f9a2c123b22e0b9d6ab2fc1d3b54eb13_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

f9a2c123b22e0b9d6ab2fc1d3b54eb13_JaffaCakes118
Size

2.9MB
MD5

f9a2c123b22e0b9d6ab2fc1d3b54eb13
SHA1

799426f10eea9041f12e85ba438f79f1eb8bc869
SHA256

a998863bd1fcdce93589f3f0ab33073bfc1c9df6016ce01f1e6b3f0d2ece5f8d
SHA512

1cbc5cdf3be6f8d5d3d5b8b949ecc6cad8aa65e8499eb35e79a8f7d1a0835937e1c4bf254a081d9cfbf56418669713a3a2e7a0a9c781ea0d1de6162916003170
SSDEEP

49152:bViwdPHi6ZblY/xSzE+qDs2qq2mL+tHY3IonbcSQKZLx/w32B/ePyIjvZ3GKjpzD:jRHi6XRlqvLFIoh/1/ePDGK9ztSOhX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/SanQiGongChengLueDiFuZhu/攻城掠地三奇V2.0.3.6/三奇攻城掠地辅助.exe

Files

f9a2c123b22e0b9d6ab2fc1d3b54eb13_JaffaCakes118
.rar
SanQiGongChengLueDiFuZhu/使用说明.txt
SanQiGongChengLueDiFuZhu/攻城掠地三奇V2.0.3.6/URLS.json
SanQiGongChengLueDiFuZhu/攻城掠地三奇V2.0.3.6/gameserverlist.txt
SanQiGongChengLueDiFuZhu/攻城掠地三奇V2.0.3.6/三奇攻城掠地辅助.exe
.exe windows:5 windows x86 arch:x86

baa93d47220682c04d92f7797d9224ce

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpy

comctl32

InitCommonControls

Sections

Size: 955KB - Virtual size: 2.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 576KB - Virtual size: 608KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 3.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

jxfxmais
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

nnloermt
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
SanQiGongChengLueDiFuZhu/攻城掠地三奇V2.0.3.6/软件无法登录说明.txt
SanQiGongChengLueDiFuZhu/游迅网.url
.url

Sharing

General

Malware Config

Signatures

Files

baa93d47220682c04d92f7797d9224ce

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

comctl32

Sections

Size: 955KB - Virtual size: 2.3MB

.rsrc Size: 576KB - Virtual size: 608KB

.idata Size: 512B - Virtual size: 4KB

Size: 512B - Virtual size: 3.0MB

jxfxmais Size: 1.6MB - Virtual size: 1.6MB

nnloermt Size: 512B - Virtual size: 4KB

.rsrc
Size: 576KB - Virtual size: 608KB

.idata
Size: 512B - Virtual size: 4KB

jxfxmais
Size: 1.6MB - Virtual size: 1.6MB

nnloermt
Size: 512B - Virtual size: 4KB