bca0d66b8ec2964229a26f469f07ce00_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

bca0d66b8ec2964229a26f469f07ce00_JaffaCakes118
Size

6.1MB
MD5

bca0d66b8ec2964229a26f469f07ce00
SHA1

0377590e4f660860491e693e0f78ad65bb186a42
SHA256

3dd86b69faa5aa8452d80488dfef915b8cfdd681ff5d499ed22ba872b8c4e8c5
SHA512

8b4e5fc5ac021a5d5b107d0cba389f7bc7c0eeb620def0829f75f2667d2c409768b11798404a0278465c0104c41f38934318ffd6b0a886778ba3679ba7eef03d
SSDEEP

196608:kMQOA88vs4EckRHbexsUA6vivC/3aKVljV6C2uZG:yOz8vsYO7eTvSC/3ljZ7G

Score

3^/10

Malware Config

Signatures

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack001/cvery.comjc56978963244/VB学习系.exe
unpack001/cvery.comjc56978963244/VB学习系统.exe

Files

bca0d66b8ec2964229a26f469f07ce00_JaffaCakes118
.rar
cvery.comjc56978963244/VB学习系.exe
.exe windows:1 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 136KB - Virtual size: 296KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: 2KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.udata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
cvery.comjc56978963244/VB学习系统.exe
.exe windows:4 windows x86 arch:x86

c7f5a0db9ba3f99999aee912af93576e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DeleteFileA
DebugActiveProcess
ResumeThread
GetThreadContext
TerminateProcess
GetExitCodeProcess
CreateProcessA
GetModuleFileNameA
GetStartupInfoA
GetVersionExA
SuspendThread
Sleep
GetTempPathA
FindClose
FindNextFileA
FindFirstFileA
UnmapViewOfFile
FreeLibrary
CloseHandle
GetCurrentProcess
GetShortPathNameA
GetCurrentThread
GetProcAddress
SetThreadContext
ReadFile
ReleaseMutex
LoadLibraryA
MapViewOfFile
CreateFileMappingA
CreateMutexA
SetFilePointer
GetCurrentProcessId
SleepEx
CreateThread
WriteFile
GetTempFileNameA
CreateMailslotA
SetEnvironmentVariableA
GetCommandLineA
GetModuleHandleA
GetFileSize
SetThreadPriority
ContinueDebugEvent
SetPriorityClass
WaitForDebugEvent
ReadProcessMemory
GetLastError
VirtualProtectEx
WaitForSingleObject
CreateFileA
CompareStringW
GetEnvironmentVariableA
WriteProcessMemory
GetVersion
ExitProcess
FlushFileBuffers
LCMapStringW
CompareStringA
SetStdHandle
GetOEMCP
LCMapStringA
GetCPInfo
GetStringTypeW
GetACP
MultiByteToWideChar
GetStringTypeA
VirtualAlloc
VirtualFree
HeapReAlloc
HeapDestroy
GetFileType
HeapCreate
SetHandleCount
GetEnvironmentStringsW
GetStdHandle
WideCharToMultiByte
FreeEnvironmentStringsW
RtlUnwind
GetTimeZoneInformation
GetSystemTime
GetLocalTime
GetEnvironmentStrings
HeapFree
HeapAlloc
UnhandledExceptionFilter
FreeEnvironmentStringsA

user32

EnumWindows
DestroyWindow
SendMessageTimeoutA
GetWindowThreadProcessId
UpdateWindow
SystemParametersInfoA
CreateDialogParamA
DispatchMessageA
SetTimer
GetDlgItem
SendMessageA
TranslateMessage
LoadCursorA
BeginPaint
EndPaint
KillTimer
GetSystemMetrics
ShowWindow
RegisterClassA
PostQuitMessage
DefWindowProcA
GetMessageA
CreateWindowExA
MessageBoxA
SetWindowTextA

gdi32

CreateDIBitmap
RealizePalette
DeleteDC
CreateDCA
CreatePalette
SelectPalette
SelectObject
CreateCompatibleDC
BitBlt
DeleteObject

Sections

.text
Size: 56KB - Virtual size: 54KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
cvery.comjc56978963244/下载说明.htm
.html .js polyglot

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Sections

CODE Size: 136KB - Virtual size: 296KB

DATA Size: 2KB - Virtual size: 8KB

BSS Size: - Virtual size: 8KB

.idata Size: 3KB - Virtual size: 12KB

.tls Size: - Virtual size: 4KB

.rdata Size: 512B - Virtual size: 4KB

.reloc Size: - Virtual size: 24KB

.rsrc Size: 8KB - Virtual size: 20KB

.adata Size: 5KB - Virtual size: 8KB

.udata Size: - Virtual size: 4KB

c7f5a0db9ba3f99999aee912af93576e

Headers

File Characteristics

Imports

kernel32

user32

gdi32

Sections

.text Size: 56KB - Virtual size: 54KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 8KB - Virtual size: 10KB

.rsrc Size: 12KB - Virtual size: 8KB

CODE
Size: 136KB - Virtual size: 296KB

DATA
Size: 2KB - Virtual size: 8KB

BSS
Size: - Virtual size: 8KB

.idata
Size: 3KB - Virtual size: 12KB

.tls
Size: - Virtual size: 4KB

.rdata
Size: 512B - Virtual size: 4KB

.reloc
Size: - Virtual size: 24KB

.rsrc
Size: 8KB - Virtual size: 20KB

.adata
Size: 5KB - Virtual size: 8KB

.udata
Size: - Virtual size: 4KB

.text
Size: 56KB - Virtual size: 54KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 8KB - Virtual size: 10KB

.rsrc
Size: 12KB - Virtual size: 8KB