43be72ce5c5e70246a704f0c14402b64_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

43be72ce5c5e70246a704f0c14402b64_JaffaCakes118
Size

2.3MB
MD5

43be72ce5c5e70246a704f0c14402b64
SHA1

23e31a02890d4e5d31ae947d0efbcdf660d59c18
SHA256

78b94623113497f90e909bfa796cca828815fbd57d7b8d85149dc7f465a9510e
SHA512

82b1e6cd35371cc96dc0a5c0c3374d92b82a0c5fdc738e00363a22e35b81a9f80530ee008614cfc5e28e038f26fffcf9959a14fb426ee7fdc9cd4c9739016ef3
SSDEEP

49152:Kx9i+sGx5yWgbsq54URf5f4h9AXBVuH54WZHLaZOGHQdd:E5yWcsq54UF5f44RVuH5NHTGo

Score

3^/10

Malware Config

Signatures

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack001/彩虹岛小草4 10 22/ChdXC.exe
unpack001/彩虹岛小草4 10 22/HookXC.dll

Files

43be72ce5c5e70246a704f0c14402b64_JaffaCakes118
.rar
彩虹岛小草4 10 22/ChdXC.exe
.exe windows:4 windows x86 arch:x86

baa93d47220682c04d92f7797d9224ce

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpy

comctl32

InitCommonControls

Sections

Size: 612KB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 4KB - Virtual size: 784KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

mehgmfyr
Size: 592KB - Virtual size: 592KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

lfeiwjkm
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
彩虹岛小草4 10 22/ChdXC.txt
彩虹岛小草4 10 22/HookXC.dll
.dll windows:4 windows x86 arch:x86

baa93d47220682c04d92f7797d9224ce

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

lstrcpy

comctl32

InitCommonControls

Exports

Exports

DLLCALL
Dydll

Sections

Size: 500KB - Virtual size: 1.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 4KB - Virtual size: 988KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

tfotxfdm
Size: 572KB - Virtual size: 572KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

