0f76b97d7c02f8d45f66820b4b9ba1af_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

0f76b97d7c02f8d45f66820b4b9ba1af_JaffaCakes118
Size

170KB
MD5

0f76b97d7c02f8d45f66820b4b9ba1af
SHA1

d9828ebd008b57c0ed83f3d9996302209760b20c
SHA256

b8f6bc9d2f437867f919c1bec779c72be9d4467223fa257c12d8bbd3404d6c01
SHA512

4d0125b073695a7cbcbda6ddd80b3ebf4b4f9b64f103a3a1086cdd7d4773fd2f0cf9983de9058687f679e0c4783d1ef9b066c85d3379681452957ea14f5d0188
SSDEEP

3072:g6gfbk5Gc+iiAQA0TpV7266RtnHXa6A3jzv1t9WPFKTgkqwJWAwmPkoGIVJuZyr8:kfY5BPiAQ7TP726+n3a6A3jzvrgP2JL8

Score

3^/10

Malware Config

Signatures

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack001/GameHelper/GameHelper.exe
unpack001/GameHelper/游戏双开大师 1.1 注册机.exe

Files

0f76b97d7c02f8d45f66820b4b9ba1af_JaffaCakes118
.rar
GameHelper/GameHelper.CHM
.chm
GameHelper/GameHelper.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 172KB - Virtual size: 172KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 172KB - Virtual size: 172KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.snaker
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
GameHelper/GameHelper.ini
GameHelper/新云软件.url
.url
GameHelper/游戏双开大师 1.1 注册机.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

code
Size: - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

text
Size: 11KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Sections

.text Size: 60KB - Virtual size: 60KB

.rdata Size: 20KB - Virtual size: 20KB

.data Size: 8KB - Virtual size: 8KB

.rsrc Size: 172KB - Virtual size: 172KB

.aspack Size: 172KB - Virtual size: 172KB

.adata Size: 4KB - Virtual size: 4KB

.snaker Size: 4KB - Virtual size: 4KB

Headers

File Characteristics

Sections

code Size: - Virtual size: 40KB

text Size: 11KB - Virtual size: 12KB

.rsrc Size: 6KB - Virtual size: 8KB

.text
Size: 60KB - Virtual size: 60KB

.rdata
Size: 20KB - Virtual size: 20KB

.data
Size: 8KB - Virtual size: 8KB

.rsrc
Size: 172KB - Virtual size: 172KB

.aspack
Size: 172KB - Virtual size: 172KB

.adata
Size: 4KB - Virtual size: 4KB

.snaker
Size: 4KB - Virtual size: 4KB

code
Size: - Virtual size: 40KB

text
Size: 11KB - Virtual size: 12KB

.rsrc
Size: 6KB - Virtual size: 8KB