35f56c7e4e67578100217bccb074248d_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

35f56c7e4e67578100217bccb074248d_JaffaCakes118
Size

775KB
MD5

35f56c7e4e67578100217bccb074248d
SHA1

5a235d537992bd46bd1e0c85f1dabf769350c31d
SHA256

8e890e0eec8467153f427838c4a3f3f4eb2149e917e2e846564d356f227c59fe
SHA512

9c080ad63de0b09a4acaf2db61e1fc3f0e44157354f227618519bfc4c343511ac6a8a6f92c590a050c2e1bcc3983bd223b5c98bee3f7ebfefa57b0d3cfd9acf8
SSDEEP

12288:E0rjn8RhPyKWLZBi9q3brglYuOmQZBWv5MOIgO1QP4G9T2/16Ke1WtjwqDQy:RURhPMVBiMgYuOev6g4QPV2gK9FDQy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/soft/bluenumber.exe

Files

35f56c7e4e67578100217bccb074248d_JaffaCakes118
.rar
code/Project2.bpr
.xml
code/Project2.cpp
.js
code/Project2.obj
code/Project2.res
code/Unit2.cpp
code/Unit2.ddp
code/Unit2.dfm
code/Unit2.h
code/Unit2.obj
code/data.mdb
code/下载说明.htm
.html .js polyglot
pic/yzbm_code.gif
pic/下载说明.htm
.html .js polyglot
soft/bluenumber.exe
.exe windows:4 windows x86 arch:x86

3c0e70bfa5f73f1f1cef484e2bcb5bf8

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA

user32

MessageBoxA

Exports

Exports

@@Unit2@Finalize
@@Unit2@Initialize
_Form1
__GetExceptDLLinfo
___CPPdebugHook

Sections

.PCGW32
Size: 404KB - Virtual size: 836KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.PCGW32
Size: 9KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.PCGW32
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.PCGW32
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.PCGW32
Size: 3KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.PCGW32
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.PCGW32
Size: 11KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
soft/data.mdb
soft/下载说明.htm
.html .js polyglot
拼音编码PAS代码/pinyin.pas
拼音编码PAS代码/下载说明.htm
.html .js polyglot

Sharing

General

Malware Config

Signatures

Files

3c0e70bfa5f73f1f1cef484e2bcb5bf8

Headers

File Characteristics

Imports

kernel32

user32

Exports

Exports

Sections

.PCGW32 Size: 404KB - Virtual size: 836KB

.PCGW32 Size: 9KB - Virtual size: 48KB

.PCGW32 Size: 512B - Virtual size: 4KB

.PCGW32 Size: 512B - Virtual size: 4KB

.PCGW32 Size: 3KB - Virtual size: 12KB

.PCGW32 Size: 512B - Virtual size: 4KB

.rsrc Size: 14KB - Virtual size: 48KB

.PCGW32 Size: 11KB - Virtual size: 12KB

.PCGW32
Size: 404KB - Virtual size: 836KB

.PCGW32
Size: 9KB - Virtual size: 48KB

.PCGW32
Size: 512B - Virtual size: 4KB

.PCGW32
Size: 512B - Virtual size: 4KB

.PCGW32
Size: 3KB - Virtual size: 12KB

.PCGW32
Size: 512B - Virtual size: 4KB

.rsrc
Size: 14KB - Virtual size: 48KB

.PCGW32
Size: 11KB - Virtual size: 12KB