c3018da794cafcfaf3528feaca1bb810exe_JC[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c3018da794cafcfaf3528feaca1bb810exe_JC.exe
Size

492KB
MD5

c3018da794cafcfaf3528feaca1bb810
SHA1

a367586015e9f804f3d04a582b3eb9b5f1bdfad7
SHA256

d49a98d35bcb6ff16206c6d1e1495d4ddf9f1911f785bccda24c2b1e0bfe3d03
SHA512

99aa3243b0dff3b819458f7dbd92c65668d2abac399c856de1311f9217f801f1e2864320a99701226ee5d5f9c9dc134a38db192bd629c006f3bd4d7b6901bcd4
SSDEEP

12288:58fGW4jqaSwX1sCpsLZ/Khmd/hG5417qcnevTT6fozffI8rsCu6LL4qF3:vW4jBBiesLEehG2RqcngTaMff1M6IqF3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c3018da794cafcfaf3528feaca1bb810exe_JC.exe

Files

c3018da794cafcfaf3528feaca1bb810exe_JC.exe
.exe windows:4 windows x86

fbce72e3fd1373bca93ebac3614c34c9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetMessagePos
GetMessageTime
MonitorFromRect

shell32

SHIsFileAvailableOffline

kernel32

GetCurrentThreadId

Sections

.text
Size: 485KB - Virtual size: 488KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 317B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE