be060751c8bdea63c51ff0834171251e_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

be060751c8bdea63c51ff0834171251e_JaffaCakes118
Size

1.3MB
MD5

be060751c8bdea63c51ff0834171251e
SHA1

b8f065087c09c171bb34307c74e8b8f38055845b
SHA256

492a757191fec547941c441b62ca1b91cae67c0ffea3765d0e89722cd7740719
SHA512

99b335cff6c98cfde0a59f286a16c6c6ce7ee56199edd1006024f56ae2bdb9d0c0369a23d73c1590c971488ceb1dfccc443272a153b1d004b17f3cf3e0b45c21
SSDEEP

24576:KoGXXZ68FGRl95uWsReiOvrRG5a4I1FKhUlnPIPflVrOAS:068F0l9XiOFkI1F3IXlHS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/奥奇传说LX辅助 v6.51/奥奇传说lx辅助 v6.51.exe

Files

be060751c8bdea63c51ff0834171251e_JaffaCakes118
.rar
奥奇传说LX辅助 v6.51/奥奇传说lx辅助 v6.51.exe
.exe windows:4 windows x86 arch:x86

baa93d47220682c04d92f7797d9224ce

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpy

comctl32

InitCommonControls

Sections

Size: 564KB - Virtual size: 1.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 4KB - Virtual size: 944KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

yjycypzc
Size: 776KB - Virtual size: 776KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

janmbumm
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
奥奇传说LX辅助 v6.51/更多软件下载.url
奥奇传说LX辅助 v6.51/飘荡软件.url
.url