fde4a1b4564373a073c127a33d343aca_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

fde4a1b4564373a073c127a33d343aca_JaffaCakes118
Size

9.2MB
MD5

fde4a1b4564373a073c127a33d343aca
SHA1

b3e0e2ce9e7f1898b7575ea43a73896a2310d7c8
SHA256

4981b908b0dcb1245739e44d8e7419dd2811cd2cf8f84366e40e61ea6d678960
SHA512

ff544ba08f9f73827af25930c22ff323f1ae1d2e1068adb53dca178fb76d5384cb639500f66b28cbbe2509b86b6249157a6263d5f233ad4eed6cbf8325583d63
SSDEEP

196608:xhpLq/5tT/t81a5YppwVOtS4WIH3eHZ1wf81Tt6tRI/Ooq2uJyfENCsABF:xhpm/59XmpwstBtocothg2ukfe5K

Score

3^/10

Malware Config

Signatures

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack001/SQLdatabaselostrecovery/分区簇分析工具.exe
unpack001/SQLdatabaselostrecovery/极佳SQL数据库丢失恢复程序.exe

Files

fde4a1b4564373a073c127a33d343aca_JaffaCakes118
.rar
SQLdatabaselostrecovery/SQL数据库丢失恢复程序使用帮助.doc
.doc windows office2003
SQLdatabaselostrecovery/使用必读.url
SQLdatabaselostrecovery/关于我们.txt
SQLdatabaselostrecovery/分区簇分析工具.exe
.exe windows:5 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

.textbss
Size: - Virtual size: 14.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2.5MB - Virtual size: 2.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2.4MB - Virtual size: 2.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.enigma1
Size: 6.0MB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.enigma2
Size: 232KB - Virtual size: 232KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
SQLdatabaselostrecovery/分区簇分析工具使用帮助.doc
.doc windows office2003
SQLdatabaselostrecovery/极佳SQL数据库丢失恢复程序.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: - Virtual size: 396KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: 188KB - Virtual size: 192KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
SQLdatabaselostrecovery/绿色先锋下载.url
.url

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Sections

.textbss Size: - Virtual size: 14.5MB

.text Size: 5KB - Virtual size: 8KB

.data Size: 2.5MB - Virtual size: 2.6MB

.idata Size: 1KB - Virtual size: 4KB

.tls Size: 512B - Virtual size: 4KB

.rsrc Size: 2.4MB - Virtual size: 2.4MB

.enigma1 Size: 6.0MB - Virtual size: 4KB

.enigma2 Size: 232KB - Virtual size: 232KB

Headers

File Characteristics

Sections

CODE Size: - Virtual size: 396KB

DATA Size: 188KB - Virtual size: 192KB

.rsrc Size: 5KB - Virtual size: 8KB

.textbss
Size: - Virtual size: 14.5MB

.text
Size: 5KB - Virtual size: 8KB

.data
Size: 2.5MB - Virtual size: 2.6MB

.idata
Size: 1KB - Virtual size: 4KB

.tls
Size: 512B - Virtual size: 4KB

.rsrc
Size: 2.4MB - Virtual size: 2.4MB

.enigma1
Size: 6.0MB - Virtual size: 4KB

.enigma2
Size: 232KB - Virtual size: 232KB

CODE
Size: - Virtual size: 396KB

DATA
Size: 188KB - Virtual size: 192KB

.rsrc
Size: 5KB - Virtual size: 8KB