27c6772f7483d30c15f972569940b839_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

27c6772f7483d30c15f972569940b839_JaffaCakes118
Size

1.7MB
MD5

27c6772f7483d30c15f972569940b839
SHA1

9aee9ea0834d6b22f4bf2605eb541f93f3106b70
SHA256

8a94837a022ee03498dd5ba97d5f9eddc61f03f9054be148e13c75d29ede6b7c
SHA512

f44a628952f2abdf870d96adf7b170fece34ca8cc8beceb50ea1b81e4f9c262e514ea919a466419e8a10961bb7095367c3d6ef16e5dd20830ef641a7bf5c8a87
SSDEEP

49152:WbCK0M7Qgmbp8o1beIvoonYoziQUY7j3pO:WbCK0M7UvKjIY5Y70

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/uuddosmf/幽幽免费版.exe

Files

27c6772f7483d30c15f972569940b839_JaffaCakes118
.rar
uuddosmf/QQWry.Dat
uuddosmf/幽幽免费版.exe
.exe windows:4 windows x86 arch:x86

baa93d47220682c04d92f7797d9224ce

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpy

comctl32

InitCommonControls

Sections

Size: 656KB - Virtual size: 736KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 292KB - Virtual size: 364KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 4KB - Virtual size: 668KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

olbeuhqe
Size: 584KB - Virtual size: 584KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

njkbqhjo
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
uuddosmf/绿色先锋首页_greenxf.com.url
.url
uuddosmf/软件使用说明greenxf.com.txt
uuddosmf/软件更新.url.url
.url