ad94c3dba32d555f462a8b453fccb5941a4c97cf9a4368f1932d32d2378157c0

Sharing

Copy URL

Twitter E-mail

General

Target

ad94c3dba32d555f462a8b453fccb5941a4c97cf9a4368f1932d32d2378157c0
Size

9.4MB
MD5

b79ace084168440c17d9cde0cc401966
SHA1

a53ffb8fb3d6e7f48970177a3bca96e238eea621
SHA256

ad94c3dba32d555f462a8b453fccb5941a4c97cf9a4368f1932d32d2378157c0
SHA512

74eb608964997a528fd212950e7b417fa1f2d9af4960118990530ffcc96d3bc2db87c26ff0b4a353949de07b6500521706e6fc3fd884e1efc3aef5ff30cd15ae
SSDEEP

196608:AYFGKIhdFB3OaLeIM3+6wFKnM27N0ZcPpIBHpIBi:1FGKwdFB9SIMu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ad94c3dba32d555f462a8b453fccb5941a4c97cf9a4368f1932d32d2378157c0

Files

ad94c3dba32d555f462a8b453fccb5941a4c97cf9a4368f1932d32d2378157c0
.exe windows:6 windows x86 arch:x86

095e6b4dbfa05af66b83c9b71a939892

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\Code\JZProject\JxUninst2\Bin\JxUninst\JxUninst.pdb

Imports

kernel32

LoadLibraryA
GetModuleHandleA
GetVersionExA
GetVersionExW
MulDiv
FindResourceW
SizeofResource
LockResource
LoadResource
FreeResource
SetLastError
FlushInstructionCache
HeapFree
HeapAlloc
HeapDestroy
lstrlenA
UnmapViewOfFile
MapViewOfFile
CreateFileMappingW
RtlCaptureStackBackTrace
ReleaseSemaphore
CloseHandle
CreateFileW
GetTickCount
GetTempFileNameW
GetDriveTypeW
GetLogicalDriveStringsW
GetDiskFreeSpaceExW
GetLastError
MultiByteToWideChar
FindClose
FindNextFileW
FindFirstFileW
RemoveDirectoryW
GetLocalTime
GetModuleHandleW
HeapCreate
SetCurrentDirectoryW
GetCommandLineW
GetTickCount64
GetNativeSystemInfo
GetSystemInfo
WriteConsoleW
HeapSize
GetProcessHeap
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetOEMCP
GetACP
IsValidCodePage
FindFirstFileExW
HeapReAlloc
FlushFileBuffers
GetFileSizeEx
SetStdHandle
GetTimeZoneInformation
EnumSystemLocalesW
IsValidLocale
GetTimeFormatW
GetDateFormatW
GetModuleFileNameW
SetConsoleCtrlHandler
ExitThread
ExitProcess
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
RtlUnwind
WaitForMultipleObjectsEx
UnregisterWaitEx
QueryDepthSList
InterlockedFlushSList
InterlockedPushEntrySList
CreateMutexW
SetProcessAffinityMask
VirtualFree
VirtualProtect
VirtualAlloc
LoadLibraryExW
FreeLibraryAndExitThread
GetThreadTimes
UnregisterWait
RegisterWaitForSingleObject
SetThreadAffinityMask
GetProcessAffinityMask
GetNumaHighestNodeNumber
DeleteTimerQueueTimer
ChangeTimerQueueTimer
CreateTimerQueueTimer
GetLogicalProcessorInformation
GetThreadPriority
SetThreadPriority
CreateThread
SignalObjectAndWait
CreateTimerQueue
InitializeSListHead
GetStartupInfoW
IsDebuggerPresent
IsProcessorFeaturePresent
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
ResetEvent
SetEvent
GetCurrentProcessId
SystemTimeToFileTime
GetSystemTime
GetModuleHandleExW
ReadConsoleW
ReadConsoleA
SetConsoleMode
GetConsoleMode
PeekNamedPipe
GetStdHandle
GetFileType
WaitForMultipleObjects
ExpandEnvironmentStringsA
WaitForSingleObject
VerifyVersionInfoW
VerSetConditionMask
SleepEx
FormatMessageA
GetStringTypeExA
GetUserDefaultLCID
LCMapStringA
GetStringTypeExW
AreFileApisANSI
K32GetModuleFileNameExW
QueryFullProcessImageNameW
OpenProcess
Module32NextW
Module32FirstW
Process32NextW
Process32FirstW
CreateToolhelp32Snapshot
DeviceIoControl
CreateFileA
GetSystemDirectoryA
GetLongPathNameW
GetTempPathW
GetFileAttributesW
ReadFile
GetFileSize
GetSystemDirectoryW
GetCurrentDirectoryW
GetFullPathNameW
WriteFile
WritePrivateProfileStringW
GetPrivateProfileStringW
TryEnterCriticalSection
Sleep
GetCurrentThreadId
OutputDebugStringA
WideCharToMultiByte
LoadLibraryW
GetProcAddress
FreeLibrary
GlobalUnlock
GlobalLock
MoveFileExW
CopyFileW
CreateDirectoryExW
GetWindowsDirectoryW
SetFileTime
SetFilePointerEx
SetFileAttributesW
SetEndOfFile
GetFileTime
GetFileInformationByHandle
GetFileAttributesExW
DeleteFileW
CreateDirectoryW
GetEnvironmentVariableW
LocalFree
GetCPInfo
GetLocaleInfoW
LCMapStringW
CompareStringW
GetSystemTimeAsFileTime
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
CreateEventW
InitializeCriticalSectionAndSpinCount
QueryPerformanceFrequency
QueryPerformanceCounter
RaiseException
DecodePointer
EncodePointer
GetExitCodeThread
SwitchToThread
WaitForSingleObjectEx
GetStringTypeW
FormatMessageW
IsBadReadPtr
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
InterlockedPopEntrySList
GlobalFree
GlobalAlloc
OutputDebugStringW
ResumeThread
SuspendThread
GetCurrentProcess
GetCurrentThread
DuplicateHandle
GetConsoleCP

