32f9cac916a853237e3ee3c0b4924dbc_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

32f9cac916a853237e3ee3c0b4924dbc_JaffaCakes118
Size

1.2MB
MD5

32f9cac916a853237e3ee3c0b4924dbc
SHA1

1d987cdbb0ae473d91f9d29ce4caf21d6140f05a
SHA256

426f657710f3d98374e02863d32e7a37aec8715fa5a6052c8a9eeef277826c3f
SHA512

03073b2fbf845a0306dca0335388dcb5cf65c37e05da78ae6aa14486e5cdb676e871c355ab203cc63b46606914cd8cb2935140e358b98703fd4f5ed24e68e4f5
SSDEEP

24576:ydnE4TUNZSe9BPbywsr1MeTW0ScCwWuVeuTNPSdCD8L+nAYCE3:ydnE4+SSV1sr1MsWuV9TNPSd68L+nAs

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/魔法0523.exe

Files

32f9cac916a853237e3ee3c0b4924dbc_JaffaCakes118
.rar
24小时自动换卡.url
.url
85游戏网.htm
.html
ipk.cn—海阔天空外挂下载.htm
.html
使用说明.txt
工作室交流群.txt
游戏设置.jpg
.jpg
购买收费外挂.htm
.html
魔法0523.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

Size: 388B - Virtual size: 236KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 67KB - Virtual size: 73KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE