2da86bd4f4b5fa18a795966127a401d6_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2da86bd4f4b5fa18a795966127a401d6_JaffaCakes118
Size

3.1MB
MD5

2da86bd4f4b5fa18a795966127a401d6
SHA1

596b6c12908af8de338700d0bfff37fb4d1a7dd6
SHA256

38d29c56337b346651d1a46c12dd5963e7bf11b5adb02d344961c76102bf9ebf
SHA512

1e923c12733b31d3dcc531e71377051d33b07d053ce67d0b3e0f968a40477e861d723a3a7ba4f5dadae106d4520ded3bc352239a88589dda919e0715c45117ff
SSDEEP

49152:n1FHl8lVl+0JYHlX4j7AGBEMtO+tpUPUykVrVDSgl8I5eBa3q3AR7JM:nl8lVl+jHGwRMtOupUkjDSgeI5YaYAvM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/YS_QMZZ/Qmzz.exe

Files

2da86bd4f4b5fa18a795966127a401d6_JaffaCakes118
.rar
YS_QMZZ/BG.DAT
YS_QMZZ/BH.IDX
YS_QMZZ/BJX.DAT
YS_QMZZ/HZ.DAT
YS_QMZZ/PY.IDX
YS_QMZZ/QMZZ.CNT
YS_QMZZ/QMZZ.HLP
YS_QMZZ/QMzz.GID
YS_QMZZ/Qmzz.exe
.exe windows:4 windows x86 arch:x86

5a498eee87e4d89512a84502f500181f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

GetProcAddress
GetModuleHandleA
LoadLibraryA

Sections

CODE
Size: 449KB - Virtual size: 976KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: 5KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 41KB - Virtual size: 208KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
YS_QMZZ/TEXT.DAT
YS_QMZZ/WG.DAT
YS_QMZZ/YYL.DAT
YS_QMZZ/guaCFG.DAT
YS_QMZZ/新云软件.url
.url

Sharing

General

Malware Config

Signatures

Files

5a498eee87e4d89512a84502f500181f

Headers

File Characteristics

Imports

kernel32

Sections

CODE Size: 449KB - Virtual size: 976KB

DATA Size: 5KB - Virtual size: 12KB

BSS Size: - Virtual size: 4KB

.idata Size: 4KB - Virtual size: 12KB

.tls Size: - Virtual size: 4KB

.rdata Size: 512B - Virtual size: 4KB

.reloc Size: - Virtual size: 72KB

.rsrc Size: 41KB - Virtual size: 208KB

.data Size: 2KB - Virtual size: 4KB

CODE
Size: 449KB - Virtual size: 976KB

DATA
Size: 5KB - Virtual size: 12KB

BSS
Size: - Virtual size: 4KB

.idata
Size: 4KB - Virtual size: 12KB

.tls
Size: - Virtual size: 4KB

.rdata
Size: 512B - Virtual size: 4KB

.reloc
Size: - Virtual size: 72KB

.rsrc
Size: 41KB - Virtual size: 208KB

.data
Size: 2KB - Virtual size: 4KB