24897b0e9ecc12f10d0c2e3174a865725a23d231cb0a55520be2cec28ba4fa77[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

24897b0e9ecc12f10d0c2e3174a865725a23d231cb0a55520be2cec28ba4fa77.exe
Size

3.7MB
MD5

b366cbb4852da0a777ddf899c0d80090
SHA1

b4f783bcb63884d7dcf1566838740d4fce66d8e0
SHA256

24897b0e9ecc12f10d0c2e3174a865725a23d231cb0a55520be2cec28ba4fa77
SHA512

3ea010ebbaa080cd9f9065e5e944259042e0f8974b74cb223fd2a0c3be57579df56c4237cf97a12dbd8a0ab64339109aff41f23023f97e5a0962cdcc97b813e3
SSDEEP

49152:3u2rh0qEzpkQFprq1GEqKlaCA7z6sCemZbpCsNCDDsCBafzQJp:+sJpvQOosClJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
24897b0e9ecc12f10d0c2e3174a865725a23d231cb0a55520be2cec28ba4fa77.exe

Files

24897b0e9ecc12f10d0c2e3174a865725a23d231cb0a55520be2cec28ba4fa77.exe
.dll windows:6 windows x64 arch:x64

f7bbbf953808b6a6479d97c2beb9997a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

C:\workspace\openjdk-build\workspace\build\src\build\windows-x86_64-normal-server-release\vm\runtime\j9gc_full29.pdb

Imports

j9thr29

omrthread_attr_set_stacksize
omrthread_attr_set_category
omrthread_tls_get
omrthread_get_category
omrthread_get_self_cpu_time
omrthread_rwmutex_enter_write
omrthread_rwmutex_try_enter_write
omrthread_rwmutex_exit_write
omrthread_attr_set_priority
j9sem_init
j9sem_post
j9sem_wait
omrthread_get_priority
omrthread_detach
omrthread_sleep_interruptable
omrthread_attr_destroy
omrthread_attach_ex
omrthread_monitor_try_enter
j9sem_destroy
omrthread_attr_init
omrthread_numa_set_node_affinity
omrthread_get_process_times
omrthread_suspend
omrthread_resume
omrthread_nanosleep
omrthread_set_priority
omrthread_set_category
omrthread_sleep
omrthread_monitor_notify
omrthread_monitor_exit_using_threadId
omrthread_monitor_enter_using_threadId
omrthread_numa_get_node_affinity
omrthread_monitor_owned_by_self
omrthread_yield
omrthread_set_name
omrthread_self
omrthread_monitor_wait_timed
omrthread_monitor_wait
omrthread_monitor_notify_all
omrthread_exit
omrthread_monitor_init_with_name
omrthread_monitor_destroy
omrthread_attr_set_schedpolicy
omrthread_monitor_exit
omrthread_create_ex
omrthread_monitor_enter

kernel32

IsDebuggerPresent
GetSystemTimeAsFileTime
DeleteTimerQueueTimer
CreateTimerQueueTimer
QueryPerformanceCounter
GetCurrentProcessId
DisableThreadLibraryCalls
InitializeSListHead
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
GetCurrentThreadId
TerminateProcess
GetCurrentProcess
IsProcessorFeaturePresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter

vcruntime140

strstr
__std_type_info_destroy_list
__C_specific_handler
memmove
strchr
memset
memcpy
memcmp
_purecall

api-ms-win-crt-stdio-l1-1-0

__stdio_common_vsprintf
__acrt_iob_func
__stdio_common_vfprintf

api-ms-win-crt-runtime-l1-1-0

_errno
abort
_initterm
_initterm_e
_seh_filter_dll
_configure_narrow_argv
_initialize_narrow_environment
_initialize_onexit_table
_execute_onexit_table
_cexit
_wassert

api-ms-win-crt-string-l1-1-0

strncmp
strcmp
strncpy

api-ms-win-crt-math-l1-1-0

ceil
powf
sqrt
pow
sqrtf
logf

api-ms-win-crt-utility-l1-1-0

qsort
rand

api-ms-win-crt-convert-l1-1-0

atoi
_strtod_l
strtod

j9hookable29

J9HookInitializeInterface

api-ms-win-crt-locale-l1-1-0

localeconv
_free_locale
_create_locale

Exports

Exports

J9VMDllMain
JVM_OnLoad

Sections

.text
Size: 1.9MB - Virtual size: 1.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.7MB - Virtual size: 1.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 22KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 71KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f7bbbf953808b6a6479d97c2beb9997a

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

j9thr29

kernel32

vcruntime140

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-utility-l1-1-0

api-ms-win-crt-convert-l1-1-0

j9hookable29

api-ms-win-crt-locale-l1-1-0

Exports

Exports

Sections

.text Size: 1.9MB - Virtual size: 1.9MB

.rdata Size: 1.7MB - Virtual size: 1.7MB

.data Size: 22KB - Virtual size: 23KB

.pdata Size: 71KB - Virtual size: 70KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 11KB - Virtual size: 11KB

.text
Size: 1.9MB - Virtual size: 1.9MB

.rdata
Size: 1.7MB - Virtual size: 1.7MB

.data
Size: 22KB - Virtual size: 23KB

.pdata
Size: 71KB - Virtual size: 70KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 11KB - Virtual size: 11KB