5ef09ca3d85130733e155199e865e137_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

5ef09ca3d85130733e155199e865e137_JaffaCakes118
Size

1.4MB
MD5

5ef09ca3d85130733e155199e865e137
SHA1

d18293b6891aa34d0d0669881baf78a3e83ed5e6
SHA256

09ee2d90afa9bc501fcc9c5446ddfba5e7507fd452a4527dbda078f0958d9749
SHA512

e34ee22b27314c4bbd6a7a727bec15fe3a2e37c86d57f1b45432ed2e93111b47a106402b02faca3d65bf35be76f76dffd01642916f94dec14004576f54f096d1
SSDEEP

24576:FHoMwCYyQx2G2SldvAiRTVko8aui5DGrz+P4hbjZxd1omiv657EgoKfZ6G3ZTtAY:NoMkb4RSX46BkfaunzYqjZxd2mU0gg1x

Score

3^/10

Malware Config

Signatures

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack001/XMLFox_en/XMLFox Professional/Command-line/XMLFoxCmd.exe
unpack001/XMLFox_en/XMLFox Professional/XMLFoxAdvance.exe

Files

5ef09ca3d85130733e155199e865e137_JaffaCakes118
.rar
XMLFox_en/XMLFox Professional/AccessXML.dll
XMLFox_en/XMLFox Professional/Command-line/AccessXML.dll
XMLFox_en/XMLFox Professional/Command-line/SystemXML.dll
XMLFox_en/XMLFox Professional/Command-line/XMLFoxCmd.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 268KB - Virtual size: 265KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
XMLFox_en/XMLFox Professional/OKHAN说明文件.txt
XMLFox_en/XMLFox Professional/ReadMe.txt
XMLFox_en/XMLFox Professional/SystemXML.dll
XMLFox_en/XMLFox Professional/XMLFox32.ico
XMLFox_en/XMLFox Professional/XMLFoxAdvance.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 2.3MB - Virtual size: 2.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
XMLFox_en/XMLFox Professional/XMLFoxAdvanceHelp.chm
.chm
XMLFox_en/XMLFox Professional/傲看软件园┆绿色软件下载基地.URL
.url
XMLFox_en/XMLFox Professional/如程序无法运行请点击下载.NET.url
XMLFox_en/★记注傲看软件下载站★.reg
XMLFox_en/帮助.url
XMLFox_en/说明文件2.url

Sharing

General

Malware Config

Signatures

Files

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

File Characteristics

Imports

mscoree

Sections

.text Size: 268KB - Virtual size: 265KB

.rsrc Size: 8KB - Virtual size: 4KB

.reloc Size: 4KB - Virtual size: 12B

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

File Characteristics

Imports

mscoree

Sections

.text Size: 2.3MB - Virtual size: 2.3MB

.sdata Size: 4KB - Virtual size: 3KB

.rsrc Size: 4KB - Virtual size: 3KB

.reloc Size: 4KB - Virtual size: 12B

.text
Size: 268KB - Virtual size: 265KB

.rsrc
Size: 8KB - Virtual size: 4KB

.reloc
Size: 4KB - Virtual size: 12B

.text
Size: 2.3MB - Virtual size: 2.3MB

.sdata
Size: 4KB - Virtual size: 3KB

.rsrc
Size: 4KB - Virtual size: 3KB

.reloc
Size: 4KB - Virtual size: 12B