43904841ec5608132a983bd467d74ebc_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

43904841ec5608132a983bd467d74ebc_JaffaCakes118
Size

363KB
MD5

43904841ec5608132a983bd467d74ebc
SHA1

1914f87568b433c03b25773c6efcbf6cd78de58b
SHA256

a32be8dd1f62fb55756334f326488e6a4d7c555a0a64f558d03098813f08627b
SHA512

a645dd0b5e147e1a6d68bbc3afe883cc1aabafd1042f79a0c72301da7bab14fd7f4bd5c2d2637acd1462882080ef7ffdfc5bedb3fe926c11c9f1b01dd4bd95a5
SSDEEP

6144:1ni6Q8tR+Jp0BhAUCbYacP8unCl3j4mq4u0+o2hxN05Bu8cSKyoHZOyBw:1nih8tR+Jp0TAk18unqUd4FGhQ5Bu8cK

Score

7^/10

aspackv2

Malware Config

Signatures

ASPack v2.12-2.42 1 IoCs

Detects executables packed with ASPack v2.12-2.42

aspackv2

resource	yara_rule
static1/unpack001/QQ文件自动接收精灵/QQFile.exe	aspack_v212_v242

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/QQ文件自动接收精灵/QQFile.exe

Files

43904841ec5608132a983bd467d74ebc_JaffaCakes118
.rar
QQ文件自动接收精灵/QQFile.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 271KB - Virtual size: 712KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: 3KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 41KB - Virtual size: 436KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 163KB - Virtual size: 164KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
QQ文件自动接收精灵/使用前须知.txt
QQ文件自动接收精灵/新云软件.url
.url
QQ文件自动接收精灵/更新日志.txt

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Sections

CODE Size: 271KB - Virtual size: 712KB

DATA Size: 3KB - Virtual size: 8KB

BSS Size: - Virtual size: 4KB

.idata Size: 4KB - Virtual size: 12KB

.tls Size: - Virtual size: 4KB

.rdata Size: 512B - Virtual size: 4KB

.reloc Size: - Virtual size: 52KB

.rsrc Size: 41KB - Virtual size: 436KB

.aspack Size: 163KB - Virtual size: 164KB

.adata Size: - Virtual size: 4KB

CODE
Size: 271KB - Virtual size: 712KB

DATA
Size: 3KB - Virtual size: 8KB

BSS
Size: - Virtual size: 4KB

.idata
Size: 4KB - Virtual size: 12KB

.tls
Size: - Virtual size: 4KB

.rdata
Size: 512B - Virtual size: 4KB

.reloc
Size: - Virtual size: 52KB

.rsrc
Size: 41KB - Virtual size: 436KB

.aspack
Size: 163KB - Virtual size: 164KB

.adata
Size: - Virtual size: 4KB