0d467dc2a6fc1fd089922ec538e6b33c_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

0d467dc2a6fc1fd089922ec538e6b33c_JaffaCakes118
Size

128KB
MD5

0d467dc2a6fc1fd089922ec538e6b33c
SHA1

e0db73886e79bc13fa97dd2d01f0e519fb2def81
SHA256

e2e9715cd5252c9cfcd9858de52228ba2970591a0c70d5f4cccee4b4c70105e1
SHA512

7fcbfbf3fa5937814e42fe1c784fe8acf43ca826d7a33d81b1e7f1fe40886f509f673e1b376ea35871c7c4fc4becf02b5805971efbc50eeac5f1ba431bcd7024
SSDEEP

3072:/7LRdEwH93wfYSsQt3exC01IMjm/0tfYcXBEpPc9mMj7FM:/7V6ogfYSsg3uC01xsyYcwk7FM

Score

3^/10

Malware Config

Signatures

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack001/QQBaby/QQ速登宝宝.exe
unpack001/QQBaby/升级宝宝.exe

Files

0d467dc2a6fc1fd089922ec538e6b33c_JaffaCakes118
.rar
QQBaby/QQBaby.rk
QQBaby/QQ速登宝宝.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\QQ速登宝宝\QQ速登宝宝\obj\x86\Debug\QQ速登宝宝.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 184KB - Virtual size: 183KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
QQBaby/使用说明.txt
QQBaby/升级宝宝.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\QQ速登宝宝\升级助手\升级助手\obj\x86\Debug\升级宝宝.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

mscoree

Sections

.text Size: 184KB - Virtual size: 183KB

.rsrc Size: 4KB - Virtual size: 3KB

.reloc Size: 512B - Virtual size: 12B

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

mscoree

Sections

.text Size: 12KB - Virtual size: 12KB

.rsrc Size: 4KB - Virtual size: 3KB

.reloc Size: 512B - Virtual size: 12B

.text
Size: 184KB - Virtual size: 183KB

.rsrc
Size: 4KB - Virtual size: 3KB

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 12KB - Virtual size: 12KB

.rsrc
Size: 4KB - Virtual size: 3KB

.reloc
Size: 512B - Virtual size: 12B