08a6c990bb045a6c25c81e192cbb519e_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

08a6c990bb045a6c25c81e192cbb519e_JaffaCakes118
Size

580KB
MD5

08a6c990bb045a6c25c81e192cbb519e
SHA1

eafc7abe8338c978a52c508bd41eaa1b3d421b09
SHA256

5f4b1be6416f2548e5a42382f449332f0cb35351286deea585522e7e714124e3
SHA512

38856b519050610c4c69df2a4dc1804b376fb9b726a7b27302d6429e0b783d5abf59e8afe7dda3861567701b5f98ad713641fadd6b3d00afaf1dae8108bf5a79
SSDEEP

12288:d9ShsOX8NTgFPaVPnSZDAL+pKLyEQmoP3Uh38FYu5S2BKxjVg:L3c8NTgFPUopKLNsEh38RtmBg

Score

7^/10

upx

Malware Config

Signatures

ACProtect 1.3x - 1.4x DLL software 1 IoCs

Detects file using ACProtect software.

resource	yara_rule
static1/unpack001/qqxc1.21/qqxc.dll	acprotect

UPX packed file 2 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
static1/unpack001/qqxc1.21/qqxc.dll	upx
static1/unpack001/qqxc1.21/风很凉QQ相册图片批量下载器v1.21.exe	upx

Unsigned PE 4 IoCs

Checks for missing Authenticode signature.

resource
unpack001/qqxc1.21/qqxc.dll
unpack002/out.upx
unpack001/qqxc1.21/风很凉QQ相册图片批量下载器v1.21.exe
unpack003/out.upx

Files

08a6c990bb045a6c25c81e192cbb519e_JaffaCakes118
.rar
qqxc1.21/qqxc.dll
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

GetNewInf

Sections

UPX0
Size: - Virtual size: 204KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 79KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.text
Size: 124KB - Virtual size: 122KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
qqxc1.21/新云软件.url
.url
qqxc1.21/风很凉QQ相册图片批量下载器v1.21.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 724KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 500KB - Virtual size: 500KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 15KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 804KB - Virtual size: 802KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 132KB - Virtual size: 130KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 136KB - Virtual size: 134KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 140KB - Virtual size: 139KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Exports

Exports

Sections

UPX0 Size: - Virtual size: 204KB

UPX1 Size: 79KB - Virtual size: 80KB

.rsrc Size: 3KB - Virtual size: 4KB

Headers

File Characteristics

Sections

.text Size: 124KB - Virtual size: 122KB

.rdata Size: 28KB - Virtual size: 26KB

.data Size: 20KB - Virtual size: 74KB

.rsrc Size: 20KB - Virtual size: 17KB

.reloc Size: 20KB - Virtual size: 17KB

Headers

File Characteristics

Sections

UPX0 Size: - Virtual size: 724KB

UPX1 Size: 500KB - Virtual size: 500KB

.rsrc Size: 15KB - Virtual size: 16KB

Headers

File Characteristics

Sections

.text Size: 804KB - Virtual size: 802KB

.rdata Size: 132KB - Virtual size: 130KB

.data Size: 136KB - Virtual size: 134KB

.rsrc Size: 140KB - Virtual size: 139KB

UPX0
Size: - Virtual size: 204KB

UPX1
Size: 79KB - Virtual size: 80KB

.rsrc
Size: 3KB - Virtual size: 4KB

.text
Size: 124KB - Virtual size: 122KB

.rdata
Size: 28KB - Virtual size: 26KB

.data
Size: 20KB - Virtual size: 74KB

.rsrc
Size: 20KB - Virtual size: 17KB

.reloc
Size: 20KB - Virtual size: 17KB

UPX0
Size: - Virtual size: 724KB

UPX1
Size: 500KB - Virtual size: 500KB

.rsrc
Size: 15KB - Virtual size: 16KB

.text
Size: 804KB - Virtual size: 802KB

.rdata
Size: 132KB - Virtual size: 130KB

.data
Size: 136KB - Virtual size: 134KB

.rsrc
Size: 140KB - Virtual size: 139KB