6d6201d01308d9e37ed8dca79905a984_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6d6201d01308d9e37ed8dca79905a984_JaffaCakes118
Size

14KB
MD5

6d6201d01308d9e37ed8dca79905a984
SHA1

e0aa975e2a53d6be8d159f0b15246a65439379e9
SHA256

b311bc97398e40dfd1e898daa3ef354617fe51fe1290968a75ef4aa88a0065a2
SHA512

e90b2273698889a58559888a634f2e792aa23df2a014f1697dadde27ac2c3892f869ffca1ac743f86d244697944fcda879929cdc5dfdeed22de2d8f2aac999a2
SSDEEP

384:zveudELHye6eAzkrtfk1TSTXNXVk+yJfTjU7B/v:SWE+e6eAzLTOXTnyJLjW1v

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/天正建筑7.5注册机.exe

Files

6d6201d01308d9e37ed8dca79905a984_JaffaCakes118
.rar
tarch7.reg
天正建筑7.5注册机.exe
.exe windows:4 windows x86 arch:x86

c49ff412c079328a3fcdbcd6d95dd26a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetWindowLongA
SetDlgItemTextA
SetCursor
SendMessageA
LoadIconA
LoadCursorA
SetWindowLongA
GetSysColor
GetDlgItemTextA
GetDlgItem
GetDlgCtrlID
EndDialog
DialogBoxParamA
wsprintfA
CallWindowProcA

kernel32

GetModuleHandleA
ExitProcess

comctl32

ord17

gdi32

SelectObject
SetBkColor
GetObjectA
CreateFontIndirectA
SetTextColor
GetStockObject
DeleteObject

shell32

ShellExecuteA

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 826B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 792B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