6c1e91faa39b20c710a100115627f90d_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6c1e91faa39b20c710a100115627f90d_JaffaCakes118
Size

1.3MB
MD5

6c1e91faa39b20c710a100115627f90d
SHA1

ef16c1d38afbf995009a07ca7d2456fbd069098d
SHA256

3649e2ab42f5093ec437c989c1075df8b6328ca098a5391cb7ffbde97b067391
SHA512

57179fe646eebc6d103fb0fdcbc945f620e0e8c89c91f938843990a2335bb08ab2428ef9c7d4b72c52dedbc1839a7efb6bb54bb520d2511d33abd09da88f5c52
SSDEEP

24576:HgXthnOYXXFcqMyhoANqi5DDsQAEeejPHcbvT8p84sX9oAMUSBU:HgXrOWcqMRAYhQ7epb/4E9oA6BU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/QQ群发助手.exe

Files

6c1e91faa39b20c710a100115627f90d_JaffaCakes118
.rar
QQ群发助手.exe
.exe windows:4 windows x86 arch:x86

e429201494fe1adc7f673ddd979714d6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

midiStreamOut

ws2_32

WSACleanup

kernel32

SetLastError

user32

IsIconic

gdi32

ExtTextOutA

winspool.drv

OpenPrinterA

advapi32

RegOpenKeyExA

shell32

ShellExecuteA

ole32

CLSIDFromProgID

oleaut32

VariantChangeType

comctl32

ImageList_GetImageCount

comdlg32

ChooseColorA

msvcrt

strncpy

iphlpapi

GetInterfaceInfo

psapi

GetMappedFileNameW

Sections

.text
Size: 532KB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sedata
Size: 980KB - Virtual size: 980KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 96KB - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sedata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
实用软件.url
更多QQ活动.url
访问技术QQ网.url