84cb1f9abf89d9a21c7f94c3f6a5a74322a545547372de1210fb005c3731d05cN

Sharing

Copy URL Twitter E-mail

General

Target

84cb1f9abf89d9a21c7f94c3f6a5a74322a545547372de1210fb005c3731d05cN
Size

341KB
MD5

f1e4d42898437eebf8aa15b1b8779500
SHA1

ab5ef513e6bf5f88916230f3673dad81f3ccb0db
SHA256

84cb1f9abf89d9a21c7f94c3f6a5a74322a545547372de1210fb005c3731d05c
SHA512

5d9f1b606b941e963b6a298c4d80eaf9ccbdc47a1258efca6de8832b4518af2734d8860df3bea1ba2baf40bd464cdd5032cd9e5dd00c1b004f7358b22f51a0e3
SSDEEP

6144:4tCkdVjWyoWRjh/VnTBQSY3iQdEh39QiZN:0CkdVjWyoWRjztY3ix97H

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
84cb1f9abf89d9a21c7f94c3f6a5a74322a545547372de1210fb005c3731d05cN

Files

84cb1f9abf89d9a21c7f94c3f6a5a74322a545547372de1210fb005c3731d05cN
.exe windows:4 windows x86 arch:x86

96dc3659d872ba582b678abeb950fe33

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\BUILD_AREA\jdk6_01\control\build\windows-i586\tmp\deploy\plugin\jucheck\obj\jucheck.pdb

Imports

advapi32

RegDeleteKeyA
RegCreateKeyExA
RegDeleteValueA
RegCloseKey
RegOpenKeyExA
RegQueryInfoKeyA
RegEnumKeyExA
RegSetValueExA
RegQueryValueExA
RegEnumKeyA

user32

GetDC
DestroyWindow
FillRect
SetCapture
ReleaseCapture
GetSysColor
DefWindowProcA
MsgWaitForMultipleObjects
IsWindowUnicode
GetMessageW
GetMessageA
TranslateMessage
DispatchMessageW
DispatchMessageA
PeekMessageA
wsprintfA
GetDesktopWindow
GetWindowLongA
SetWindowLongA
SetWindowPos
GetClassNameA
GetParent
CreateAcceleratorTableA
CreateWindowExA
LoadCursorA
GetClassInfoExA
ReleaseDC
SetWindowTextA
GetWindowTextA
GetWindowTextLengthA
RegisterWindowMessageA
DialogBoxIndirectParamA
LoadImageA
PostMessageA
TrackPopupMenu
SetForegroundWindow
InvalidateRect
InvalidateRgn
CallWindowProcA
EndPaint
BeginPaint
SetFocus
GetWindow
IsChild
GetFocus
SendMessageA
IsWindow
GetDlgItem
GetCursorPos
AppendMenuA
CreatePopupMenu
PostQuitMessage
ShowWindow
RegisterClassA
EnableWindow
SetCursor
PtInRect
GetWindowRect
EndDialog
LoadBitmapA
GetDlgCtrlID
SetWindowContextHelpId
MapDialogRect
LoadStringA
MessageBoxA
DestroyAcceleratorTable
RegisterClassExA
RedrawWindow
CharNextA
UnregisterClassA
GetClientRect

gdi32

SetTextColor
SetBkMode
SaveDC
SetGraphicsMode
ModifyWorldTransform
SetViewportOrgEx
SetWindowOrgEx
DPtoLP
CreateFontIndirectA
RestoreDC
CreateSolidBrush
GetStockObject
GetObjectA
GetDeviceCaps
BitBlt
CreateCompatibleDC
CreateCompatibleBitmap
DeleteDC
SelectObject
DeleteObject
StretchBlt

comctl32

ord17

wintrust

WinVerifyTrust

wininet

HttpAddRequestHeadersA
InternetTimeFromSystemTime
InternetErrorDlg
InternetTimeToSystemTime
InternetReadFile
InternetGetConnectedState
InternetOpenA
InternetCrackUrlA
InternetConnectA
HttpOpenRequestA
HttpSendRequestA
HttpQueryInfoA
InternetCloseHandle

