f0c379d9d1d3975d94f84a5dcc8ba894_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

f0c379d9d1d3975d94f84a5dcc8ba894_JaffaCakes118
Size

6.9MB
MD5

f0c379d9d1d3975d94f84a5dcc8ba894
SHA1

15384ee0d817c2c3503f316c1e66a575cfff4214
SHA256

04d168eecc9551dc7e13f7a7b810d4831208965e40174b06e94cefa7b61944ff
SHA512

8dca6aa7b2335fbac9c76512ee7e05f1099f7c6b3467eff0a5928e8b64893e2a052aed610abba159e9427899c0a4a1b67d14c9c97b36fbac2a6b6cc71e85c13c
SSDEEP

196608:e3aKkbzRR93r0OvNyeba2Xp60pua5+Lee8iWGV3TGdK:eKKkbVR970OvNye22Zj9e1eGV3Tf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Crack/Gurobi40.dll

Files

f0c379d9d1d3975d94f84a5dcc8ba894_JaffaCakes118
.rar
155绿色软件站.url
.url
Crack/Gurobi40.dll
.dll windows:5 windows x86 arch:x86

891f1dc6b62f589d981c9454e409be5e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

wsock32

inet_ntoa

advapi32

DeregisterEventSource

Exports

Exports

GRBaddconstr
GRBaddconstrs
GRBaddqpterms
GRBaddrangeconstr
GRBaddrangeconstrs
GRBaddsos
GRBaddvar
GRBaddvars
GRBcbcut
GRBcbget
GRBcbsolution
GRBcheckmodel
GRBchgcoeffs
GRBcomputeIIS
GRBconverttofixed
GRBcopymodel
GRBdelconstrs
GRBdelq
GRBdelsos
GRBdelvars
GRBfeasibility
GRBfixedmodel
GRBfreeenv
GRBfreemodel
GRBgetattrinfo
GRBgetcallbackfunc
GRBgetcbwhatinfo
GRBgetcharattrarray
GRBgetcharattrelement
GRBgetcharattrlist
GRBgetcoeff
GRBgetconstrs
GRBgetdblattr
GRBgetdblattrarray
GRBgetdblattrelement
GRBgetdblattrlist
GRBgetdblparam
GRBgetdblparaminfo
GRBgetenv
GRBgeterrormsg
GRBgethostname
GRBgetintattr
GRBgetintattrarray
GRBgetintattrelement
GRBgetintattrlist
GRBgetintparam
GRBgetintparaminfo
GRBgetlogfile
GRBgetmerrormsg
GRBgetnumparams
GRBgetparamname
GRBgetparamtype
GRBgetq
GRBgetsockets
GRBgetsos
GRBgetstrattr
GRBgetstrattrarray
GRBgetstrattrelement
GRBgetstrattrlist
GRBgetstrparam
GRBgetstrparaminfo
GRBgetusername
GRBgetvars
GRBiismodel
GRBislp
GRBlinearizemodel
GRBloadenv
GRBloadmodel
GRBmsg
GRBnewmodel
GRBoptimize
GRBplatform
GRBpresolvemodel
GRBread
GRBreadmodel
GRBreadparams
GRBrelaxmodel
GRBreleaselicense
GRBresetmodel
GRBresetparams
GRBsetcallbackfunc
GRBsetcharattrarray
GRBsetcharattrelement
GRBsetcharattrlist
GRBsetdblattr
GRBsetdblattrarray
GRBsetdblattrelement
GRBsetdblattrlist
GRBsetdblparam
GRBsetintattr
GRBsetintattrarray
GRBsetintattrelement
GRBsetintattrlist
GRBsetintparam
GRBsetlogfile
GRBsetsignal
GRBsetstrattr
GRBsetstrattrarray
GRBsetstrattrelement
GRBsetstrattrlist
GRBsetstrparam
GRBstrongbranch
GRBsvnrevision
GRBterminate
GRBupdatemodel
GRBversion
GRBwrite
GRBwriteparams
_GRBaddconstr@32
