7ad11592191ac99070a0b408cec8f526_JaffaCakes118

Sharing

Target

7ad11592191ac99070a0b408cec8f526_JaffaCakes118
Size

1.0MB
MD5

7ad11592191ac99070a0b408cec8f526
SHA1

ab812a4ad0ce665757f9d216f1eba663d1234481
SHA256

da4d12809fe2c534fdec161818aef0d8bdce5be96e828d846d9bf72ede31fc03
SHA512

6a7f23dedae5446fffb632969ae6fd4f60e15803e33bef50fea24c389556ab2c705593076699d4db25ae98883f8b1cae697c6d3521fb7be1d3fdd49a119be688
SSDEEP

24576:wn/89xAOmwT8nRKWOb5C7+Z8GmyQcmb0/iiDjZsSeIJCOsWw9Zm:wnuxJmwT8nRzOb5/Z7VQlbipsSXwOsWv

Score

3^/10

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/家园挂机(11月15日)/家园挂机.exe

7ad11592191ac99070a0b408cec8f526_JaffaCakes118
.rar
家园挂机(11月15日)/使用★说明.txt
家园挂机(11月15日)/家园挂机.exe
.exe windows:4 windows x86 arch:x86

4165f3d45cf8d3776c36bb5dafd049b7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
HeapCreate
HeapDestroy
LCMapStringA
HeapAlloc

user32

SetWindowLongA
CloseWindow
CreateWindowExA
CharLowerBuffA

advapi32

RegEnumValueA
RegCloseKey
RegSetValueA
RegEnumKeyA

ole32

CoMarshalInterface
CoGetClassObject
CoCreateInstanceEx

Sections

.text
Size: 644KB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 212KB - Virtual size: 400KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 32KB - Virtual size: 489KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 172KB - Virtual size: 168KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.adata
Size: 68KB - Virtual size: 114KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
家园挂机(11月15日)/小林子游戏网.url
家园挂机(11月15日)/小林子论坛.url