a7127f3e3f114cc84004fa863af6ba60_JC[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a7127f3e3f114cc84004fa863af6ba60_JC.exe
Size

59KB
MD5

a7127f3e3f114cc84004fa863af6ba60
SHA1

2c22b4b6993e27f77f8d8a28318058bfc3119315
SHA256

500a690f545fbbe3aff0284987b9587b7a955b0a94574a47cdf318febb675b2d
SHA512

8995b4b7e3b8d6a68e92eb4b8f6a47d24a988d8169eb9d31128b91dc2a86370860681c75cf6c84b8fc2f7bddd771c97a21b5fbd815343725e307979d38abbedd
SSDEEP

768:gk8KicLa/wlpSyiUg4ysfp/l58pvpIgugNUuV8kxqtGzcyGAK8NoAAeiSLhZpBMB:gBcCvxawFcefKFeiSvM4vNbdJ/PZ83h

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a7127f3e3f114cc84004fa863af6ba60_JC.exe

Files

a7127f3e3f114cc84004fa863af6ba60_JC.exe
.exe windows:4 windows x86

bbc1a2c9685987c0467419ae35f00f7f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindNextChangeNotification
GetStringTypeW
GetCurrentConsoleFont
TermsrvOpenUserClasses
GetPrivateProfileSectionW
IsWow64Process2
ReplaceFile
OpenPackageInfoByFullName
WritePrivateProfileStringW
SetInformationJobObject

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 36KB - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE