27139e7848a72a7f4fa40334849ae438_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

27139e7848a72a7f4fa40334849ae438_JaffaCakes118
Size

2.4MB
MD5

27139e7848a72a7f4fa40334849ae438
SHA1

ee1f82962b07432a051825c83ca1240d71d2987c
SHA256

3e0b695df0df6caa06d32ed02f4f9d4582a55f31b9f4d77879bf15bb1ffecd75
SHA512

f9b1dd98291bdd9f9c98c1e949489be5d873727b8a89ae4cbc01ada605e0dc49fa70403c4393e61295da688dfa8836ef21acfefb27f361173ac5a26f688adaa0
SSDEEP

49152:Eki3zvGRtPWtNgrriHHIn8e5hBSyOTFOIZqt1fxPycxqQpJpmoDDQMKHZ:EzuPyN58H5ht8hkfxPZx7pbTDDQMK5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/115VIP帐号获取器V1.21.exe

Files

27139e7848a72a7f4fa40334849ae438_JaffaCakes118
.rar
115VIP帐号获取器V1.21.exe
.exe windows:4 windows x86 arch:x86

ee0ca276df38e490c5b1b9664085632b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

EmptyClipboard
CharUpperA

gdi32

GetClipBox
ExtSelectClipRgn

kernel32

GetCPInfo
VirtualAlloc

ole32

StringFromGUID2

gdiplus

GdipCreateFromHDC

imm32

ImmGetContext

shell32

ShellExecuteA
Shell_NotifyIconA

winspool.drv

DocumentPropertiesA
DocumentPropertiesA

advapi32

RegCreateKeyExA
RegCloseKey

comctl32

ord17
ord17

shlwapi

PathFileExistsA

winmm

PlaySoundA
waveOutPause

ws2_32

ioctlsocket

rasapi32

RasGetConnectStatusA

oleaut32

SafeArrayGetUBound

oledlg

ord8

wininet

InternetCanonicalizeUrlA

comdlg32

GetFileTitleA

msvcrt

strncpy

iphlpapi

GetInterfaceInfo

psapi

GetMappedFileNameW

Sections

.text
Size: 1.6MB - Virtual size: 4.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sedata
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sedata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
使用必读.url
使用说明.txt
最新版免费下载-百度搜【闪电软件园】.url
软件官网--闪电软件园.url
.url

Sharing

General

Malware Config

Signatures

Files

ee0ca276df38e490c5b1b9664085632b

Headers

File Characteristics

Imports

user32

gdi32

kernel32

ole32

gdiplus

imm32

shell32

winspool.drv

advapi32

comctl32

shlwapi

winmm

ws2_32

rasapi32

oleaut32

oledlg

wininet

comdlg32

msvcrt

iphlpapi

psapi

Sections

.text Size: 1.6MB - Virtual size: 4.1MB

.sedata Size: 1.1MB - Virtual size: 1.1MB

.idata Size: 4KB - Virtual size: 4KB

.rsrc Size: 24KB - Virtual size: 24KB

.sedata Size: 4KB - Virtual size: 4KB

.text
Size: 1.6MB - Virtual size: 4.1MB

.sedata
Size: 1.1MB - Virtual size: 1.1MB

.idata
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 24KB - Virtual size: 24KB

.sedata
Size: 4KB - Virtual size: 4KB