4d35184a6bfe51cdd48282e259b7ce78_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

4d35184a6bfe51cdd48282e259b7ce78_JaffaCakes118
Size

2.4MB
MD5

4d35184a6bfe51cdd48282e259b7ce78
SHA1

15412c9ba26590c0df62a28476547dd3aa9de034
SHA256

cf56e7fa70ed6b79fff9840a5fb8b4441626fd5108bc1472a4103584293aa732
SHA512

6f7cba2670b969513f80172242c22aaa1fe058ab8cc88ae0e1fae4a95727cbd6dde79ee9459dc6cc711b0a976b888ef26be621d1ffb0dd08334d73422db99ce5
SSDEEP

49152:vuPPArjqG4PgUjEl3fDK6sxxwOHtRWja6xi26hqhsLUIvsm9Ft5cAjx:vuQvqGGgsElvDK6sk+RL26hqeLzUQFtD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/115VIP帐号获取器V1.21.exe

Files

4d35184a6bfe51cdd48282e259b7ce78_JaffaCakes118
.rar
115VIP帐号获取器V1.21.exe
.exe windows:4 windows x86 arch:x86

ee0ca276df38e490c5b1b9664085632b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

EmptyClipboard
CharUpperA

gdi32

GetClipBox
ExtSelectClipRgn

kernel32

GetCPInfo
VirtualAlloc

ole32

StringFromGUID2

gdiplus

GdipCreateFromHDC

imm32

ImmGetContext

shell32

ShellExecuteA
Shell_NotifyIconA

winspool.drv

DocumentPropertiesA
DocumentPropertiesA

advapi32

RegCreateKeyExA
RegCloseKey

comctl32

ord17
ord17

shlwapi

PathFileExistsA

winmm

PlaySoundA
waveOutPause

ws2_32

ioctlsocket

rasapi32

RasGetConnectStatusA

oleaut32

SafeArrayGetUBound

oledlg

ord8

wininet

InternetCanonicalizeUrlA

comdlg32

GetFileTitleA

msvcrt

strncpy

iphlpapi

GetInterfaceInfo

psapi

GetMappedFileNameW

Sections

.text
Size: 1.6MB - Virtual size: 4.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sedata
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sedata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
河源下载站-Xz7.com.url
.url

Sharing

General

Malware Config

Signatures

Files

ee0ca276df38e490c5b1b9664085632b

Headers

File Characteristics

Imports

user32

gdi32

kernel32

ole32

gdiplus

imm32

shell32

winspool.drv

advapi32

comctl32

shlwapi

winmm

ws2_32

rasapi32

oleaut32

oledlg

wininet

comdlg32

msvcrt

iphlpapi

psapi

Sections

.text Size: 1.6MB - Virtual size: 4.1MB

.sedata Size: 1.1MB - Virtual size: 1.1MB

.idata Size: 4KB - Virtual size: 4KB

.rsrc Size: 24KB - Virtual size: 24KB

.sedata Size: 4KB - Virtual size: 4KB

.text
Size: 1.6MB - Virtual size: 4.1MB

.sedata
Size: 1.1MB - Virtual size: 1.1MB

.idata
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 24KB - Virtual size: 24KB

.sedata
Size: 4KB - Virtual size: 4KB