user32

CharPrevW
FindWindowW
CharLowerA
CharUpperA
CharLowerW
CharUpperW
GetWindowThreadProcessId
GetForegroundWindow
AttachThreadInput
GetWindowTextW
GetClassNameW
SendMessageTimeoutW
MonitorFromWindow
SetParent
MessageBoxW
GetClientRect
DrawIconEx
GetUserObjectInformationW
GetProcessWindowStation
LoadStringW
LoadStringA
GetGUIThreadInfo
OpenClipboard
CloseClipboard
GetClipboardData
EmptyClipboard
SetClipboardData
GetSystemMetrics
DestroyIcon
OffsetRect
IntersectRect
IsRectEmpty
IsWindowVisible
ScreenToClient
MessageBoxA
SetCursor
GetActiveWindow
DestroyWindow
LoadCursorW
DestroyCursor
SetTimer
KillTimer
CopyRect
InflateRect
UnionRect
TrackMouseEvent
PostQuitMessage
AnimateWindow
SetLayeredWindowAttributes
IsZoomed
GetCapture
SetCapture
ReleaseCapture
UpdateWindow
BeginPaint
EndPaint
InvalidateRect
CharNextW
GetMonitorInfoW
SetRect
ClientToScreen
PtInRect
ShowWindow
EnableWindow
GetFocus
SetWindowTextW
SetForegroundWindow
SystemParametersInfoW
SetFocus
EqualRect
IsIconic
SendMessageW
GetIconInfoExW
CreateCaret
GetCaretBlinkTime
HideCaret
SetCaretPos
SetWindowLongW
DefWindowProcW
CallWindowProcW
GetParent
MoveWindow
MonitorFromRect
UnregisterClassW
RegisterClassExW
CreateWindowExW
GetDlgItem
MapWindowPoints
GetWindow
IsWindowEnabled
SetActiveWindow
GetKeyState
GetMessageW
GetWindowLongW
GetDC
ReleaseDC
GetWindowRect
SetWindowPos
GetDesktopWindow
PostMessageW
IsWindow
GetCursorPos
TranslateMessage
CopyIcon
CallMsgFilterW
WaitMessage
SetMenuContextHelpId
GetMenuItemInfoW
SetMenuInfo
GetMenuInfo
TrackPopupMenu
DeleteMenu
AppendMenuW
InsertMenuW
GetMenuItemCount
CheckMenuItem
DestroyMenu
CreatePopupMenu
IsMenu
UpdateLayeredWindow
MapVirtualKeyA
CharLowerBuffW
SystemParametersInfoA
DrawTextW
GetWindowPlacement
LoadIconW
GetSysColor
EnableMenuItem
GetIconInfo
LoadImageW
CreateIconFromResource
LoadBitmapW
PeekMessageW
DispatchMessageW

