220d4bb5dba5ae2aeedb0493c8149c6a_JaffaCakes118 | Triage

Sharing

General

Target

220d4bb5dba5ae2aeedb0493c8149c6a_JaffaCakes118
Size

2.2MB
MD5

220d4bb5dba5ae2aeedb0493c8149c6a
SHA1

6347fa6767f556f4448608f516be307b6618b56d
SHA256

1d1d0b448b4792b6984d780731dd2b3a9e1194c70c0464e2a845e6169bfd8055
SHA512

8212e8415f1cbdbe0ffc35a82819901d4f067b68ab37951ce53a72160e6bface173609022a096cbef927334f5113623f342159fe9a4324ab642a7f1d7871a6fa
SSDEEP

49152:7U/G4EDCba21Xl3Fs85MR2RuqrO3n0sihJDZZ0rZa5:7UiudPvMR2kqi3nE39Z0r6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/傲世九重天阿布辅助v2.8/傲世九重天阿布辅助.exe

Files

220d4bb5dba5ae2aeedb0493c8149c6a_JaffaCakes118
.rar
使用说明.url
傲世九重天阿布辅助v2.8/as.jpg
.jpg
傲世九重天阿布辅助v2.8/傲世九重天阿布辅助.exe
.exe windows:4 windows x86 arch:x86

baa93d47220682c04d92f7797d9224ce

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpy

comctl32

InitCommonControls

Sections

Size: 612KB - Virtual size: 1.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 44KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 4KB - Virtual size: 1012KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

bosqprqw
Size: 848KB - Virtual size: 848KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

yleaddbq
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
傲世九重天阿布辅助v2.8/报毒如何处理.txt
傲世九重天阿布辅助v2.8/辅助使用说明.txt
极速软件下载.url
.url