aa480cf85aa129ac3ec6558d9bc6af33_JaffaCakes118 | Triage

Sharing

General

Target

aa480cf85aa129ac3ec6558d9bc6af33_JaffaCakes118
Size

1.2MB
MD5

aa480cf85aa129ac3ec6558d9bc6af33
SHA1

7c4ce81900cf2d0c06b7903c9d8de2b008b897f0
SHA256

148338121831ccd89f3ad231e5bf1acb3ace731b9ffa1a794952277546be13de
SHA512

7ad11f73a819db9e8da47760c4062437e2271bce34697dc7d56ec4865a82e29b8b5b095e5732612d1f430512cfbabf85fe548f5e722e7be80bc49209ca874ada
SSDEEP

24576:WGWecxVan8LA7C4wG7uojXHgu2brAT89XcjR1zl8snMIhoX42w:exVan80wGxj72IT8A8sdO42w

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/帮豆助手 3.1.exe

Files

aa480cf85aa129ac3ec6558d9bc6af33_JaffaCakes118
.rar
实用软件.url
帮豆助手 3.1.exe
.exe windows:5 windows x86 arch:x86

c8222ab84652f1f2fb4a54eeec3ad39e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32 kernel32

GetSysColor �

Sections

.text
Size: 684KB - Virtual size: 1.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

SE
Size: 688KB - Virtual size: 688KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

SE
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

SE
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

SE
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
更多QQ活动.url
访问技术QQ网.url