40c49fc88ec0f4d7745468557b7f9f61c4a3684fbdfbdaa866bffd5b31ec87fe

Sharing

Copy URL

Twitter E-mail

General

Target

40c49fc88ec0f4d7745468557b7f9f61c4a3684fbdfbdaa866bffd5b31ec87fe
Size

308KB
MD5

7b0318c797962a562c437680d710dea1
SHA1

3db025aab7174cbaaa2f5813a4cd787a47add913
SHA256

40c49fc88ec0f4d7745468557b7f9f61c4a3684fbdfbdaa866bffd5b31ec87fe
SHA512

8dff09dd793f221c9c284d2dec3d08e2adea3d7a323af1070ea771ce96f2cbfe67f6bf9b46050bf6f5a8c861b30c4b1289a1df0524a6d207d36d71747205e1b8
SSDEEP

6144:jOdT1aoOOIT9WhWgVi9uX9GmYaZ9jg7yFWmjuXppGyMNNxyXn8OglGUgt8ovcW:jOdBanxJgY9C9EyFWmjiHGjNNSMlGIW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
40c49fc88ec0f4d7745468557b7f9f61c4a3684fbdfbdaa866bffd5b31ec87fe

Files

40c49fc88ec0f4d7745468557b7f9f61c4a3684fbdfbdaa866bffd5b31ec87fe
.exe windows:5 windows x86 arch:x86

d3560dab5c2a3381249604eb9ad1bd97

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\re\jdk7u79\2331\build\windows-i586\tmp\jp2launcher\obj\jp2launcher.pdb

Imports

msvcr100

_exit
_XcptFilter
_ismbblead
_acmdln
_initterm
_initterm_e
_configthreadlocale
__setusermatherr
_commode
_fmode
_cexit
_crt_debugger_hook
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_except_handler4_common
_unlock
__dllonexit
_lock
_onexit
_invoke_watson
_controlfp_s
malloc
__getmainargs
_amsg_exit
?terminate@@YAXXZ
fopen
fgets
strtok
fclose
fseek
strstr
getenv
_vsnprintf_s
_ftime64_s
strftime
_snprintf_s
_localtime64
_wstat64i32
strcat_s
memcpy_s
_splitpath_s
strcpy_s
atoi
sprintf_s
??_V@YAXPAX@Z
_vsnprintf
_mbsnbicmp
_mbsrchr
free
_access
__iob_func
fprintf
fflush
memcpy
__argc
__argv
sscanf
exit
_putenv
__CxxFrameHandler3
sprintf
memmove
??0exception@std@@QAE@ABV01@@Z
_CxxThrowException
??2@YAPAXI@Z
printf
_stat64i32
_snprintf
??_U@YAPAXI@Z
_time64
??3@YAXPAX@Z
??1exception@std@@UAE@XZ
?what@exception@std@@UBEPBDXZ
??0exception@std@@QAE@ABQBD@Z
_mbsstr
_mbsnbcpy_s
_mbschr
strrchr
memset
calloc
_strdup
_mbsnbcmp
_mbsicmp
__set_app_type
_mbscmp

user32

wsprintfA

ole32

CoTaskMemFree
StringFromCLSID

oleaut32

VariantClear
SysAllocStringByteLen
SysStringLen
SysAllocString
SysFreeString

kernel32

RaiseException
lstrcpynA
WideCharToMultiByte
lstrcmpiA
GetSystemWindowsDirectoryA
GetFileAttributesA
GetCurrentThreadId
OutputDebugStringA
InterlockedDecrement
GetShortPathNameA
FormatMessageA
LocalAlloc
lstrlenA
CreateProcessA
CreateFileA
GetNativeSystemInfo
GetCurrentProcess
VerSetConditionMask
VerifyVersionInfoA
GlobalMemoryStatusEx
InterlockedIncrement
GetModuleHandleA
Process32First
GetCurrentProcessId
Process32Next
CreateEventA
SetEvent
OpenProcess
CreateToolhelp32Snapshot
Sleep
Module32First
GetLongPathNameA
CloseHandle
GetSystemDirectoryA
GetLastError
LocalFree
GetVersionExA
GetProcAddress
LoadLibraryA
FreeLibrary
WaitForSingleObject
GetEnvironmentVariableA
lstrcpyA
GetWindowsDirectoryA
FindFirstFileA
GetModuleFileNameA
FindClose
InterlockedCompareExchange
HeapSetInformation
GetStartupInfoW
EncodePointer
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
DecodePointer
QueryPerformanceCounter
GetTickCount
GetSystemTimeAsFileTime
MultiByteToWideChar
InterlockedExchange

Sections

.text
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 244KB - Virtual size: 404KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d3560dab5c2a3381249604eb9ad1bd97

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

msvcr100

user32

ole32

oleaut32

kernel32

Sections

.text Size: 40KB - Virtual size: 39KB

.rdata Size: 16KB - Virtual size: 15KB

.data Size: 4KB - Virtual size: 11KB

.rsrc Size: 2KB - Virtual size: 2KB

.reloc Size: 244KB - Virtual size: 404KB

.text
Size: 40KB - Virtual size: 39KB

.rdata
Size: 16KB - Virtual size: 15KB

.data
Size: 4KB - Virtual size: 11KB

.rsrc
Size: 2KB - Virtual size: 2KB

.reloc
Size: 244KB - Virtual size: 404KB