156f695ffd54c0cbf5e6c332e06ef7f9d50fc45ff74a1a6d7fb78e66f561f607

Sharing

Copy URL Twitter E-mail

General

Target

156f695ffd54c0cbf5e6c332e06ef7f9d50fc45ff74a1a6d7fb78e66f561f607
Size

7.7MB
MD5

34f3117bb19a5ff2c5230efa01901c55
SHA1

c52b938f3aa97611f76a488ae306fa856830c394
SHA256

156f695ffd54c0cbf5e6c332e06ef7f9d50fc45ff74a1a6d7fb78e66f561f607
SHA512

519c0e271410b6c06f8e50895ad7334f65a7dc4e6307a1fd7ff7408784214f24af1dc18ee5565c58b118e0c9e278b68f3430fbafb6addafbd76311ee42394721
SSDEEP

196608:zJcImSTAje2DbnN/nSJppoIyRgeb++Gi:9cqTqTnNfIyRgeb1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
156f695ffd54c0cbf5e6c332e06ef7f9d50fc45ff74a1a6d7fb78e66f561f607

Files

156f695ffd54c0cbf5e6c332e06ef7f9d50fc45ff74a1a6d7fb78e66f561f607
.exe windows:6 windows x64 arch:x64

1747b64365426e78e4f3a95e20bb3d7c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

shell32

CommandLineToArgvW

kernel32

EncodePointer

msvcp120

?_Winerror_map@std@@YAPEBDH@Z

msvcr120

??_V@YAXPEAX@Z

jasmeshdataset

??1JasMeshDataSetDialog@MeshSet@Jas@@UEAA@XZ

jasphotodataset

??0JasPhotoDataDialog@@QEAA@PEAVQWidget@@@Z

tjh.jas.solutionmanager

?writeSlnFile@JasSolutionManager@Jas@@QEAA_NVQString@@@Z

tjh.jas.core

?instance@JasEnvironment@Jas@@SAPEAV12@XZ

qt5widgets

?mimeData@QListWidget@@MEBAPEAVQMimeData@@V?$QList@PEAVQListWidgetItem@@@@@Z

qt5gui

?addFile@QIcon@@QEAAXAEBVQString@@AEBVQSize@@W4Mode@1@W4State@1@@Z

qt5core

?qRegisterResourceData@@YA_NHPEBE00@Z

Sections

.text
Size: - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.vdata
Size: - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: - Virtual size: 7.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 58KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 7.7MB - Virtual size: 7.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 752B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 72B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1747b64365426e78e4f3a95e20bb3d7c

Headers

DLL Characteristics

File Characteristics

Imports

shell32

kernel32

msvcp120

msvcr120

jasmeshdataset

jasphotodataset

tjh.jas.solutionmanager

tjh.jas.core

qt5widgets

qt5gui

qt5core

Sections

.text Size: - Virtual size: 32KB

.rdata Size: - Virtual size: 100KB

.data Size: - Virtual size: 3KB

.pdata Size: - Virtual size: 1KB

.vdata Size: - Virtual size: 26KB

.text Size: - Virtual size: 7.6MB

.data Size: - Virtual size: 58KB

.text Size: 7.7MB - Virtual size: 7.7MB

.data Size: 1024B - Virtual size: 752B

.reloc Size: 512B - Virtual size: 72B

.rsrc Size: 26KB - Virtual size: 26KB

.text
Size: - Virtual size: 32KB

.rdata
Size: - Virtual size: 100KB

.data
Size: - Virtual size: 3KB

.pdata
Size: - Virtual size: 1KB

.vdata
Size: - Virtual size: 26KB

.text
Size: - Virtual size: 7.6MB

.data
Size: - Virtual size: 58KB

.text
Size: 7.7MB - Virtual size: 7.7MB

.data
Size: 1024B - Virtual size: 752B

.reloc
Size: 512B - Virtual size: 72B

.rsrc
Size: 26KB - Virtual size: 26KB