3f8e8a800d8f3c9b9c2f78951ab55df5_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3f8e8a800d8f3c9b9c2f78951ab55df5_JaffaCakes118
Size

7.8MB
MD5

3f8e8a800d8f3c9b9c2f78951ab55df5
SHA1

8493837f85c3e9c5044f54acd183ea843f0d687a
SHA256

904c825426fcb95b2974512c937032696ce96cd89fa713c7ac24227be53f15e4
SHA512

a697a00b76ef8e246455b53a56a3fd3fd7a4989657efcb91e1fe2f978ef51fe32fa4283cd242fca722c80f0ca8a6267c81cb7d86d492884a66fe87982e821d57
SSDEEP

196608:YFB7HqERReR+UIfRVGnmQeO1E2T9QHWqnw0pIh:sUEHe4UcGm9XWyppQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack001/注册安全工程师/我的考题.exe
unpack001/注册安全工程师/更新辅助.exe

Files

3f8e8a800d8f3c9b9c2f78951ab55df5_JaffaCakes118
.rar
注册安全工程师/fb.dll
注册安全工程师/gr.accdb
注册安全工程师/我的考题.exe
.exe windows:5 windows x86 arch:x86

4710e694cbc904bbde58b1960e1a3f6b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapAlloc
GetProcessHeap
HeapFree
GetTickCount
GetModuleFileNameW
SetEnvironmentVariableW
GetCurrentProcessId
OpenFileMappingW
GetLastError
MapViewOfFile
CloseHandle
CreateFileW
CreateFileMappingW
UnmapViewOfFile
GetFileInformationByHandle
VirtualAlloc
VirtualFree
GetModuleHandleA
GetFileSizeEx
GetProcAddress
LoadLibraryW

Sections

.text
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.xcpad
Size: - Virtual size: 1.6MB

.idata
Size: 1024B - Virtual size: 692B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 424B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
注册安全工程师/无法使用看这里.txt
注册安全工程师/更新辅助.exe
.exe windows:5 windows x86 arch:x86

4710e694cbc904bbde58b1960e1a3f6b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapAlloc
GetProcessHeap
HeapFree
GetTickCount
GetModuleFileNameW
SetEnvironmentVariableW
GetCurrentProcessId
OpenFileMappingW
GetLastError
MapViewOfFile
CloseHandle
CreateFileW
CreateFileMappingW
UnmapViewOfFile
GetFileInformationByHandle
VirtualAlloc
VirtualFree
GetModuleHandleA
GetFileSizeEx
GetProcAddress
LoadLibraryW

Sections

.text
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.xcpad
Size: - Virtual size: 216KB

.idata
Size: 1024B - Virtual size: 692B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 424B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 161KB - Virtual size: 160KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4710e694cbc904bbde58b1960e1a3f6b

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

Sections

.text Size: 15KB - Virtual size: 15KB

.data Size: - Virtual size: 1KB

.xcpad Size: - Virtual size: 1.6MB

.idata Size: 1024B - Virtual size: 692B

.reloc Size: 512B - Virtual size: 424B

.rsrc Size: 3KB - Virtual size: 3KB

4710e694cbc904bbde58b1960e1a3f6b

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

Sections

.text Size: 15KB - Virtual size: 15KB

.data Size: - Virtual size: 1KB

.xcpad Size: - Virtual size: 216KB

.idata Size: 1024B - Virtual size: 692B

.reloc Size: 512B - Virtual size: 424B

.rsrc Size: 161KB - Virtual size: 160KB

.text
Size: 15KB - Virtual size: 15KB

.data
Size: - Virtual size: 1KB

.xcpad
Size: - Virtual size: 1.6MB

.idata
Size: 1024B - Virtual size: 692B

.reloc
Size: 512B - Virtual size: 424B

.rsrc
Size: 3KB - Virtual size: 3KB

.text
Size: 15KB - Virtual size: 15KB

.data
Size: - Virtual size: 1KB

.xcpad
Size: - Virtual size: 216KB

.idata
Size: 1024B - Virtual size: 692B

.reloc
Size: 512B - Virtual size: 424B

.rsrc
Size: 161KB - Virtual size: 160KB