b09f3fa57cfd0a3107b97d8c3a2359a8_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

b09f3fa57cfd0a3107b97d8c3a2359a8_JaffaCakes118
Size

445KB
MD5

b09f3fa57cfd0a3107b97d8c3a2359a8
SHA1

d8e3500b1763e9326a2d79bcde3686000e03acbc
SHA256

82511f9c265b03f1f1d6a396228219e58ed00e7623cf9e7de4d30b74c1c60424
SHA512

b0fcb307bfb24d5ce2d2fa60a33ecc13dcb5c7307e5c461f9880d356222d359f0c652a721e3fe9c43831a36358be43e89ecf574a0a6acde802a45e389d02a750
SSDEEP

12288:MfREqEnGL/UCX1tPihmnzDXi+xL+7j26Xc8f5YcXbXX6:Mfins/UCXzPihmnzDSOL+f/jfTLXX6

Score

3^/10

Malware Config

Signatures

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack001/黑石五子棋软件 v4.0/Wrenju.exe
unpack001/黑石五子棋软件 v4.0/注册机.exe

Files

b09f3fa57cfd0a3107b97d8c3a2359a8_JaffaCakes118
.rar
黑石五子棋软件 v4.0/Bl&wh.dat
黑石五子棋软件 v4.0/Opening.lib
黑石五子棋软件 v4.0/Renju.hlp
黑石五子棋软件 v4.0/Wrenju.exe
.exe windows:1 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 250KB - Virtual size: 517KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: 3KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 430KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 8B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 84KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.Win32
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
黑石五子棋软件 v4.0/下载说明.txt
黑石五子棋软件 v4.0/华彩联盟论坛.url
.url
黑石五子棋软件 v4.0/华彩软件站-使用必读.url
.url
黑石五子棋软件 v4.0/安装说明.txt
黑石五子棋软件 v4.0/注册机.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

code
Size: - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

text
Size: 11KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
黑石五子棋软件 v4.0/黑石4.0.jpg
.jpg
黑石五子棋软件 v4.0/黑石使用技巧.doc
.doc windows office2003

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Sections

CODE Size: 250KB - Virtual size: 517KB

DATA Size: 3KB - Virtual size: 5KB

BSS Size: - Virtual size: 430KB

.idata Size: 9KB - Virtual size: 8KB

.tls Size: - Virtual size: 8B

.rdata Size: 512B - Virtual size: 24B

.reloc Size: 512B - Virtual size: 40KB

.rsrc Size: 84KB - Virtual size: 84KB

.Win32 Size: 21KB - Virtual size: 21KB

Headers

File Characteristics

Sections

code Size: - Virtual size: 40KB

text Size: 11KB - Virtual size: 12KB

.rsrc Size: 6KB - Virtual size: 8KB

CODE
Size: 250KB - Virtual size: 517KB

DATA
Size: 3KB - Virtual size: 5KB

BSS
Size: - Virtual size: 430KB

.idata
Size: 9KB - Virtual size: 8KB

.tls
Size: - Virtual size: 8B

.rdata
Size: 512B - Virtual size: 24B

.reloc
Size: 512B - Virtual size: 40KB

.rsrc
Size: 84KB - Virtual size: 84KB

.Win32
Size: 21KB - Virtual size: 21KB

code
Size: - Virtual size: 40KB

text
Size: 11KB - Virtual size: 12KB

.rsrc
Size: 6KB - Virtual size: 8KB