689cb441fbea86165a0175a61e783d17_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

689cb441fbea86165a0175a61e783d17_JaffaCakes118
Size

10.6MB
MD5

689cb441fbea86165a0175a61e783d17
SHA1

f46ba28c229228fa1d4932db200d95fa8e47ad64
SHA256

a098fc35496b19114c15985dc198709ef312c7e3d6f92d14617684d325109db6
SHA512

0415713a8e758a63f0d8bad65af45b7afb7b67ba544dc30936f768abf44f096f21a0fb2111c3ccd835c2229549085dad9b3485d56843599492871418f18760ab
SSDEEP

196608:SxqbAKcPq6KHZNIvXh2Yhm1u/saQACP126r7uU0xE2Pjz5mifVFhRTbykafXUStu:SxQcy6OIp7hm1u/saQA96u1vQitFytfM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/人物分析机.exe

Files

689cb441fbea86165a0175a61e783d17_JaffaCakes118
.rar
rs.ini
ry.ini
sound/1.mid
sound/10.mid
sound/2.mid
sound/3.mid
sound/4.mid
sound/5.mid
sound/6.mid
sound/7.mid
sound/8.mid
sound/9.mid
sound/apple.wav
sound/gameover.wav
sound/newgame.wav
sound/win.wav
sound/下载说明.htm
.html .js polyglot
下载说明.htm
.html .js polyglot
人物分析机.exe
.exe windows:4 windows x86 arch:x86

9aa88c474698cda77222bda02ffd2dda

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

ord582
ord690
MethCallEngine
ord621
ord660
ord593
ord594
ord595
ord598
ord632
EVENT_SINK_AddRef
ord529
DllFunctionCall
EVENT_SINK_Release
ord600
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord606
ord607
ord608
ord717
ProcCallEngine
ord535
ord645
ord648
ord571
ord681
ord685
ord100
ord689
ord610
ord612
ord616
ord617
ord619
ord546
ord581

Sections

.text
Size: 22.1MB - Virtual size: 22.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 220KB - Virtual size: 217KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
注册帮助.htm
.html