kcmlhbyp
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
彩虹岛小草4 10 22/Script/new 太空农场1全图回控制1/太空农场 1.txt
彩虹岛小草4 10 22/Script/new 太空农场1全图回控制1/控制室 1.txt
彩虹岛小草4 10 22/Script/new 宇宙空间站5中下图循环回控制1/宇宙空间站5.txt
彩虹岛小草4 10 22/Script/new 宇宙空间站5中下图循环回控制1/控制室 1.txt
彩虹岛小草4 10 22/Script/new 痛苦海岸2全图回封印塔/封印之塔入口.txt
彩虹岛小草4 10 22/Script/new 痛苦海岸2全图回封印塔/痛苦海岸 2.txt
彩虹岛小草4 10 22/Script/new 痛苦海岸2全图回封印塔/痛苦海岸 3.txt
彩虹岛小草4 10 22/Script/其他脚本/110fuben .txt
彩虹岛小草4 10 22/Script/其他脚本/人鱼中间 .txt
彩虹岛小草4 10 22/Script/其他脚本/人鱼全图.txt
彩虹岛小草4 10 22/Script/其他脚本/农场1 上.txt
彩虹岛小草4 10 22/Script/其他脚本/太空塔上.txt
彩虹岛小草4 10 22/Script/其他脚本/宇宙空间站5.txt
彩虹岛小草4 10 22/Script/其他脚本/宝库洞穴2.txt
彩虹岛小草4 10 22/Script/其他脚本/富饶的矿场(静音).txt
彩虹岛小草4 10 22/Script/其他脚本/富饶的矿场.txt
彩虹岛小草4 10 22/Script/其他脚本/富饶矿场挖矿.txt
彩虹岛小草4 10 22/Script/其他脚本/怪物大厦 130F.txt
彩虹岛小草4 10 22/Script/其他脚本/控制室 3.txt
彩虹岛小草4 10 22/Script/其他脚本/机甲山脉(出口) 2.txt
彩虹岛小草4 10 22/Script/其他脚本/深渊的遗址 7.txt
彩虹岛小草4 10 22/Script/其他脚本/深渊的遗址 8.txt
彩虹岛小草4 10 22/Script/其他脚本/焰室.txt
彩虹岛小草4 10 22/Script/其他脚本/猫头鹰之城 5.txt
彩虹岛小草4 10 22/Script/其他脚本/猫头鹰之城 6.txt
彩虹岛小草4 10 22/Script/其他脚本/猫头鹰之城 8.txt
彩虹岛小草4 10 22/Script/其他脚本/神童大厦制造.txt
彩虹岛小草4 10 22/Script/其他脚本/空间研究所 3.txt
彩虹岛小草4 10 22/Script/其他脚本/竞速-加速.txt
彩虹岛小草4 10 22/Script/其他脚本/竟速.txt
彩虹岛小草4 10 22/Script/其他脚本/章鱼8.txt
彩虹岛小草4 10 22/Script/其他脚本/章鱼BOSS.txt
彩虹岛小草4 10 22/Script/其他脚本/章鱼神殿.txt
彩虹岛小草4 10 22/Script/其他脚本/艾尔平原北部 4.txt
彩虹岛小草4 10 22/Script/其他脚本/迷3左.txt
彩虹岛小草4 10 22/Script/其他脚本/迷之樱树湖3.txt
彩虹岛小草4 10 22/Script/其他脚本/迷之樱树湖4.txt
彩虹岛小草4 10 22/Script/其他脚本/高级斗兽脚本.txt
彩虹岛小草4 10 22/Script/副职任务大全集/01暴乱的克博特见习骑士.txt
彩虹岛小草4 10 22/Script/副职任务大全集/02暴乱的克博特近卫队.txt
彩虹岛小草4 10 22/Script/副职任务大全集/03暴乱的克博特见习枪手.txt
彩虹岛小草4 10 22/Script/副职任务大全集/04暴乱的克博特火枪手.txt
彩虹岛小草4 10 22/Script/副职任务大全集/05堕落的帝国波比.txt
彩虹岛小草4 10 22/Script/副职任务大全集/06堕落的帝国精锐兵.txt
彩虹岛小草4 10 22/Script/副职任务大全集/07堕落的帝国精锐兵长.txt
彩虹岛小草4 10 22/Script/副职任务大全集/08小绵羊.txt
彩虹岛小草4 10 22/Script/副职任务大全集/09小黑羊.txt
彩虹岛小草4 10 22/Script/副职任务大全集/10奥比精灵.txt
彩虹岛小草4 10 22/Script/副职任务大全集/11豆豆兵士.txt
彩虹岛小草4 10 22/Script/副职任务大全集/12豆豆骑士.txt
彩虹岛小草4 10 22/Script/副职任务大全集/13豆豆弓箭手.txt
彩虹岛小草4 10 22/Script/副职任务大全集/14飞蛋战士.txt
彩虹岛小草4 10 22/Script/副职任务大全集/15飞蛋法师.txt
彩虹岛小草4 10 22/Script/副职任务大全集/16飞蛋火枪手.txt
彩虹岛小草4 10 22/Script/副职任务大全集/17克博特见习骑士.txt
彩虹岛小草4 10 22/Script/副职任务大全集/18克博特近卫队.txt
彩虹岛小草4 10 22/Script/副职任务大全集/19克博特火枪手.txt
彩虹岛小草4 10 22/Script/副职任务大全集/20帝国波比.txt
彩虹岛小草4 10 22/Script/副职任务大全集/21帝国精锐兵.txt
彩虹岛小草4 10 22/Script/副职任务大全集/22帝国精锐兵长.txt
彩虹岛小草4 10 22/Script/副职任务大全集/23堕落的帝国游击骑士..txt
彩虹岛小草4 10 22/Script/北1234/艾尔北部上全 1.txt
彩虹岛小草4 10 22/Script/北1234/艾尔平原北部 2.txt
彩虹岛小草4 10 22/Script/北1234/艾尔平原北部 3.txt
彩虹岛小草4 10 22/Script/北1234/艾尔平原北部 4.txt
彩虹岛小草4 10 22/Script/大厦/休息厅.txt
彩虹岛小草4 10 22/Script/大厦/大厦.txt
彩虹岛小草4 10 22/Script/大厦/奖励厅 1号房.txt
彩虹岛小草4 10 22/Script/大厦/怪物大厦 121F.txt
彩虹岛小草4 10 22/Script/大厦/怪物大厦 122F.txt
彩虹岛小草4 10 22/Script/大厦/怪物大厦 123F.txt
彩虹岛小草4 10 22/Script/大厦/怪物大厦 124F.txt
彩虹岛小草4 10 22/Script/大厦/怪物大厦 125F.txt
彩虹岛小草4 10 22/Script/大厦/怪物大厦 126F.txt
彩虹岛小草4 10 22/Script/大厦/怪物大厦 127F.txt
彩虹岛小草4 10 22/Script/大厦/怪物大厦 128F.txt
