c4a8683b1e424cfbb23eb8249b341617 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c4a8683b1e424cfbb23eb8249b341617
Size

179KB
MD5

c4a8683b1e424cfbb23eb8249b341617
SHA1

2474eb00dd490a842e8684bf6474a403b2f1b01f
SHA256

b7272f0bed8916d943d0ff6445e0db59aaa094a6eb6067499d66ca1ee913992b
SHA512

cb4472eed3fd9d920dfd3443bce0c319c0143429cbd6bca4506f34cb4e8cad14a05c4dcd8285ce315d5f3ebfb5277cded2ad89004cc4b9d97f0de139888442d5
SSDEEP

3072:ybMqIjLMR9xSjNSKm3D5eIy9o8tUn5LkE3uicIIG3iF3I146WZha:ybMqIjKxfK9LZUpiInUT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c4a8683b1e424cfbb23eb8249b341617

Files

c4a8683b1e424cfbb23eb8249b341617
.dll windows:4 windows x86 arch:x86

1de90a3ca52787b5a689312a51f1ab17

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

jgme500

ord7
ord6

jgst500

JgstmFindARTSegment

jgid500

JgpIDecGetReport
JgpIDecSetEOF
JgpIDecQuery
JgpIDecGetMask
JgpIDecGetImage
JgpIDecInput
JgpIDecOpenContext
JgpIDecOpenDecoder
JgpIDecCloseDecoder
JgpIDecGetPalette
JgpIDecCloseContext

kernel32

LoadLibraryA
FreeLibrary
GetProcAddress

msvcrt

malloc
_adjust_fdiv
_initterm
free

Exports

Exports

JgCPCloseART
JgCPIdentifyART
JgCPImageART
JgCPInputART
JgCPMaskART
JgCPOpenART
JgCPPaletteART
JgCPQueryART
JgCPReportART
JgCPSetCallbackART
JgCPSetEOFART
JgCPShutDownART
JgCPStartUpART
JgCPVxDHeartBeatART
jgcpDrvDeRegisterTask

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 100B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 169KB - Virtual size: 168KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 856B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 200B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