74c72f6f40e997b80a69e0b70d110a6f_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

74c72f6f40e997b80a69e0b70d110a6f_JaffaCakes118
Size

663KB
MD5

74c72f6f40e997b80a69e0b70d110a6f
SHA1

e369effcf15fbb223a4ddd66e7c4b928bf5babc8
SHA256

6b0bd26fe0b04e8bed31f6dc9356f3450dcd36eabab4f55ebd97f2ac5f111b46
SHA512

d4802c59afd682249a91517a0f1cfe93c9b5f2c07ad5e3fcb0fad41ba056c6c25893dc43d587762ee365e763c43c0c5862f34d5f02485d0f5586259424338d7c
SSDEEP

12288:zMUR3JpBE1rzT4FFS5erH3dUlx/RZqGlB++8nxT8384KA1stCNcd8E4z9lNQSg:zLR3JpBc/T4FnXylx/DqW6nxT8384Krp

Score

7^/10

aspackv2

Malware Config

Signatures

ASPack v2.12-2.42 1 IoCs

Detects executables packed with ASPack v2.12-2.42

aspackv2

resource	yara_rule
static1/unpack001/TetrisRes.dll	aspack_v212_v242

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack001/QQTetrisAI.exe
unpack001/TetrisRes.dll

Files

74c72f6f40e997b80a69e0b70d110a6f_JaffaCakes118
.rar
QQ.ini
QQTetrisAI.exe
.exe windows:4 windows x86 arch:x86

820ab24e53af2dbafc74d24f87e40262

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

user32

MessageBoxA

comctl32

InitCommonControls

kernel32

LoadLibraryA
GetProcAddress

Sections

Petite
Size: 302KB - Virtual size: 636KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Petite
Size: 4KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Petite
Size: 512B - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Petite
Size: 1KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Petite
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Petite
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Petite
Size: 52KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 19KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Petite
Size: 1024B - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Petite
Size: 4KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Petite
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Set.dat
TetrisRes.dll
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.text
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 295KB - Virtual size: 2.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
config.gen
readme.txt
下载说明.htm
.html
使用说明.txt
飘down精品软件.url
.url

Sharing

General

Malware Config

Signatures

Files

820ab24e53af2dbafc74d24f87e40262

Headers

File Characteristics

Imports

user32

comctl32

kernel32

Sections

Petite Size: 302KB - Virtual size: 636KB

Petite Size: 4KB - Virtual size: 12KB

Petite Size: 512B - Virtual size: 12KB

Petite Size: 1KB - Virtual size: 12KB

Petite Size: 4KB - Virtual size: 4KB

Petite Size: 512B - Virtual size: 4KB

Petite Size: 52KB - Virtual size: 52KB

.rsrc Size: 19KB - Virtual size: 64KB

Petite Size: 1024B - Virtual size: 12KB

Petite Size: 4KB - Virtual size: 12KB

Petite Size: 19KB - Virtual size: 18KB

Headers

File Characteristics

Sections

.text Size: 1024B - Virtual size: 4KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 512B - Virtual size: 8KB

.idata Size: 512B - Virtual size: 4KB

.rsrc Size: 295KB - Virtual size: 2.7MB

.reloc Size: 512B - Virtual size: 4KB

.aspack Size: 5KB - Virtual size: 8KB

.adata Size: - Virtual size: 4KB

Petite
Size: 302KB - Virtual size: 636KB

Petite
Size: 4KB - Virtual size: 12KB

Petite
Size: 512B - Virtual size: 12KB

Petite
Size: 1KB - Virtual size: 12KB

Petite
Size: 4KB - Virtual size: 4KB

Petite
Size: 512B - Virtual size: 4KB

Petite
Size: 52KB - Virtual size: 52KB

.rsrc
Size: 19KB - Virtual size: 64KB

Petite
Size: 1024B - Virtual size: 12KB

Petite
Size: 4KB - Virtual size: 12KB

Petite
Size: 19KB - Virtual size: 18KB

.text
Size: 1024B - Virtual size: 4KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 512B - Virtual size: 8KB

.idata
Size: 512B - Virtual size: 4KB

.rsrc
Size: 295KB - Virtual size: 2.7MB

.reloc
Size: 512B - Virtual size: 4KB

.aspack
Size: 5KB - Virtual size: 8KB

.adata
Size: - Virtual size: 4KB