2704bc56aba8442c18ef94e41acc3917_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2704bc56aba8442c18ef94e41acc3917_JaffaCakes118
Size

4.5MB
MD5

2704bc56aba8442c18ef94e41acc3917
SHA1

6dbbb0e8b2b3c43a2e68f72a6714a9f5ab9e805f
SHA256

a5bbee88e41f933f1fe53a23bad899ff1e939e744ccc9c04e159018ecfe84397
SHA512

11ac940703257218b42ae1c8f3dcd26251418012be0dd72d4b461fd20e7b6698f6b2bbd60d67537c407cd0f2c0d36ff203dd56b858e8cb14496480682d30ce63
SSDEEP

98304:5lX1FiT5s2BnUdVr/wmGECSODoxkYcnDaHov7Yr+OjLCxeUSUCVCnAW:1gT55NUb0zSUoHW4CxeUsCnAW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/金盾2014提取工具/金盾2014提取工具.exe

Files

2704bc56aba8442c18ef94e41acc3917_JaffaCakes118
.zip
密视频播放不正常时打开我.txt
金盾2014提取工具/密视频播放不正常时打开我.txt
金盾2014提取工具/金盾2014提取工具.exe
.exe windows:5 windows x86 arch:x86

65c6d34721f6c1d421e4c791ec63bba2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LockFile

user32

SetClipboardData

gdi32

DeleteObject

winmm

midiStreamRestart

winspool.drv

ClosePrinter

advapi32

RegCloseKey

shell32

ShellExecuteA

ole32

ReleaseStgMedium

oleaut32

UnRegisterTypeLi

comctl32

ImageList_Destroy

ws2_32

recvfrom

wldap32

ord29

comdlg32

GetFileTitleA

msvcrt

strncpy

iphlpapi

GetInterfaceInfo

psapi

GetMappedFileNameW

Sections

.text
Size: 432KB - Virtual size: 896KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vmp1
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 72KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vmp1
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
金盾2014提取演示/密视频播放不正常时打开我.txt
金盾2014提取演示/金盾2014提取演示.wmv
金盾2014提取（非快速开启模式）/2014.htm
金盾2014提取（非快速开启模式）/2014.swf
金盾2014提取（非快速开启模式）/密视频播放不正常时打开我.txt

Sharing

General

Malware Config

Signatures

Files

65c6d34721f6c1d421e4c791ec63bba2

Headers

File Characteristics

Imports

kernel32

user32

gdi32

winmm

winspool.drv

advapi32

shell32

ole32

oleaut32

comctl32

ws2_32

wldap32

comdlg32

msvcrt

iphlpapi

psapi

Sections

.text Size: 432KB - Virtual size: 896KB

.vmp1 Size: 1.1MB - Virtual size: 1.1MB

.idata Size: 4KB - Virtual size: 4KB

.rsrc Size: 72KB - Virtual size: 72KB

.vmp1 Size: 4KB - Virtual size: 4KB

.text
Size: 432KB - Virtual size: 896KB

.vmp1
Size: 1.1MB - Virtual size: 1.1MB

.idata
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 72KB - Virtual size: 72KB

.vmp1
Size: 4KB - Virtual size: 4KB