b4fe53f7240bb29c7e9f99e4ccc8813c_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b4fe53f7240bb29c7e9f99e4ccc8813c_JaffaCakes118
Size

238KB
MD5

b4fe53f7240bb29c7e9f99e4ccc8813c
SHA1

5eb280d8cfb72a7fb40fe5575d43bae8727d80e0
SHA256

b5118925341394cfcd67da72ef840ec343c4841fab92155acc7deb34416fad62
SHA512

eedbd9b970e1f76901272f06d868f708eb73c9de1141bfb0d20bb89a6204b0011c38a3c6275f6faa96abb792b30a7198107f43af59b5c8a067f506fa183ddb7e
SSDEEP

6144:C5x2wLqnAFUxaRQPV5xyG/oDQ2s9yRi2CianqXI+:mxUnKqKQwspiQE9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/优酷KUX视频批量爆菊 by ilv.exe

Files

b4fe53f7240bb29c7e9f99e4ccc8813c_JaffaCakes118
.rar
优酷KUX视频批量爆菊 by ilv.exe
.exe windows:4 windows x86 arch:x86

9bbbee9ff4fa44655f7b9cf75bf5d1f0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
GetProcAddress

user32

GetDC

gdi32

PatBlt

winmm

waveOutOpen

winspool.drv

ClosePrinter

advapi32

RegCloseKey

shell32

ShellExecuteA

ole32

OleInitialize

oleaut32

RegisterTypeLi

comctl32

ord17

ws2_32

recv

comdlg32

ChooseColorA

Sections

.MPRESS1
Size: 220KB - Virtual size: 740KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 45KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
使用说明.url
极速软件下载.url
.url