0ea73a5b77747dc7bdd3faea71108c84_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0ea73a5b77747dc7bdd3faea71108c84_JaffaCakes118
Size

2.1MB
MD5

0ea73a5b77747dc7bdd3faea71108c84
SHA1

e0264c66180bad2bc706024a8344b125de57e8c1
SHA256

ad20cb4650dcea589f77a6bc3366daf2b7422a98bd55c499461c058b559324d5
SHA512

152cc35cadfe9182f2aedd2931a252eb17cee465cd391c32679054c6a81a827c6851920867d36767b20ec869d5000dcc98ea35fcb4cffbe0f720017b3eba8129
SSDEEP

49152:z22i+64owPsqjnVBPjQYg0UrE7dFvWTa7:rUAhjnVp5bAE7HL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/cfwmdkckh/CF完美多开窗口化-C版.exe

Files

0ea73a5b77747dc7bdd3faea71108c84_JaffaCakes118
.rar
cfwmdkckh/CF完美多开窗口化-C版.exe
.exe windows:4 windows x86 arch:x86

baa93d47220682c04d92f7797d9224ce

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpy

comctl32

InitCommonControls

Sections

Size: 1.3MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 4KB - Virtual size: 1004KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

udonaqsz
Size: 816KB - Virtual size: 816KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

wvslonlx
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
cfwmdkckh/更多软件下载.url
cfwmdkckh/飘荡软件.url
.url