彩虹岛小草4 10 22/Script/大厦/怪物大厦 129F.txt
彩虹岛小草4 10 22/Script/大厦/怪物大厦 130F.txt
彩虹岛小草4 10 22/Script/大厦/怪物大厦大厅.txt
彩虹岛小草4 10 22/Script/收费地图/★ 宝库洞穴2.txt
彩虹岛小草4 10 22/Script/斗兽场/斗兽场中级级。.txt
彩虹岛小草4 10 22/Script/斗兽场/斗兽场低级.txt
彩虹岛小草4 10 22/Script/斗兽场/斗兽场入口.txt
彩虹岛小草4 10 22/Script/斗兽场/斗兽场高级。.txt
彩虹岛小草4 10 22/Script/狮身人副本/封印的女王室.txt
彩虹岛小草4 10 22/Script/狮身人副本/狮身人面像房间.txt
彩虹岛小草4 10 22/Script/狮身人副本/金字塔悬室 1.txt
彩虹岛小草4 10 22/Script/狮身人副本/金字塔悬室 2.txt
彩虹岛小草4 10 22/Script/狮身人副本/金字塔悬室 3.txt
彩虹岛小草4 10 22/Script/狮身人副本/金字塔悬室 4.txt
彩虹岛小草4 10 22/Script/稀有脚本/(催山)-山岳地带2.txt
彩虹岛小草4 10 22/Script/稀有脚本/(可怕)-阴森住宅6.txt
彩虹岛小草4 10 22/Script/稀有脚本/(可爱)-山岳地带3.txt
彩虹岛小草4 10 22/Script/稀有脚本/(巫女)克杜卡的心脏.txt
彩虹岛小草4 10 22/Script/稀有脚本/(忍者飞刀)黑月城监狱.txt
彩虹岛小草4 10 22/Script/稀有脚本/(樱花)-樱花湖7.txt
彩虹岛小草4 10 22/Script/稀有脚本/(武器)-深渊8.txt
彩虹岛小草4 10 22/Script/稀有脚本/(爱弓)-沙漠地带8.txt
彩虹岛小草4 10 22/Script/稀有脚本/(狼矛)-古丛林内部.txt
彩虹岛小草4 10 22/Script/稀有脚本/(绿龙)-克杜卡遗址3正式.txt
彩虹岛小草4 10 22/Script/稀有脚本/(芭比)-丛林地带5.txt
彩虹岛小草4 10 22/Script/稀有脚本/(花杖)-黑暗丛林6.txt
彩虹岛小草4 10 22/Script/稀有脚本/(虎戒)-啊尔卡帝亚5.txt
彩虹岛小草4 10 22/Script/稀有脚本/(蝙蝠)-地下洞穴.txt
彩虹岛小草4 10 22/Script/稀有脚本/(雪女)-尖叫雪地1、2层.txt
彩虹岛小草4 10 22/Script/稀有脚本/(雪弓)-尖叫雪地.txt
彩虹岛小草4 10 22/Script/稀有脚本/(骑士)-春植通道5.txt
彩虹岛小草4 10 22/Script/稀有脚本/(黄甲)-普鲁顿神殿2层.txt
彩虹岛小草4 10 22/Script/稀有脚本/(黄甲)-普鲁顿神殿4层.txt
彩虹岛小草4 10 22/Script/稀有脚本/(龙猫)-啊尔卡帝亚2.txt
彩虹岛小草4 10 22/Script/稀有脚本/巨大手枪.txt
彩虹岛小草4 10 22/Script/空间站/太空农场 1.txt
彩虹岛小草4 10 22/Script/空间站/太空农场 2.txt
彩虹岛小草4 10 22/Script/空间站/太空农场 3.txt
彩虹岛小草4 10 22/Script/空间站/宇宙空间站1.txt
彩虹岛小草4 10 22/Script/空间站/宇宙空间站5.txt
彩虹岛小草4 10 22/Script/空间站/比弗罗斯特.txt
彩虹岛小草4 10 22/Script/空间站/空间研究所 1.txt
彩虹岛小草4 10 22/Script/空间站/空间研究所 2.txt
彩虹岛小草4 10 22/Script/空间站/空间研究所 3.txt
彩虹岛小草4 10 22/Script/空间站/空间研究所 4.txt
彩虹岛小草4 10 22/Script/脚本 by 御用闲猪/摧山.txt
彩虹岛小草4 10 22/Script/脚本 by 御用闲猪/深渊5.txt
彩虹岛小草4 10 22/Script/脚本 by 御用闲猪/深渊6.txt
彩虹岛小草4 10 22/Script/脚本 by 御用闲猪/深渊7.txt
彩虹岛小草4 10 22/Script/脚本 by 御用闲猪/深渊8.txt
彩虹岛小草4 10 22/Script/脚本 by 御用闲猪/爱弓.txt
彩虹岛小草4 10 22/Script/脚本 by 御用闲猪/狼矛枪.txt
彩虹岛小草4 10 22/Script/脚本 by 御用闲猪/虎戒&桃盾.txt
彩虹岛小草4 10 22/Script/脚本 by 御用闲猪/雪女.txt
彩虹岛小草4 10 22/Script/脚本 by 御用闲猪/黄甲.txt
彩虹岛小草4 10 22/Script/脚本 by 御用闲猪/龙猫小弟.txt
彩虹岛小草4 10 22/Script/自动北4去北3，在北3挂机脚本/艾尔平原北部 3.txt
彩虹岛小草4 10 22/Script/自动北4去北3，在北3挂机脚本/艾尔平原北部 4.txt
彩虹岛小草4 10 22/Script/艾尔平原北部 4.txt
彩虹岛小草4 10 22/Script/蛇龙副本/普鲁顿神殿4层.txt
彩虹岛小草4 10 22/Script/蛇龙副本/蛇龙之巢 1.txt
彩虹岛小草4 10 22/Script/蛇龙副本/蛇龙之巢 2.txt
彩虹岛小草4 10 22/Script/蛇龙副本/蛇龙之巢 3.txt
彩虹岛小草4 10 22/Script/蛇龙副本/蛇龙之巢 4.txt
彩虹岛小草4 10 22/Script/蛇龙副本/蛇龙之巢 5.txt
彩虹岛小草4 10 22/Script/蛇龙副本/蛇龙之巢深处.txt
彩虹岛小草4 10 22/Script/钢铁城市/机械工作室 1.txt
彩虹岛小草4 10 22/Script/钢铁城市/机械工作室 2.txt
彩虹岛小草4 10 22/Script/钢铁城市/机械工作室 3(全图).txt
彩虹岛小草4 10 22/Script/钢铁城市/机械工作室 3.txt
彩虹岛小草4 10 22/Script/钢铁城市/机械工作室 4.txt
彩虹岛小草4 10 22/Script/钢铁城市/机甲山脉(入口) 1.txt
彩虹岛小草4 10 22/Script/钢铁城市/机甲山脉(出口) 1.txt
彩虹岛小草4 10 22/Script/钢铁城市/机甲山脉(出口) 2.txt
彩虹岛小草4 10 22/Script/钢铁城市/机甲山脉(出口) 3.txt
彩虹岛小草4 10 22/Script/钢铁城市/机甲山脉(出口) 4.txt
彩虹岛小草4 10 22/Script/钢铁城市/机甲山脉(出口) 5.txt
彩虹岛小草4 10 22/Server.ini
彩虹岛小草4 10 22/更多软件下载.url
彩虹岛小草4 10 22/飘荡软件.url
.url

