97e552ab2c49e9332bef04df5f44e9d1_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

97e552ab2c49e9332bef04df5f44e9d1_JaffaCakes118
Size

38KB
MD5

97e552ab2c49e9332bef04df5f44e9d1
SHA1

f683dfa0ef1d83ad7dbcc1b0fff6f4e75ee87cb9
SHA256

c1b9a807fab7e7a30cd8884ca6dd5df910036fec8253c345958adcae80391ac1
SHA512

2c5f5bb057126efb8023786a0cd9e9cab9bcf031bf37ca8a4ea56b6f08aeb831f794464f48e66fd496a365017f2c32e46f6be056789b7e7f2f84b7a29e0efac6
SSDEEP

768:RI78q3QOG7E3UZHnl7M24Q8zKLoJKVwVHIKTrqvjM3p3PB6LN+aPRVUTPYiTlJ5N:RI78qgT7EENl7M2fiKLo4wVf4jKch+6e

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/深度全能QQ快速申请器 V3.4.4.exe

Files

97e552ab2c49e9332bef04df5f44e9d1_JaffaCakes118
.rar
更多QQ活动.url
更多软件.url
更新说明.txt
深度全能QQ快速申请器 V3.4.4.exe
.exe windows:4 windows x86 arch:x86

ab46444d923b1e27418941030865cf18

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

ord696
MethCallEngine
ord593
ord594
ord595
ord598
ord632
EVENT_SINK_AddRef
ord528
ord529
ord561
DllFunctionCall
EVENT_SINK_Release
ord600
ord601
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord711
ord712
ord607
ord608
ord716
ord717
ProcCallEngine
ord535
ord537
ord573
ord685
ord100
ord610
ord612
ord616
ord617
ord619
ord581

Sections

.text
Size: 148KB - Virtual size: 146KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
访问QQ业务乐园.url
.url