a5c921ab04273bb3c48c75c8f519f6ef_JaffaCakes118 | Triage

Sharing

General

Target

a5c921ab04273bb3c48c75c8f519f6ef_JaffaCakes118
Size

197KB
MD5

a5c921ab04273bb3c48c75c8f519f6ef
SHA1

e6f2da835a6faaa8eb1f266bc448f80053adf340
SHA256

e58c0d7db51c775ef6f03058a159e3249f3e57d129f694af6a311900b7e87d4d
SHA512

02ca679505a3d929258fd5b6f13f65013abb5ed9e8b91d83e74481bbcca1bf775812694837dbf3d837e7996e0a3db299f2108707c883f9c3b7598f5860605f26
SSDEEP

6144:fpHenA7IorJHnbEBOauJ23tCWiOOj04iU4ES:fUAso1bIOauJCQWiOP4iU4x

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/saints.row.iv.[no.intro]-patch.exe

Files

a5c921ab04273bb3c48c75c8f519f6ef_JaffaCakes118
.rar
2013年全部热门单机游戏及汉化下载.url
.url
3DMGAME 中国第一单机游戏门户全球最大汉化游戏论坛.url
CuST0M.nfo
saints.row.iv.[no.intro]-patch.exe
.exe windows:5 windows x86 arch:x86

dc73a9bd8de0fd640549c85ac4089b87

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DeleteFileA
ExitProcess
FindResourceA
FreeLibrary
GetModuleHandleA
GetProcAddress
GetTempPathA
LoadLibraryA
LoadResource
RtlMoveMemory
SizeofResource
VirtualAlloc
lstrcatA
CloseHandle
CreateFileA
FlushFileBuffers
WriteFile

Sections

.text
Size: 512B - Virtual size: 502B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 472B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 52B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 244KB - Virtual size: 244KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 82B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
使用方法.txt