035f8a09ab780c023725a802f42f8cf0_exe32_JC[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

035f8a09ab780c023725a802f42f8cf0_exe32_JC.exe
Size

84KB
MD5

035f8a09ab780c023725a802f42f8cf0
SHA1

3ec698769a004a7ca37a81b2eb0e30f4139fbdfd
SHA256

74f5fbd68afb7b3cdb21233077dd8432a34954a0e6e812e8364b9d184268d215
SHA512

d6102e3b3cb9b9e1edf783c61195cccce12f70d1160e0cfc9ce9c65df81ad4ddffc9a87e0f66fc4f3712f9c2d5b894916b6f491ec32d0ca7ff0c89547c37d5b9
SSDEEP

1536:y7+8EjSPN8i/FZ4VfFJMokL4co/4FxdpJ0F1HLP/:0AjKN8CjYfFJMoFgFxdj0FdP/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
035f8a09ab780c023725a802f42f8cf0_exe32_JC.exe

Files

035f8a09ab780c023725a802f42f8cf0_exe32_JC.exe
.exe windows:4 windows x86

950b12d9a8b53f7804d5427f96a876c4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WritePrivateProfileStringA
CopyFileA
lstrcpyA
GlobalFree
GlobalUnlock
GetVersionExA
DeleteFileA
GetCurrentProcess
GetSystemDirectoryA
GetWindowsDirectoryA
GetModuleFileNameA
FindFirstFileA
FormatMessageA
LocalFree
GetCurrentDirectoryA
SetCurrentDirectoryA
CreateSemaphoreA
GetLastError
GlobalAlloc
GlobalLock
CloseHandle
WideCharToMultiByte
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
MultiByteToWideChar
SetStdHandle
LoadLibraryA
GetProcAddress
HeapReAlloc
VirtualAlloc
GetACP
HeapAlloc
GetTimeZoneInformation
SetEnvironmentVariableA
CompareStringW
CompareStringA
FlushFileBuffers
ExitProcess
TerminateProcess
FileTimeToSystemTime
FileTimeToLocalFileTime
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
UnhandledExceptionFilter
SetFilePointer
GetCPInfo
GetOEMCP
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
HeapFree
RtlUnwind
WriteFile

user32

GetWindowRect
MessageBoxExA
MessageBoxA
wsprintfA
LoadStringA
ExitWindowsEx
DialogBoxParamA
DestroyWindow
CreateDialogParamA
MoveWindow
EndDialog
GetDesktopWindow

advapi32

RegCloseKey
RegSetValueExA
RegCreateKeyExA
RegOpenKeyExA
AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken
RegDeleteKeyA

lz32

LZCopy
LZOpenFileA
LZClose

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Sections

.text
Size: 36KB - Virtual size: 33KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.trdata
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

950b12d9a8b53f7804d5427f96a876c4

Headers

File Characteristics

Imports

kernel32

user32

advapi32

lz32

version

Sections

.text Size: 36KB - Virtual size: 33KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 16KB - Virtual size: 19KB

.rsrc Size: 4KB - Virtual size: 2KB

.trdata Size: 20KB - Virtual size: 20KB

.text
Size: 36KB - Virtual size: 33KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 16KB - Virtual size: 19KB

.rsrc
Size: 4KB - Virtual size: 2KB

.trdata
Size: 20KB - Virtual size: 20KB