gdi32

GetObjectW
GetTextFaceW
ExtTextOutW
SetWorldTransform
GetTextMetricsW
SetTextAlign
SetViewportOrgEx
CreateCompatibleBitmap
StretchBlt
GetDCOrgEx
SetBkMode
Rectangle
GetStockObject
GetClipBox
CreateSolidBrush
CreateFontIndirectW
SetGraphicsMode
CreateRoundRectRgn
EnumFontsW
SelectObject
DeleteDC
CreateCompatibleDC
CreateBitmap
BitBlt
GetCurrentObject
DeleteObject
GdiFlush
GetDeviceCaps
SetTextColor
ExtCreateRegion
GetRegionData
IntersectClipRect
SelectClipRgn
CreateDIBSection
GetViewportOrgEx
EnumFontFamiliesExW
GetCharABCWidthsW
GetFontData
GetGlyphOutlineW
GetOutlineTextMetricsW
GetFontUnicodeRanges
GetGlyphIndicesW
GetTextExtentPointI
AddFontMemResourceEx
RemoveFontMemResourceEx

advapi32

CryptEnumProvidersW
CryptDestroyHash
CryptCreateHash
CryptDecrypt
CryptExportKey
CryptGetUserKey
CryptGetProvParam
CryptSetHashParam
RegOpenKeyExW
RegCloseKey
RegDeleteValueW
RegSetValueExW
RegQueryValueExW
AdjustTokenPrivileges
LookupPrivilegeValueW
OpenProcessToken
CryptSignHashW
DeregisterEventSource
RegisterEventSourceW
ReportEventW
CryptAcquireContextW
CryptReleaseContext
CryptGenRandom
CryptDestroyKey

shell32

SHGetSpecialFolderPathW
SHGetSpecialFolderLocation
SHFileOperationW
SHCreateDirectoryExW
SHGetKnownFolderPath
ShellExecuteW
SHGetPathFromIDListW
CommandLineToArgvW

ole32

OleLockRunning
CreateBindCtx
CoCreateInstance
CLSIDFromProgID
CoCreateGuid
IIDFromString
CLSIDFromString
OleUninitialize
OleInitialize
CoTaskMemFree
CreateStreamOnHGlobal

oleaut32

VariantClear
VariantInit
GetErrorInfo
VariantChangeType
SetErrorInfo
SysAllocString
SysFreeString
CreateErrorInfo

wininet

InternetReadFile
InternetCloseHandle
InternetGetConnectedState
InternetOpenW
InternetSetOptionW
InternetOpenUrlW

shlwapi

StrToIntExW
StrCmpW
StrCpyW
PathCompactPathW
PathIsDirectoryW
PathFileExistsW
PathStripPathW
PathRemoveExtensionW
PathFindExtensionW
PathRemoveFileSpecW
SHDeleteEmptyKeyW
SHDeleteKeyW
StrRChrW