_GRBaddconstrs@36
_GRBaddqpterms@20
_GRBaddrangeconstr@36
_GRBaddrangeconstrs@36
_GRBaddsos@28
_GRBaddvar@48
_GRBaddvars@44
_GRBcbcut@28
_GRBcbget@16
_GRBcbsolution@8
_GRBcheckmodel@4
_GRBchgcoeffs@20
_GRBcomputeIIS@4
_GRBconverttofixed@4
_GRBcopymodel@4
_GRBdelconstrs@12
_GRBdelq@4
_GRBdelsos@12
_GRBdelvars@12
_GRBfeasibility@4
_GRBfixedmodel@4
_GRBfreeenv@4
_GRBfreemodel@4
_GRBgetattrinfo@20
_GRBgetcallbackfunc@8
_GRBgetcbwhatinfo@16
_GRBgetcharattrarray@20
_GRBgetcharattrelement@16
_GRBgetcharattrlist@20
_GRBgetcoeff@16
_GRBgetconstrs@28
_GRBgetdblattr@12
_GRBgetdblattrarray@20
_GRBgetdblattrelement@16
_GRBgetdblattrlist@20
_GRBgetdblparam@12
_GRBgetdblparaminfo@24
_GRBgetenv@4
_GRBgeterrormsg@4
_GRBgethostname@4
_GRBgetintattr@12
_GRBgetintattrarray@20
_GRBgetintattrelement@16
_GRBgetintattrlist@20
_GRBgetintparam@12
_GRBgetintparaminfo@24
_GRBgetlogfile@8
_GRBgetmerrormsg@4
_GRBgetnumparams@4
_GRBgetparamname@12
_GRBgetparamtype@8
_GRBgetq@20
_GRBgetsockets@0
_GRBgetsos@32
_GRBgetstrattr@12
_GRBgetstrattrarray@20
_GRBgetstrattrelement@16
_GRBgetstrattrlist@20
_GRBgetstrparam@12
_GRBgetstrparaminfo@16
_GRBgetusername@4
_GRBgetvars@28
_GRBiismodel@4
_GRBislp@20
_GRBlinearizemodel@4
_GRBloadenv@8
_GRBloadmodel@80
_GRBmsg@8
_GRBnewmodel@36
_GRBoptimize@4
_GRBplatform@0
_GRBpresolvemodel@4
_GRBread@8
_GRBreadmodel@12
_GRBreadparams@8
_GRBrelaxmodel@4
_GRBreleaselicense@4
_GRBresetmodel@4
_GRBresetparams@4
_GRBsetcallbackfunc@12
_GRBsetcharattrarray@20
_GRBsetcharattrelement@16
_GRBsetcharattrlist@20
_GRBsetdblattr@16
_GRBsetdblattrarray@20
_GRBsetdblattrelement@20
_GRBsetdblattrlist@20
_GRBsetdblparam@16
_GRBsetintattr@12
_GRBsetintattrarray@20
_GRBsetintattrelement@16
_GRBsetintattrlist@20
_GRBsetintparam@12
_GRBsetlogfile@8
_GRBsetsignal@4
_GRBsetstrattr@12
_GRBsetstrattrarray@20
_GRBsetstrattrelement@16
_GRBsetstrattrlist@20
_GRBsetstrparam@12
_GRBstrongbranch@24
_GRBsvnrevision@0
_GRBterminate@4
_GRBupdatemodel@4
_GRBversion@12
_GRBwrite@8
_GRBwriteparams@8

Sections

.text
Size: 975KB - Virtual size: 4.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Gurobi-4.0.1-win32.msi
.msi

Sharing

General

Malware Config

Signatures

Files

891f1dc6b62f589d981c9454e409be5e

Headers

File Characteristics

Imports

kernel32

wsock32

advapi32

Exports

Exports

Sections

.text Size: 975KB - Virtual size: 4.4MB

.rsrc Size: 10KB - Virtual size: 12KB

.reloc Size: 512B - Virtual size: 512B

.text
Size: 975KB - Virtual size: 4.4MB

.rsrc
Size: 10KB - Virtual size: 12KB

.reloc
Size: 512B - Virtual size: 512B