b0c6f1a681437594c55aff640a8fd0d4_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

b0c6f1a681437594c55aff640a8fd0d4_JaffaCakes118
Size

5.6MB
MD5

b0c6f1a681437594c55aff640a8fd0d4
SHA1

b312a963ddb5c9faf599847f6a3f2e8d8551adf3
SHA256

557df6b510dbc1274953e1b9448afbc88c9fdd49f36e1d1ace5af2657856a6f7
SHA512

6aa9d290ce25fd22e4fee90bbd445c3498f3d1494a366057826cf4be3c8c85acb65069043429ba56d60bed3042562c9ba822d1ca76fceaa5348468142e07c773
SSDEEP

98304:Uvn1nDAAkvxL08CRgUj2bU+r7EndVB5KY9EG1uaQzrUPLxTRE98MQxaum1pB4:Uv1nsJV08Aj2bUTndVBQGUaQz4PLx1Eg

Score

7^/10

aspackv2

Malware Config

Signatures

ASPack v2.12-2.42 1 IoCs

Detects executables packed with ASPack v2.12-2.42

aspackv2

resource	yara_rule
static1/unpack001/桌球/VirtualPoolMobile_PPC_v16x_17x_KeyGeN.exe	aspack_v212_v242

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/桌球/VirtualPoolMobile_PPC_v16x_17x_KeyGeN.exe

Files

b0c6f1a681437594c55aff640a8fd0d4_JaffaCakes118
.rar
桌球/VPMobileFullPPC.SA.cab
.cab
00000RES.009
00GARAGE.005
00MOVIES.002
0HAWGPEN.007
0PITSTOP.008
BEACHH~1.003
DEEPPO~1.004
HARDTI~1.006
VIRTUA~1.000
VPMOBILE.001
_setup.xml
桌球/VirtualPoolMobile_PPC_v16x_17x_KeyGeN.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Exports

Exports

@@Unidadrpn@Finalize
@@Unidadrpn@Finalize
@@Unidadrpn@Initialize
@@Unidadrpn@Initialize
__GetExceptDLLinfo
___CPPdebugHook
_frm

Sections

.text
Size: 176KB - Virtual size: 420KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 6KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tgb
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
桌球/游戏简介.txt

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Exports

Exports

Sections

.text Size: 176KB - Virtual size: 420KB

.data Size: 6KB - Virtual size: 40KB

.tls Size: 512B - Virtual size: 4KB

.rdata Size: 512B - Virtual size: 4KB

.idata Size: 3KB - Virtual size: 12KB

.edata Size: 512B - Virtual size: 4KB

.rsrc Size: 12KB - Virtual size: 48KB

.reloc Size: - Virtual size: 32KB

.tgb Size: 6KB - Virtual size: 8KB

.adata Size: - Virtual size: 4KB

.text
Size: 176KB - Virtual size: 420KB

.data
Size: 6KB - Virtual size: 40KB

.tls
Size: 512B - Virtual size: 4KB

.rdata
Size: 512B - Virtual size: 4KB

.idata
Size: 3KB - Virtual size: 12KB

.edata
Size: 512B - Virtual size: 4KB

.rsrc
Size: 12KB - Virtual size: 48KB

.reloc
Size: - Virtual size: 32KB

.tgb
Size: 6KB - Virtual size: 8KB

.adata
Size: - Virtual size: 4KB