eeced579269741bf656b17e9461a5f5f_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

eeced579269741bf656b17e9461a5f5f_JaffaCakes118
Size

844KB
MD5

eeced579269741bf656b17e9461a5f5f
SHA1

2f510d654419247901d49ed9a6e40cd0c720bc4a
SHA256

9a7836bc5e4df087c4aca721ab5b80d23e4ba7aa1c25a9059abf99a990e80c50
SHA512

d4ceaf5b8c0ba2367b17ee7c44e27cddc7041f305611d7aa3250f0d8601ef43627091db080f3060b299855f95a3c3c8f05b2cae83938e2d3473b1068ec305001
SSDEEP

24576:9Rloe0FwRcvTN91w71k4wHZTvwT/H98aFmx8R:9TmFiM91w7pw5TvwT/f0x8R

Score

3^/10

Malware Config

Signatures

Unsigned PE 4 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Giang Hồ TL.exe
unpack001/Hook.dll
unpack001/JX2Update.exe
unpack001/License.vie

Files

eeced579269741bf656b17e9461a5f5f_JaffaCakes118
.rar
Giang Hồ TL.exe
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 243KB - Virtual size: 728KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 41KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vie
Size: 512B - Virtual size: 88B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Hook.dll
.dll windows:5 windows x86 arch:x86

09d0478591d4f788cb3e5ea416c25237

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

Exports

Exports

GetMsg
InjectDll
UnmapDll

Sections

.text
Size: 23KB - Virtual size: 68KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
JX2Update.exe
.exe windows:5 windows x86 arch:x86

09d0478591d4f788cb3e5ea416c25237

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

Sections

.text
Size: 196KB - Virtual size: 568KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 31KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
License.vie
.dll windows:5 windows x86 arch:x86

09d0478591d4f788cb3e5ea416c25237

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

Exports

Exports

CheckLicense
CheckUpdate

Sections

.text
Size: 132KB - Virtual size: 400KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 21KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

Headers

DLL Characteristics

File Characteristics

Sections

.text Size: 243KB - Virtual size: 728KB

.rsrc Size: 41KB - Virtual size: 44KB

.vie Size: 512B - Virtual size: 88B

09d0478591d4f788cb3e5ea416c25237

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

Exports

Exports

Sections

.text Size: 23KB - Virtual size: 68KB

.rsrc Size: 5KB - Virtual size: 8KB

.reloc Size: 512B - Virtual size: 512B

09d0478591d4f788cb3e5ea416c25237

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

Sections

.text Size: 196KB - Virtual size: 568KB

.rsrc Size: 31KB - Virtual size: 32KB

.reloc Size: 512B - Virtual size: 512B

09d0478591d4f788cb3e5ea416c25237

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

Exports

Exports

Sections

.text Size: 132KB - Virtual size: 400KB

.rsrc Size: 21KB - Virtual size: 24KB

.reloc Size: 512B - Virtual size: 512B

.text
Size: 243KB - Virtual size: 728KB

.rsrc
Size: 41KB - Virtual size: 44KB

.vie
Size: 512B - Virtual size: 88B

.text
Size: 23KB - Virtual size: 68KB

.rsrc
Size: 5KB - Virtual size: 8KB

.reloc
Size: 512B - Virtual size: 512B

.text
Size: 196KB - Virtual size: 568KB

.rsrc
Size: 31KB - Virtual size: 32KB

.reloc
Size: 512B - Virtual size: 512B

.text
Size: 132KB - Virtual size: 400KB

.rsrc
Size: 21KB - Virtual size: 24KB

.reloc
Size: 512B - Virtual size: 512B