bf82d925ec3aef336e3107105298e8c0exe_JC[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

bf82d925ec3aef336e3107105298e8c0exe_JC.exe
Size

273KB
MD5

bf82d925ec3aef336e3107105298e8c0
SHA1

b693404d4da88c618a47cf06e84e5f990995edb8
SHA256

9feb9fd5a21f04d3b780d15630237ce5cd0949c80d29d8eb7f86b302b4877c5a
SHA512

0625e93057d65717dd7d44741336c07e5b8512ba89314fcc7594ce2920b500699905aaa3704716c0bde5f488c51c358b1ff059e61ced7be3291c980b372738e7
SSDEEP

6144:pY5uec87cPQs1dsrQox+I6kXSS/fu+SBVGqmNP:K5Y8oYoyrQ4dSG/Sk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bf82d925ec3aef336e3107105298e8c0exe_JC.exe

Files

bf82d925ec3aef336e3107105298e8c0exe_JC.exe
.exe windows:5 windows x86

a4369b36d40a36ec40b51c87262b293d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapFree
CloseHandle
GetVolumeInformationA
AddAtomA
HeapAlloc
GetProcessHeap
SetUnhandledExceptionFilter
UnhandledExceptionFilter
ExitProcess
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
HeapReAlloc
TerminateProcess
GetCurrentProcess
IsDebuggerPresent

user32

MessageBoxA

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 824B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1024B - Virtual size: 582B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 254KB - Virtual size: 254KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 300B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