urlmon

URLDownloadToFileA

shell32

Shell_NotifyIconA
ShellExecuteA

kernel32

GetTempPathA
LockResource
GlobalHandle
GlobalFree
SetLastError
GlobalLock
GlobalUnlock
MulDiv
GetCurrentThreadId
CreateProcessA
GetExitCodeProcess
CreateFileA
GetFileSize
GetFileTime
FileTimeToSystemTime
Sleep
SystemTimeToFileTime
CompareFileTime
QueryPerformanceCounter
SetEndOfFile
WaitForSingleObject
WriteFile
HeapAlloc
FormatMessageA
HeapFree
GetCurrentProcess
FlushInstructionCache
LeaveCriticalSection
EnterCriticalSection
GlobalAlloc
lstrcmpA
lstrcpyA
lstrcatA
IsDBCSLeadByte
lstrcpynA
LoadLibraryExA
FindResourceA
LoadResource
SizeofResource
FreeLibrary
WideCharToMultiByte
GetModuleFileNameA
lstrlenA
MultiByteToWideChar
GetModuleHandleA
lstrlenW
InterlockedDecrement
InterlockedIncrement
DeleteFileA
SetEvent
WaitForMultipleObjects
ResetEvent
CreateThread
CreateEventA
GetSystemTime
GetProcAddress
LoadLibraryA
GetSystemInfo
GetEnvironmentVariableA
LocalFree
SystemTimeToTzSpecificLocalTime
GetTickCount
GetCurrentProcessId
ReadFile
SetHandleInformation
CreatePipe
GetStartupInfoA
GetProcessHeap
ExitProcess
GetSystemTimeAsFileTime
SetFilePointer
GetCommandLineA
lstrcmpiA
CreateMutexA
GetLastError
CloseHandle
DeleteCriticalSection
InitializeCriticalSection
RaiseException
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange

ole32

CoUninitialize
CoInitialize
CoCreateInstance
CoTaskMemFree
CoTaskMemAlloc
CoTaskMemRealloc
CoInitializeSecurity
StringFromGUID2
OleLockRunning
CreateStreamOnHGlobal
CoGetClassObject
CLSIDFromProgID
CLSIDFromString
OleInitialize
StringFromCLSID
OleUninitialize

oleaut32

OleCreateFontIndirect
VarUI4FromStr
LoadTypeLi
LoadRegTypeLi
VariantInit
VariantClear
SysFreeString
SysStringByteLen
SysStringLen
SysAllocString
SysAllocStringLen

msvcr71

_strdup
_stricmp
_strcmpi
srand
strncat
strncpy
time
localtime
asctime
sscanf
_controlfp
__security_error_handler
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_amsg_exit
_purecall
_splitpath
??2@YAPAXI@Z
strstr
sprintf
_CxxThrowException
realloc
??_U@YAPAXI@Z
_resetstkoflw
malloc
strncmp
__CxxFrameHandler
??_V@YAXPAX@Z
??3@YAXPAX@Z
free
_except_handler3
rand
strrchr
isspace
iswspace
memset
?terminate@@YAXXZ
__dllonexit
_onexit
??1type_info@@UAE@XZ
_c_exit
_exit
_XcptFilter
_ismbblead
_cexit
exit
_acmdln
strtol

Sections

.text
Size: 72KB - Virtual size: 69KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 24KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 156KB - Virtual size: 155KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.krdata
Size: 76KB - Virtual size: 76KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

96dc3659d872ba582b678abeb950fe33

Headers

File Characteristics

PDB Paths

Imports

advapi32

user32

gdi32

comctl32

wintrust

wininet

urlmon

shell32

kernel32

ole32

oleaut32

msvcr71

Sections

.text Size: 72KB - Virtual size: 69KB

.rdata Size: 24KB - Virtual size: 21KB

.data Size: 4KB - Virtual size: 2KB

.rsrc Size: 156KB - Virtual size: 155KB

.krdata Size: 76KB - Virtual size: 76KB

.text
Size: 72KB - Virtual size: 69KB

.rdata
Size: 24KB - Virtual size: 21KB

.data
Size: 4KB - Virtual size: 2KB

.rsrc
Size: 156KB - Virtual size: 155KB

.krdata
Size: 76KB - Virtual size: 76KB