crypt32

CertCloseStore
CertEnumCertificatesInStore
CertFindCertificateInStore
CertDuplicateCertificateContext
CertGetCertificateContextProperty
CertFreeCertificateContext
CertOpenStore

ws2_32

recvfrom
sendto
ioctlsocket
gethostname
gethostbyname
getnameinfo
shutdown
select
freeaddrinfo
getaddrinfo
WSACleanup
WSAStartup
WSAIoctl
setsockopt
ntohs
htons
getsockopt
getsockname
getpeername
connect
closesocket
bind
send
recv
listen
WSAGetLastError
WSASetLastError
__WSAFDIsSet
socket
accept

wldap32

ord301
ord147
ord133
ord79
ord142
ord167
ord127
ord27
ord26
ord118
ord41
ord208
ord216
ord14
ord46
ord219
ord145

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

gdiplus

GdipCreateTexture2I
GdipScaleTextureTransform
GdipDisposeImage
GdipGetImageGraphicsContext
GdipSetSmoothingMode
GdipFillEllipseI
GdipCloneImage
GdipDeleteBrush
GdipGetImageWidth
GdipGetImageHeight
GdipCreateBitmapFromStreamICM
GdipCreateBitmapFromStream
GdipCreateBitmapFromScan0
GdipCreateBitmapFromHBITMAP
GdipCloneBrush
GdipBitmapLockBits
GdipSaveImageToFile
GdipBitmapUnlockBits
GdipGetImageEncodersSize
GdipGetImageEncoders
GdipGetPropertyItemSize
GdipDrawImageI
GdipCreateBitmapFromFile
GdipDeleteGraphics
GdipImageGetFrameCount
GdipCreateBitmapFromFileICM
GdipImageGetFrameDimensionsList
GdipImageSelectActiveFrame
GdipGetPropertyItem
GdipImageGetFrameDimensionsCount
GdiplusShutdown
GdiplusStartup
GdipCreateFromHDC
GdipDrawImagePointRectI
GdipGetImageThumbnail
GdipGraphicsClear
GdipDrawImageRectI
GdipAlloc
GdipFree

dwmapi

DwmSetWindowAttribute

imm32

ImmGetVirtualKey
ImmAssociateContext
ImmReleaseContext
ImmSetCompositionWindow
ImmGetContext
ImmSetCandidateWindow

msimg32

AlphaBlend

usp10

ScriptItemize
ScriptShape
ScriptFreeCache

opengl32

wglGetCurrentContext
wglGetProcAddress

Exports

Exports

?get_lock@singleton_module@serialization@boost@@AAEAA_NXZ
?is_locked@singleton_module@serialization@boost@@QAE_NXZ
?lock@?1??get_lock@singleton_module@serialization@boost@@AAEAA_NXZ@4_NA
?lock@singleton_module@serialization@boost@@QAEXXZ
?unlock@singleton_module@serialization@boost@@QAEXXZ

Sections

.text
Size: 5.3MB - Virtual size: 5.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 99KB - Virtual size: 204KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2.5MB - Virtual size: 2.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 277KB - Virtual size: 277KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

095e6b4dbfa05af66b83c9b71a939892

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

wininet

shlwapi

crypt32

ws2_32

wldap32

version

gdiplus

dwmapi

imm32

msimg32

usp10

opengl32

Exports

Exports

Sections

.text Size: 5.3MB - Virtual size: 5.3MB

.rdata Size: 1.3MB - Virtual size: 1.3MB

.data Size: 99KB - Virtual size: 204KB

.rsrc Size: 2.5MB - Virtual size: 2.5MB

.reloc Size: 277KB - Virtual size: 277KB

.text
Size: 5.3MB - Virtual size: 5.3MB

.rdata
Size: 1.3MB - Virtual size: 1.3MB

.data
Size: 99KB - Virtual size: 204KB

.rsrc
Size: 2.5MB - Virtual size: 2.5MB

.reloc
Size: 277KB - Virtual size: 277KB