bf01ca3c95545cd532187365066f9430exe_JC[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

bf01ca3c95545cd532187365066f9430exe_JC.exe
Size

62KB
MD5

bf01ca3c95545cd532187365066f9430
SHA1

479ba2af511bbeeef31446bc441e62ebdadcbc52
SHA256

90adb2bb8e6d5f678caa498993bde425eab3f9e16b17d9071bb93bc40aa07a2f
SHA512

ce0a7ee1da04099dbe4aec484ea522c828666be6e34ee91f0db4f7ce395d15af4626906a59676671b183174cbb58a18dc78f23acc01a9f1ee554a17052de37e4
SSDEEP

1536:P1/s0ittVwf4yKqtDnju+SMqRIUYfepYphMx:t/s082fH7jdsIUY/4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bf01ca3c95545cd532187365066f9430exe_JC.exe

Files

bf01ca3c95545cd532187365066f9430exe_JC.exe
.exe windows:4 windows x86

36aa806c3fd9006d470cf37e4be8a7d2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DosPathToSessionPathW
Heap32ListNext
WritePrivateProfileStructW
GetDefaultSortkeySize
SearchPathW
LocalFileTimeToFileTime
PrivCopyFileExW
GetProcessShutdownParameters
FreeUserPhysicalPages
FreeEnvironmentStringsW

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 42KB - Virtual size: 42KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE