3e84dd26f73b623153e6a553f534d221 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3e84dd26f73b623153e6a553f534d221
Size

88KB
MD5

3e84dd26f73b623153e6a553f534d221
SHA1

18a0154f95c3976e785d699d77c059c85ea62556
SHA256

5cadbc785aac672757dff304a1bf61776b41a21d2ad3e79cacc4c054d2255a18
SHA512

e6dd01670da9d664b6f9086e89d7c2065a1c61f023684440434e4ed2250988e6a3a6e48390c0c0d90d615719140651f1ebe27665834ea4ca2a42b7a3d1935675
SSDEEP

1536:gzjeQwU5jJs4zsk48G9Bc8TIrbdmSOvJOSVQtjBIZTXrGrt6836bfi:gzjeQbX14k4J68wIS4WrttBKbq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/jahcii.exe

Files

3e84dd26f73b623153e6a553f534d221
.zip
jahcii.exe
.exe windows:5 windows x86 arch:x86

7055471318820c328a26e3e2572edf1e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAlloc
RtlMoveMemory
OpenProcess
GetACP
GetOEMCP
VirtualFree
GetTickCount
GetCurrentProcessId
CopyFileA
GetModuleHandleA
lstrcmpiW

user32

CharNextA

Sections

.text
Size: 512B - Virtual size: 501B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Hearc Ki
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 62KB - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 73KB - Virtual size: 73KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