Sharing

General

Malware Config

Signatures

Files

baa93d47220682c04d92f7797d9224ce

Headers

File Characteristics

Imports

kernel32

comctl32

Sections

Size: 612KB - Virtual size: 1.6MB

.rsrc Size: 16KB - Virtual size: 27KB

.idata Size: 4KB - Virtual size: 4KB

Size: 4KB - Virtual size: 784KB

mehgmfyr Size: 592KB - Virtual size: 592KB

lfeiwjkm Size: 4KB - Virtual size: 4KB

baa93d47220682c04d92f7797d9224ce

Headers

File Characteristics

Imports

kernel32

comctl32

Exports

Exports

Sections

Size: 500KB - Virtual size: 1.5MB

.rsrc Size: 12KB - Virtual size: 21KB

.idata Size: 4KB - Virtual size: 4KB

Size: 4KB - Virtual size: 988KB

tfotxfdm Size: 572KB - Virtual size: 572KB

kcmlhbyp Size: 4KB - Virtual size: 4KB

.rsrc
Size: 16KB - Virtual size: 27KB

.idata
Size: 4KB - Virtual size: 4KB

mehgmfyr
Size: 592KB - Virtual size: 592KB

lfeiwjkm
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 12KB - Virtual size: 21KB

.idata
Size: 4KB - Virtual size: 4KB

tfotxfdm
Size: 572KB - Virtual size: 572KB

kcmlhbyp
Size: 4KB - Virtual size: 4KB