b92dd44d57660a348f1c86b14f832ad62b1e40244d5dc207622fb240e4dacf3c_JC[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

b92dd44d57660a348f1c86b14f832ad62b1e40244d5dc207622fb240e4dacf3c_JC.exe
Size

159KB
MD5

8ec879cb49cd6e95990fe413d0bcf631
SHA1

3d66ac9c27cf7d61d30966713ca189a6ac91cb31
SHA256

b92dd44d57660a348f1c86b14f832ad62b1e40244d5dc207622fb240e4dacf3c
SHA512

9f31efa54891a94da02d4478c5b6c6cfbd375eecfd850cb09451d3c06fb7a75464854a0325438e6943bf570aaee3378c1d9a832e0e4578b8ef2b0d18c2d99ceb
SSDEEP

3072:P6/+x8zcANa8REle5Was+OddCMWSOKBDJ5:PG+x8zdNakqeNsB3ND

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b92dd44d57660a348f1c86b14f832ad62b1e40244d5dc207622fb240e4dacf3c_JC.exe

Files

b92dd44d57660a348f1c86b14f832ad62b1e40244d5dc207622fb240e4dacf3c_JC.exe
.exe windows:6 windows x86

ada5710d9e911324aa3f4e3773dccb95

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetEndOfFile
CreateFileW
ReadConsoleW
SetStdHandle
LoadLibraryW
EnumTimeFormatsW
VirtualAlloc
WriteConsoleW
SetThreadIdealProcessor
LoadLibraryExW
OutputDebugStringW
QueryPerformanceCounter
HeapReAlloc
EnumSystemLocalesEx
IsValidLocaleName
LCMapStringEx
GetUserDefaultLocaleName
GetOEMCP
GetACP
IsValidCodePage
GetModuleHandleW
TerminateProcess
FlsFree
FlsSetValue
FlsGetValue
FlsAlloc
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetDefaultCommConfigA
FreeEnvironmentStringsW
ReadFile
IsBadStringPtrW
GetProcessVersion
GetCurrentProcess
SetFilePointer
GetEnvironmentStringsW
GetTickCount64
EnumCalendarInfoW
GetSystemTimeAsFileTime
GetCurrentThreadId
SetLastError
GetProcessHeap
SetFilePointerEx
GetStartupInfoW
InitOnceExecuteOnce
GetFileType
GetConsoleMode
GetConsoleCP
FlushFileBuffers
CloseHandle
InterlockedIncrement
InterlockedDecrement
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionEx
DeleteCriticalSection
Sleep
EncodePointer
DecodePointer
WideCharToMultiByte
GetLocaleInfoEx
MultiByteToWideChar
GetStringTypeW
GetLastError
HeapFree
RaiseException
RtlUnwind
GetCommandLineW
InitializeCriticalSectionAndSpinCount
GetCPInfo
HeapAlloc
IsProcessorFeaturePresent
GetStdHandle
WriteFile
GetModuleFileNameW
ExitProcess
GetModuleHandleExW
GetProcAddress
AreFileApisANSI
HeapSize
IsDebuggerPresent

rpcrt4

I_RpcAllocate
NdrNonEncapsulatedUnionBufferSize
I_RpcReceive
RpcStringBindingParseA
I_RpcAsyncSetHandle
UuidCompare

crypt32

CryptMsgOpenToDecode
CryptHashCertificate
CryptSignCertificate

setupapi

SetupDiGetDeviceInstanceIdW
SetupDiOpenDeviceInterfaceW
SetupSetPlatformPathOverrideW
SetupQueueRenameW
SetupQueueDeleteA
SetupQueryInfFileInformationA
SetupRemoveInstallSectionFromDiskSpaceListA

ws2_32

WSADuplicateSocketW
htons
WSASocketW
WSALookupServiceNextW
WSASend
shutdown
WSAEventSelect
WSASocketA
WSAAsyncGetProtoByNumber
ntohs
listen
getservbyport
WSACancelBlockingCall
WSASendTo

msvfw32

GetSaveFileNamePreviewA
ICSeqCompressFrame
ord2

avifil32

AVIGetFromClipboard
AVIMakeFileFromStreams
AVIFileCreateStreamW
AVIStreamInfoW
IID_IAVIFile
EditStreamPaste

mswsock

GetAcceptExSockaddrs
GetNameByTypeA
rresvport
EnumProtocolsW
WSARecvEx
AcceptEx
SetServiceA
GetAddressByNameW

loadperf

UnloadPerfCounterTextStringsW
LoadPerfCounterTextStringsW
LoadPerfCounterTextStringsA

Sections

.text
Size: 103KB - Virtual size: 103KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 27KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ada5710d9e911324aa3f4e3773dccb95

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

rpcrt4

crypt32

setupapi

ws2_32

msvfw32

avifil32

mswsock

loadperf

Sections

.text Size: 103KB - Virtual size: 103KB

.rdata Size: 27KB - Virtual size: 26KB

.data Size: 12KB - Virtual size: 20KB

.rsrc Size: 512B - Virtual size: 480B

.reloc Size: 14KB - Virtual size: 14KB

.text
Size: 103KB - Virtual size: 103KB

.rdata
Size: 27KB - Virtual size: 26KB

.data
Size: 12KB - Virtual size: 20KB

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 14KB - Virtual size: 14KB