b1f75f48ceec5c9601a4a333e0523258_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

b1f75f48ceec5c9601a4a333e0523258_JaffaCakes118
Size

163KB
MD5

b1f75f48ceec5c9601a4a333e0523258
SHA1

ffa4fc81319629abc267b5a7ffd4de2e4049faab
SHA256

c379577ff8943d9409925784ca9d4529c2d5905fc8872603d1ea988de2521df3
SHA512

66b52df5221cb423ba0bddbbf037ec5311985ae121e9dcd568f6dbaecd2cd4ac30c32f7a74bf1425ab6db5dea1eae9c11512f8a219f16c53541d87c948115494
SSDEEP

3072:7IzgPfNRigaUk+FqKAG43oczKCLgKlY6ObfEnP7NEY5++mR:7IEXbe3/3KCE45ObsnP7Wrf

Score

3^/10

Malware Config

Signatures

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack001/血盟论坛刷帖机/SkinH_VB6.dll
unpack001/血盟论坛刷帖机/工程1.exe

Files

b1f75f48ceec5c9601a4a333e0523258_JaffaCakes118
.7z
血盟论坛刷帖机/QQ2008.she
血盟论坛刷帖机/SkinH_VB6.dll
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

SkinH_AdjustAero
SkinH_AdjustHSV
SkinH_Attach
SkinH_AttachEx
SkinH_AttachExt
SkinH_AttachRes
SkinH_AttachResEx
SkinH_Detach
SkinH_DetachEx
SkinH_GetColor
SkinH_LockUpdate
SkinH_Map
SkinH_NineBlt
SkinH_SetAero
SkinH_SetBackColor
SkinH_SetFont
SkinH_SetFontEx
SkinH_SetForeColor
SkinH_SetMenuAlpha
SkinH_SetTitleMenuBar
SkinH_SetWindowAlpha
SkinH_SetWindowMovable
SkinH_VerifySign

Sections

.Hmily
Size: - Virtual size: 228KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.52PoJie
Size: 96KB - Virtual size: 112KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
血盟论坛刷帖机/aero.she
血盟论坛刷帖机/skinh.she
血盟论坛刷帖机/工程1.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.nsp0
Size: - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.nsp1
Size: 10KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.nsp2
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Exports

Exports

Sections

.Hmily Size: - Virtual size: 228KB

.52PoJie Size: 96KB - Virtual size: 112KB

Headers

File Characteristics

Sections

.nsp0 Size: - Virtual size: 32KB

.nsp1 Size: 10KB - Virtual size: 12KB

.nsp2 Size: - Virtual size: 4KB

.Hmily
Size: - Virtual size: 228KB

.52PoJie
Size: 96KB - Virtual size: 112KB

.nsp0
Size: - Virtual size: 32KB

.nsp1
Size: 10KB - Virtual size: 12KB

.nsp2
Size: - Virtual size: 4KB