b022910a039b976284252c56d8c371f6_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

b022910a039b976284252c56d8c371f6_JaffaCakes118
Size

1.9MB
MD5

b022910a039b976284252c56d8c371f6
SHA1

d1b559242fb34a869c236221e2006680acecc315
SHA256

6b5ede52f6c1db65f84c20f46ccf379cc08605d781c3d4b6ce443ce70a7c5139
SHA512

e3ffceff6d7eae3d26cb37dc227e47025a69290f9ac64110a093ac61a04141534cf3db61fad3dbc0dbdec80d191a82a9e2e3ff3e39ff3e5723045bf5e4eafea9
SSDEEP

49152:B+Zfhf8Z/F6OO6h2BSblf22yQ81qJ3xa1gM9BvJakOgC1rID:Bw0366IV2f3xjM7xChID

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/dmbb/大明伴伴.exe

Files

b022910a039b976284252c56d8c371f6_JaffaCakes118
.rar
dmbb/155绿色软件站.url
.url
dmbb/大明伴伴.exe
.exe windows:4 windows x86 arch:x86

9c8decf3582072f6edfc385a689f44f4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
CreateDirectoryA
CreateFileA
DeleteFileA
ExitProcess
FreeLibrary
GetCommandLineA
GetFileTime
GetModuleHandleA
GetProcAddress
GetSystemDirectoryA
GetTempPathA
GetWindowsDirectoryA
LoadLibraryA
lstrcatA
lstrcmpiA
RemoveDirectoryA
SetFileTime
VirtualAlloc
VirtualFree
WriteFile

Sections

Size: 160KB - Virtual size: 1.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 4KB - Virtual size: 1.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

qmorzjlm
Size: 880KB - Virtual size: 880KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

uxqbgwxd
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

pebundle
Size: 218KB - Virtual size: 220KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

pebundle
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

pebundle
Size: 259KB - Virtual size: 260KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

pebundle
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

pebundle
Size: 189KB - Virtual size: 192KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

pebundle
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

pebundle
Size: 25KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

pebundle
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

pebundle
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

pebundle
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

pebundle
Size: 107KB - Virtual size: 108KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

pebundle
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

pebundle
Size: 57KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

pebundle
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

pebundle
Size: 26KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

pebundle
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

pebundle
Size: 19KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

pebundle
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
dmbb/被检测说明.txt
dmbb/购买收费外挂.url

Sharing

General

Malware Config

Signatures

Files

9c8decf3582072f6edfc385a689f44f4

Headers

File Characteristics

Imports

kernel32

Sections

Size: 160KB - Virtual size: 1.7MB

.rsrc Size: 24KB - Virtual size: 70KB

.idata Size: 4KB - Virtual size: 4KB

Size: 4KB - Virtual size: 1.0MB

qmorzjlm Size: 880KB - Virtual size: 880KB

uxqbgwxd Size: 4KB - Virtual size: 4KB

pebundle Size: 218KB - Virtual size: 220KB

pebundle Size: 8KB - Virtual size: 8KB

pebundle Size: 259KB - Virtual size: 260KB

pebundle Size: 8KB - Virtual size: 8KB

pebundle Size: 189KB - Virtual size: 192KB

pebundle Size: 8KB - Virtual size: 8KB

pebundle Size: 25KB - Virtual size: 28KB

pebundle Size: 8KB - Virtual size: 8KB

pebundle Size: 60KB - Virtual size: 60KB

pebundle Size: 8KB - Virtual size: 8KB

pebundle Size: 107KB - Virtual size: 108KB

pebundle Size: 8KB - Virtual size: 8KB

pebundle Size: 57KB - Virtual size: 60KB

pebundle Size: 8KB - Virtual size: 8KB

pebundle Size: 26KB - Virtual size: 28KB

pebundle Size: 8KB - Virtual size: 8KB

pebundle Size: 19KB - Virtual size: 20KB

pebundle Size: 8KB - Virtual size: 8KB

.rsrc
Size: 24KB - Virtual size: 70KB

.idata
Size: 4KB - Virtual size: 4KB

qmorzjlm
Size: 880KB - Virtual size: 880KB

uxqbgwxd
Size: 4KB - Virtual size: 4KB

pebundle
Size: 218KB - Virtual size: 220KB

pebundle
Size: 8KB - Virtual size: 8KB

pebundle
Size: 259KB - Virtual size: 260KB

pebundle
Size: 8KB - Virtual size: 8KB

pebundle
Size: 189KB - Virtual size: 192KB

pebundle
Size: 8KB - Virtual size: 8KB

pebundle
Size: 25KB - Virtual size: 28KB

pebundle
Size: 8KB - Virtual size: 8KB

pebundle
Size: 60KB - Virtual size: 60KB

pebundle
Size: 8KB - Virtual size: 8KB

pebundle
Size: 107KB - Virtual size: 108KB

pebundle
Size: 8KB - Virtual size: 8KB

pebundle
Size: 57KB - Virtual size: 60KB

pebundle
Size: 8KB - Virtual size: 8KB

pebundle
Size: 26KB - Virtual size: 28KB

pebundle
Size: 8KB - Virtual size: 8KB

pebundle
Size: 19KB - Virtual size: 20KB

pebundle
Size: 8KB - Virtual size: 8KB