0bb37fc614a31eacd5cd415158dcbc68_JaffaCakes118 | Triage

Sharing

General

Target

0bb37fc614a31eacd5cd415158dcbc68_JaffaCakes118
Size

379KB
MD5

0bb37fc614a31eacd5cd415158dcbc68
SHA1

30550a1991a7fd6b71832e5b9718c6cb1b7fe9f2
SHA256

a1bad862e9fe39b51ed65f2131bad335f16f3228a7d053e96bb37f5feb4c25f1
SHA512

c370a14afccd3675f8421ba6d7a8ca2ff45cdc9b50832ea2b21714d087ebbca7e7b9652ba423a4fa3ba1be818b14f11d565b2063f1d2f7af451ddaf0e1eb060f
SSDEEP

6144:9c8A6Zyet6w1nxQUUSRlChX8dTosK2Fzfzpnwv0Yeq24PcT709xJsilD/s1cqf96:SpLww4R4ucUm0Yo4P2705FD/Py9Yjf6M

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Trainer.exe

Files

0bb37fc614a31eacd5cd415158dcbc68_JaffaCakes118
.rar
HoG.nfo
Trainer.exe
.exe windows:4 windows x86 arch:x86

98c88d882f01a3f6ac1e5f7dfd761624

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess

user32

MessageBoxA

Sections

Size: - Virtual size: 888KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 439KB - Virtual size: 800KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 48KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
newyx.txt
使用说明.txt
牛游戏网.url