Static task
static1
Behavioral task
behavioral1
Sample
a7127f3e3f114cc84004fa863af6ba60_JC.exe
Resource
win7-20230831-en
Behavioral task
behavioral2
Sample
a7127f3e3f114cc84004fa863af6ba60_JC.exe
Resource
win10v2004-20230915-en
General
-
Target
a7127f3e3f114cc84004fa863af6ba60_JC.exe
-
Size
59KB
-
MD5
a7127f3e3f114cc84004fa863af6ba60
-
SHA1
2c22b4b6993e27f77f8d8a28318058bfc3119315
-
SHA256
500a690f545fbbe3aff0284987b9587b7a955b0a94574a47cdf318febb675b2d
-
SHA512
8995b4b7e3b8d6a68e92eb4b8f6a47d24a988d8169eb9d31128b91dc2a86370860681c75cf6c84b8fc2f7bddd771c97a21b5fbd815343725e307979d38abbedd
-
SSDEEP
768:gk8KicLa/wlpSyiUg4ysfp/l58pvpIgugNUuV8kxqtGzcyGAK8NoAAeiSLhZpBMB:gBcCvxawFcefKFeiSvM4vNbdJ/PZ83h
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource a7127f3e3f114cc84004fa863af6ba60_JC.exe
Files
-
a7127f3e3f114cc84004fa863af6ba60_JC.exe.exe windows:4 windows x86
bbc1a2c9685987c0467419ae35f00f7f
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
FindNextChangeNotification
GetStringTypeW
GetCurrentConsoleFont
TermsrvOpenUserClasses
GetPrivateProfileSectionW
IsWow64Process2
ReplaceFile
OpenPackageInfoByFullName
WritePrivateProfileStringW
SetInformationJobObject
Sections
.text Size: 13KB - Virtual size: 13KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
rdata Size: - Virtual size: 64KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.data Size: 42KB - Virtual size: 41KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Size: 36KB - Virtual size: 64KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Size: - Virtual size: 3KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE