e764f8eb0a16e5cd61cd30exe_JC.exe
.exe windows:4 windows x86

30d9a80893f7d76f747408cfa60e8c38

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseConsoleHandle
TzSpecificLocalTimeToSystemTime
GetProcessAffinityMask
LZStart
WaitForSingleObject
GetProfileIntA
GetExpandedNameA
GetPrivateProfileIntA
ExitProcess
IsValidLanguageGroup

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE