409a4004b9d52e7de8ab26e26a78588b005c445bb93c9bc097192e94eb16d57aN

Sharing

Copy URL Twitter E-mail

General

Target

409a4004b9d52e7de8ab26e26a78588b005c445bb93c9bc097192e94eb16d57aN
Size

38KB
MD5

b47fe911f8db25269f033d17863e0c20
SHA1

ddf2e8a8a847e822a7aeb22f8d371737ba46609e
SHA256

409a4004b9d52e7de8ab26e26a78588b005c445bb93c9bc097192e94eb16d57a
SHA512

fbcfc8e8cffd2769bff2f381b83c5811e9237c2ad8aa2fdd09fd29d84ac12dbeb877fb1e06fa4844c3c101e33a270664fa0463bdf02ea0c79897e4870496cf86
SSDEEP

768:fYrWb20M5R2TyJ5R3s8D/bkt5Ruz3Vb3jR5:wOM5RdJ5R3sozkt5RA3jR5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
409a4004b9d52e7de8ab26e26a78588b005c445bb93c9bc097192e94eb16d57aN

Files

409a4004b9d52e7de8ab26e26a78588b005c445bb93c9bc097192e94eb16d57aN
.exe windows:6 windows x64 arch:x64

f0acd33d6cc790c4a15943c04a212fd4

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

javaw.pdb

Imports

jli

JLI_MemAlloc
JLI_GetStdArgc
JLI_GetStdArgs
JLI_Launch
JLI_CmdToArgs
JLI_InitArgProcessing

kernel32

InitializeSListHead
UnhandledExceptionFilter
IsDebuggerPresent
GetModuleHandleW
IsProcessorFeaturePresent
GetStartupInfoW
RtlVirtualUnwind
GetCommandLineA
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
RtlLookupFunctionEntry
RtlCaptureContext
SetUnhandledExceptionFilter

vcruntime140

__C_specific_handler
memset

api-ms-win-crt-stdio-l1-1-0

__p__commode
__acrt_iob_func
__stdio_common_vfprintf
_set_fmode

api-ms-win-crt-runtime-l1-1-0

__p___argv
_seh_filter_exe
_set_app_type
_crt_atexit
__p___argc
terminate
_initialize_narrow_environment
_get_narrow_winmain_command_line
_initterm
_initterm_e
exit
_exit
_cexit
_register_onexit_function
_c_exit
_register_thread_local_exe_atexit_callback
_configure_narrow_argv
_initialize_onexit_table

api-ms-win-crt-environment-l1-1-0

getenv
__p__environ

api-ms-win-crt-math-l1-1-0

__setusermatherr

api-ms-win-crt-locale-l1-1-0

_configthreadlocale

api-ms-win-crt-heap-l1-1-0

_set_new_mode

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 224B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 512B - Virtual size: 324B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 40B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f0acd33d6cc790c4a15943c04a212fd4

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

jli

kernel32

vcruntime140

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-environment-l1-1-0

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-locale-l1-1-0

api-ms-win-crt-heap-l1-1-0

Sections

.text Size: 3KB - Virtual size: 3KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 512B - Virtual size: 224B

.pdata Size: 512B - Virtual size: 324B

.rsrc Size: 28KB - Virtual size: 27KB

.reloc Size: 512B - Virtual size: 40B

.text
Size: 3KB - Virtual size: 3KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 512B - Virtual size: 224B

.pdata
Size: 512B - Virtual size: 324B

.rsrc
Size: 28KB - Virtual size: 27KB

.reloc
Size: 512B - Virtual size: 40B