0a834f4f20c462ac7359dffd7a54c7a0_exe32_JC[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0a834f4f20c462ac7359dffd7a54c7a0_exe32_JC.exe
Size

66KB
MD5

0a834f4f20c462ac7359dffd7a54c7a0
SHA1

1e946491ac097be0271840b43695211fe6950929
SHA256

76ced8c186f05feaa49a3fb86d153b8a220428c640a93327d5201bb434dd7683
SHA512

8d2e6bb5727967acf7a0bf0d57c5bf6a867dd98a983e94be71c714b3b4bb0c2d4fa1a2398137ff5301b527cbb8d1cb7e84066c51c51bf882310ae3276c84db94
SSDEEP

1536:38PQM+RrAT/Q5xXkU4WWqImsPO3GRI2Ld4vG:uc5KUE4UdB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0a834f4f20c462ac7359dffd7a54c7a0_exe32_JC.exe

Files

0a834f4f20c462ac7359dffd7a54c7a0_exe32_JC.exe
.exe windows:4 windows x86

16536cbbce5e7e2ffabb96c5e0d2a101

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapAlloc
GetNamedPipeServerSessionId
SwitchToFiber
K32EnumPageFilesW
CloseHandle
GetVersionExW
InitOnceInitialize
Module32FirstW
GetEnvironmentStringsW
GetConsoleCommandHistoryLengthW
GetFileAttributesTransactedA

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 51KB - Virtual size: 70KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE