c686c20721f36df0da52594198475770exe_JC[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c686c20721f36df0da52594198475770exe_JC.exe
Size

56KB
MD5

c686c20721f36df0da52594198475770
SHA1

a0e4d43bccce5d81a719851a5f357907f227f262
SHA256

43255841dea3c70ef28ab5ee57d3ed6ef2cf715ed9d4e3c5df235a24dadbda24
SHA512

3193d372f6951676efb0983d972eb37d2ed91a62c295c3adf88a73caf5f9ad783ff347fa88a64a3c2b58afd049a99905701ca7914e546044b5c9ec651b020736
SSDEEP

768:pGyiaxEKqVIFW8JhzcZSAJBbLrE+tI7Gva7zK5a9xbvLPK/Pr/QuVHX+pK2kaN/a:p7XfFgrEfGvar3bDmr/JF29X1tUhOQX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c686c20721f36df0da52594198475770exe_JC.exe

Files

c686c20721f36df0da52594198475770exe_JC.exe
.exe windows:4 windows x86

87d11dd140da17dd1163f7f7d000f550

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindActCtxSectionGuid
EnumResourceTypesA
lstrcpyn
CheckRemoteDebuggerPresent
MapUserPhysicalPages
SetCommState
GlobalWire
GetBinaryTypeA
GetNumaAvailableMemory
ReadConsoleInputW
CopyFileA

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE