0757d3d56ea1ff76fecb53c667975300_exe32_JC[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

0757d3d56ea1ff76fecb53c667975300_exe32_JC.exe
Size

108KB
MD5

0757d3d56ea1ff76fecb53c667975300
SHA1

3a7994ef0f81c7d5bb6d9e1e77dbd7bfd6b580fa
SHA256

ded3b2166e838552881db7f72ca976a04462846389e3016dba3f771b23fde76c
SHA512

21d5f7f8301593d08dd6d65623d0b0c56089fb43eae82d4d5cb18ab11124fb4ef06a6a07b6e4d8c4c64cf0337774921643483211d6b8b26ae2d5c5eae7a92f94
SSDEEP

1536:50Em5ya/dGIp4Hmph5AsaBOIl6ClAS7ycnkkPKtFfGtqNQyYb:5m5yqzdS2tFutqC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0757d3d56ea1ff76fecb53c667975300_exe32_JC.exe

Files

0757d3d56ea1ff76fecb53c667975300_exe32_JC.exe
.exe windows:4 windows x86

0db5d8ece2672fe90e3d2ebba175f171

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetPrivateProfileIntA
GetCurrentDirectoryA
WritePrivateProfileStringA
GetTickCount
GetLocalTime
CreateDirectoryA
GetPrivateProfileStringA
SizeofResource
LockResource
LoadResource
FindResourceA
FindResourceExA
CopyFileA
DeleteFileA
WideCharToMultiByte
DeleteCriticalSection
CreateThread
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
TerminateProcess
OpenProcess
WaitForSingleObject
CreateMutexA
GetSystemDirectoryA
ExitProcess
WriteFile
SetFilePointer
LoadLibraryA
CreateProcessA
ReadFile
InterlockedExchange
MultiByteToWideChar
SetHandleCount
GetModuleFileNameA
GetStdHandle
VirtualFree
HeapCreate
LCMapStringW
LCMapStringA
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
GetProcAddress
FreeLibrary
Sleep
CreateFileA
CloseHandle
GetLastError
GetCurrentThreadId
SetLastError
GetFileType
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
FlushFileBuffers
IsValidCodePage
GetConsoleMode
GetConsoleCP
GetStringTypeW
GetStringTypeA
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetACP
GetLocaleInfoA
GetThreadLocale
GetVersionExA
RaiseException
HeapDestroy
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
GetProcessHeap
RtlUnwind
VirtualAlloc
GetModuleHandleA
GetCommandLineA
GetStartupInfoA
GetCPInfo
InterlockedIncrement
InterlockedDecrement
GetOEMCP

user32

IsWindow
DialogBoxParamA
SendMessageA
SetWindowPos
EndDialog
PostMessageA
wsprintfA
UnregisterClassA

advapi32

ControlService
OpenSCManagerA
OpenServiceA
StartServiceA
CloseServiceHandle

psapi

GetModuleBaseNameA
EnumProcesses

shlwapi

PathAppendA
PathIsDirectoryA

ws2_32

WSASetLastError
bind
listen
getsockname
WSASocketA
gethostname
socket
setsockopt
connect
send
recv
shutdown
closesocket
WSACleanup
WSAStartup
ntohs
gethostbyaddr
htons
getservbyname
htonl
inet_ntoa
gethostbyname
WSAGetLastError
inet_addr
getservbyport

Sections

.text
Size: 72KB - Virtual size: 70KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 8KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0db5d8ece2672fe90e3d2ebba175f171

Headers

File Characteristics

Imports

kernel32

user32

advapi32

psapi

shlwapi

ws2_32

Sections

.text Size: 72KB - Virtual size: 70KB

.rdata Size: 16KB - Virtual size: 12KB

.data Size: 8KB - Virtual size: 14KB

.rsrc Size: 8KB - Virtual size: 7KB

.text
Size: 72KB - Virtual size: 70KB

.rdata
Size: 16KB - Virtual size: 12KB

.data
Size: 8KB - Virtual size: 14KB

.rsrc
Size: 8KB - Virtual size: 7KB