309eaeef7297d4c1a6dc38a017898715_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

309eaeef7297d4c1a6dc38a017898715_JaffaCakes118
Size

1.6MB
MD5

309eaeef7297d4c1a6dc38a017898715
SHA1

740f999bc28373234a593283db3a288ab3940bf6
SHA256

fad00854b061ae30477e3871cbe1b58dea4712091fbeec1b2a9aa7cb3e30f3b6
SHA512

ef02e5027b23b19134aa6b30f12b8c19e8ae9da862d809b4a7fe417c2420f08b2bddbce41427eb100e42645d172eb60acd45e8df74e3eef05eb805538005d289
SSDEEP

49152:xbgZxwqtcYlQTiUn0qj5I+Ixr+rIvRcjMSc:xkZxqTiW0qFI+wirI0MSc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/巅峰阁批量卡iphone 2.1/巅峰阁批量卡iphone2.1.exe

Files

309eaeef7297d4c1a6dc38a017898715_JaffaCakes118
.rar
巅峰阁批量卡iphone 2.1/使用说明.txt
巅峰阁批量卡iphone 2.1/巅峰阁批量卡iphone2.1.exe
.exe windows:4 windows x86 arch:x86

baa93d47220682c04d92f7797d9224ce

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpy

comctl32

InitCommonControls

Sections

Size: 716KB - Virtual size: 2.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 36KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

bcvagzuc
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

crwcjqex
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
巅峰阁批量卡iphone 2.1/绿软基地.url
.url