f05fcd489963033f2e68e71b2011d23d_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

f05fcd489963033f2e68e71b2011d23d_JaffaCakes118
Size

470KB
MD5

f05fcd489963033f2e68e71b2011d23d
SHA1

d4a3bf1da38aa26ec3cbf34a635b7a1006831ab4
SHA256

a65d7954886db0d06e6cc4f1ce0cfce3792fef8e33e749c0836e5da163d518bc
SHA512

b18183843c5729eb607bd27fd5cc0a6daab1096f170e8186521592e4bce1a8e1b15c4e9a04843afa66de1ef0b1f6c0444259b416366c8d39ea9286d7ecc484ce
SSDEEP

12288:0T/MaAYwrVIrqtSh0QqoVJQk9ounA870iHYhiSmKn:i/forVjtOZsl83Y0SmQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/PureWind.exe

Files

f05fcd489963033f2e68e71b2011d23d_JaffaCakes118
.rar
PureWind.exe
.exe windows:5 windows x86 arch:x86

4710e694cbc904bbde58b1960e1a3f6b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapAlloc
GetProcessHeap
HeapFree
GetTickCount
GetModuleFileNameW
SetEnvironmentVariableW
GetCurrentProcessId
OpenFileMappingW
GetLastError
MapViewOfFile
CloseHandle
CreateFileW
CreateFileMappingW
UnmapViewOfFile
GetFileInformationByHandle
VirtualAlloc
VirtualFree
GetModuleHandleA
GetFileSizeEx
GetProcAddress
LoadLibraryW

Sections

.text
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.xcpad
Size: - Virtual size: 160KB

.idata
Size: 1024B - Virtual size: 692B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 424B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 27KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
model/BookText.js
.js
model/ModelChapter.htm
.js
model/ModelIndex.htm
.js
model/ReadSet.ini
model/TextSet.js
.js
model/config.mdb
model/icon/add_book.gif
.gif
model/icon/back_book.gif
.gif
model/icon/back_home.gif
.gif
model/icon/back_items.gif
.gif
model/icon/next.gif
.gif
model/icon/pre.gif
.gif
model/icon/print.gif
.gif
model/icon/refresh.gif
.gif
model/jquery1.2.6.min.js
.js
model/menu.js
.js
model/style.css
model/新云软件.url
.url
软件更新.txt

Sharing

General

Malware Config

Signatures

Files

4710e694cbc904bbde58b1960e1a3f6b

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

Sections

.text Size: 15KB - Virtual size: 15KB

.data Size: - Virtual size: 1KB

.xcpad Size: - Virtual size: 160KB

.idata Size: 1024B - Virtual size: 692B

.reloc Size: 512B - Virtual size: 424B

.rsrc Size: 27KB - Virtual size: 26KB

.text
Size: 15KB - Virtual size: 15KB

.data
Size: - Virtual size: 1KB

.xcpad
Size: - Virtual size: 160KB

.idata
Size: 1024B - Virtual size: 692B

.reloc
Size: 512B - Virtual size: 424B

.rsrc
Size: 27KB - Virtual size: 26KB