a880f67f639289c3fa0dc34cd3840400exe_JC[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a880f67f639289c3fa0dc34cd3840400exe_JC.exe
Size

67KB
MD5

a880f67f639289c3fa0dc34cd3840400
SHA1

aa02b3281a726d4f9cce71307c5a91de3c179986
SHA256

6f6d577c786e2f2ef1faf3e468444d955461d26506b69a6f29e3d1766dd23211
SHA512

904477a4e336c79b28d105ec4f1ee421781731b5ed330148b056583fa6e61b5e1927de2843f0acda20746f75dd4be6fee851bf32e475b85b059146bf7ea327f3
SSDEEP

1536:vJs3oEqe4SFg3fU/7hUMtKPBYTDZ97gt7+bJpK:vJoC4Fg3fU/dpKPB+nlbJpK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a880f67f639289c3fa0dc34cd3840400exe_JC.exe

Files

a880f67f639289c3fa0dc34cd3840400exe_JC.exe
.exe windows:4 windows x86

18b257d4806b94248cb5d5698d973368

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

UnhandledExceptionFilter
GetConsoleHardwareState
GetCommTimeouts
RtlMoveMemory
FindFirstChangeNotificationW
BackupSeek
VirtualProtect
DosPathToSessionPathA
AddConsoleAliasW
SetLocaleInfoW
DisableThreadLibraryCalls

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 52KB - Virtual size: 98KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE