5e6fcb3976313ecfddb4bb8c212a61ae_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

5e6fcb3976313ecfddb4bb8c212a61ae_JaffaCakes118
Size

462KB
MD5

5e6fcb3976313ecfddb4bb8c212a61ae
SHA1

3401e31302e3c6be0ba50014331a4780395767c5
SHA256

91f3d8bae097619433124c57dbfbca3d07d1b6b5a48cd2f15391edff3573362b
SHA512

9f9ab29ad742d481e3bfea2ece0e330639e9f6532e19984bd5a47fd441632be527f28c530a531e32e2c9a79dc1bf273b4471cfb621d610b169922470073b6828
SSDEEP

12288:FYGi7iZkvvQscpB+796izcushGdFJn8HHk/94IVbF:fiHQscpBfizc1GdFJn8ofVR

Score

3^/10

Malware Config

Signatures

Unsigned PE 3 IoCs

Checks for missing Authenticode signature.

resource
unpack001/风很凉本机QQ好友查看器_1_0_绿色版_Jisuxz.com/gxyav.dll
unpack001/风很凉本机QQ好友查看器_1_0_绿色版_Jisuxz.com/mvqc.dll
unpack001/风很凉本机QQ好友查看器_1_0_绿色版_Jisuxz.com/风很凉本机QQ好友查看器v1.0.exe

Files

5e6fcb3976313ecfddb4bb8c212a61ae_JaffaCakes118
.rar
使用说明.html
使用说明.url
极速软件下载.url
风很凉本机QQ好友查看器_1_0_绿色版_Jisuxz.com/gxyav.dll
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

GetNewInf
GetNewSock

Sections

.nsp0
Size: - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.nsp1
Size: 371KB - Virtual size: 372KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.nsp2
Size: - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
风很凉本机QQ好友查看器_1_0_绿色版_Jisuxz.com/mvqc.dll
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

GetNewInf

Sections

.nsp0
Size: - Virtual size: 268KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.nsp1
Size: 75KB - Virtual size: 76KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.nsp2
Size: - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
风很凉本机QQ好友查看器_1_0_绿色版_Jisuxz.com/风很凉本机QQ好友查看器v1.0.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.nsp0
Size: - Virtual size: 656KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.nsp1
Size: 24KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.nsp2
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Exports

Exports

Sections

.nsp0 Size: - Virtual size: 1.1MB

.nsp1 Size: 371KB - Virtual size: 372KB

.nsp2 Size: - Virtual size: 6KB

Headers

File Characteristics

Exports

Exports

Sections

.nsp0 Size: - Virtual size: 268KB

.nsp1 Size: 75KB - Virtual size: 76KB

.nsp2 Size: - Virtual size: 5KB

Headers

File Characteristics

Sections

.nsp0 Size: - Virtual size: 656KB

.nsp1 Size: 24KB - Virtual size: 28KB

.nsp2 Size: - Virtual size: 1KB

.nsp0
Size: - Virtual size: 1.1MB

.nsp1
Size: 371KB - Virtual size: 372KB

.nsp2
Size: - Virtual size: 6KB

.nsp0
Size: - Virtual size: 268KB

.nsp1
Size: 75KB - Virtual size: 76KB

.nsp2
Size: - Virtual size: 5KB

.nsp0
Size: - Virtual size: 656KB

.nsp1
Size: 24KB - Virtual size: 28KB

.nsp2
Size: - Virtual size: 1KB