bfc996a51380b265b920371361834b6d_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

bfc996a51380b265b920371361834b6d_JaffaCakes118
Size

1.2MB
MD5

bfc996a51380b265b920371361834b6d
SHA1

9d5029317a7dc2008aad067aed1a38db4a330e4d
SHA256

f60f7a0595adeacc01980687c485004d9d4a5dbd8c7e15253a5144fce3743437
SHA512

d4969ac0f6dd67232e136d5d14c332806f709ddeb54d21065ee1ee9eef54a69f568f19f6f2a4e350d0fb24f9aa609277ac3ed944a3c6b71b23bb538d73203d99
SSDEEP

24576:U2XbsVhWbltOaw2m2ggQ4HiC2ovSl0Pk8g2F28Psi/8b3stg2wmjMAH:1shwQF2mVgjhvqqPB2ni/wswiH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/ssQQkjxcplxzq/苏苏QQ空间相册批量下载器.exe

Files

bfc996a51380b265b920371361834b6d_JaffaCakes118
.rar
ssQQkjxcplxzq/苏苏QQ空间相册批量下载器.exe
.exe windows:5 windows x86 arch:x86

944e6755ccd9ffc90854541f5ab0d373

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

midiStreamOut

ws2_32

WSAAsyncSelect

kernel32

GetTimeZoneInformation

user32

PeekMessageA

gdi32

Escape

winspool.drv

ClosePrinter

advapi32

RegOpenKeyExA

shell32

Shell_NotifyIconA

ole32

StgCreateDocfileOnILockBytes

oleaut32

VariantChangeType

comctl32

ImageList_GetImageCount

oledlg

ord8

comdlg32

ChooseColorA

msvcrt

strncpy

iphlpapi

GetInterfaceInfo

psapi

GetMappedFileNameW

Sections

.text
Size: 520KB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
ssQQkjxcplxzq/飘荡软件.url
.url

Sharing

General

Malware Config

Signatures

Files

944e6755ccd9ffc90854541f5ab0d373

Headers

File Characteristics

Imports

winmm

ws2_32

kernel32

user32

gdi32

winspool.drv

advapi32

shell32

ole32

oleaut32

comctl32

oledlg

comdlg32

msvcrt

iphlpapi

psapi

Sections

.text Size: 520KB - Virtual size: 1.2MB

.text Size: 1.2MB - Virtual size: 1.2MB

.idata Size: 4KB - Virtual size: 4KB

.rsrc Size: 36KB - Virtual size: 36KB

.text Size: 4KB - Virtual size: 4KB

.text
Size: 520KB - Virtual size: 1.2MB

.text
Size: 1.2MB - Virtual size: 1.2MB

.idata
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 36KB - Virtual size: 36KB

.text
Size: 4KB - Virtual size: 4KB