fef4d623fde6106a42c63f40217def78_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

fef4d623fde6106a42c63f40217def78_JaffaCakes118
Size

1.4MB
MD5

fef4d623fde6106a42c63f40217def78
SHA1

111dd3f0ce07f1987411d9c24b3ceb207a92330d
SHA256

0278497bc2f13382fe599864152174b1a199b436e3a0f78f2b3846bf2ef21335
SHA512

2c65d74209f3386a93ecffdcf5aaed89819c01838cae334abb566297ebdeea146537e373aab3ea505c26a46b2addf1f61e052dbbca1e39e687149531e8e4a9cf
SSDEEP

24576:o4zr4wL3FCmHOqgWSRZ9xIyX4Z6Ev8KtC9mUxeCEMgbhEHVCTdV:o4ztQJu69Nwrv8mCCkgFE1a

Score

3^/10

Malware Config

Signatures

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack001/wlbczs-v1.07/update.exe
unpack001/wlbczs-v1.07/微凉编程助手.exe

Files

fef4d623fde6106a42c63f40217def78_JaffaCakes118
.rar
wlbczs-v1.07/Start.ini
wlbczs-v1.07/set/images/蓝红风格/Frame.bmp
wlbczs-v1.07/set/images/蓝红风格/Tool.bmp
wlbczs-v1.07/set/images/蓝红风格/all_tool.bmp
wlbczs-v1.07/set/images/蓝红风格/but_anxia.bmp
wlbczs-v1.07/set/images/蓝红风格/but_jiaoran.bmp
wlbczs-v1.07/set/images/蓝红风格/but_zhengchang.bmp
wlbczs-v1.07/set/images/蓝红风格/checkbox_false.bmp
wlbczs-v1.07/set/images/蓝红风格/checkbox_jiaodian.bmp
wlbczs-v1.07/set/images/蓝红风格/checkbox_pro.bmp
wlbczs-v1.07/set/images/蓝红风格/checkbox_ture.bmp
wlbczs-v1.07/set/images/蓝红风格/end_anxia.bmp
wlbczs-v1.07/set/images/蓝红风格/end_jiaodian.bmp
wlbczs-v1.07/set/images/蓝红风格/end_zhangchang.bmp
wlbczs-v1.07/set/images/蓝红风格/from_xia.bmp
.jpg
wlbczs-v1.07/set/images/蓝红风格/radio_false.bmp
wlbczs-v1.07/set/images/蓝红风格/radio_jiaodian.bmp
wlbczs-v1.07/set/images/蓝红风格/radio_pro.bmp
wlbczs-v1.07/set/images/蓝红风格/radio_ture.bmp
wlbczs-v1.07/set/images/蓝红风格/skin.ini
wlbczs-v1.07/set/images/蓝绿风格(默认)/Frame.bmp
wlbczs-v1.07/set/images/蓝绿风格(默认)/Tool.bmp
wlbczs-v1.07/set/images/蓝绿风格(默认)/all_tool.bmp
wlbczs-v1.07/set/images/蓝绿风格(默认)/but_anxia.bmp
wlbczs-v1.07/set/images/蓝绿风格(默认)/but_jiaoran.bmp
wlbczs-v1.07/set/images/蓝绿风格(默认)/but_zhengchang.bmp
wlbczs-v1.07/set/images/蓝绿风格(默认)/checkbox_false.bmp
wlbczs-v1.07/set/images/蓝绿风格(默认)/checkbox_jiaodian.bmp
wlbczs-v1.07/set/images/蓝绿风格(默认)/checkbox_pro.bmp
wlbczs-v1.07/set/images/蓝绿风格(默认)/checkbox_ture.bmp
wlbczs-v1.07/set/images/蓝绿风格(默认)/end_anxia.bmp
wlbczs-v1.07/set/images/蓝绿风格(默认)/end_jiaodian.bmp
wlbczs-v1.07/set/images/蓝绿风格(默认)/end_zhangchang.bmp
wlbczs-v1.07/set/images/蓝绿风格(默认)/from_xia.bmp
.jpg
wlbczs-v1.07/set/images/蓝绿风格(默认)/radio_false.bmp
wlbczs-v1.07/set/images/蓝绿风格(默认)/radio_jiaodian.bmp
wlbczs-v1.07/set/images/蓝绿风格(默认)/radio_pro.bmp
wlbczs-v1.07/set/images/蓝绿风格(默认)/radio_ture.bmp
wlbczs-v1.07/set/images/蓝绿风格(默认)/skin.ini
wlbczs-v1.07/set/images/蓝色风格/Frame.bmp
wlbczs-v1.07/set/images/蓝色风格/Tool.bmp
wlbczs-v1.07/set/images/蓝色风格/all_tool.bmp
wlbczs-v1.07/set/images/蓝色风格/but_anxia.bmp
wlbczs-v1.07/set/images/蓝色风格/but_jiaoran.bmp
wlbczs-v1.07/set/images/蓝色风格/checkbox_false.bmp
wlbczs-v1.07/set/images/蓝色风格/checkbox_jiaodian.bmp
wlbczs-v1.07/set/images/蓝色风格/checkbox_pro.bmp
wlbczs-v1.07/set/images/蓝色风格/checkbox_ture.bmp
wlbczs-v1.07/set/images/蓝色风格/end_anxia.bmp
wlbczs-v1.07/set/images/蓝色风格/end_jiaodian.bmp
wlbczs-v1.07/set/images/蓝色风格/end_zhangchang.bmp
wlbczs-v1.07/set/images/蓝色风格/from_xia.bmp
.jpg
wlbczs-v1.07/set/images/蓝色风格/radio_false.bmp
wlbczs-v1.07/set/images/蓝色风格/radio_jiaodian.bmp
wlbczs-v1.07/set/images/蓝色风格/radio_pro.bmp
wlbczs-v1.07/set/images/蓝色风格/radio_ture.bmp
wlbczs-v1.07/set/images/蓝色风格/skin.ini
wlbczs-v1.07/set/logo/1.gif
.gif
wlbczs-v1.07/set/logo/2.gif
.gif
wlbczs-v1.07/set/logo/3.gif
.gif
wlbczs-v1.07/set/logo/4.gif
.gif
wlbczs-v1.07/set/logo/load.txt
wlbczs-v1.07/set/logo/load_q.txt
wlbczs-v1.07/set/logo/mr.gif
.gif
wlbczs-v1.07/update.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.nsp0
Size: - Virtual size: 920KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.nsp1
Size: 287KB - Virtual size: 291KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.nsp2
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
wlbczs-v1.07/常量.txt
wlbczs-v1.07/微凉编程助手.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.nsp0
Size: - Virtual size: 2.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.nsp1
Size: 445KB - Virtual size: 450KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.nsp2
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
wlbczs-v1.07/新云软件.url
.url

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Sections

.nsp0 Size: - Virtual size: 920KB

.nsp1 Size: 287KB - Virtual size: 291KB

.nsp2 Size: 23KB - Virtual size: 22KB

Headers

File Characteristics

Sections

.nsp0 Size: - Virtual size: 2.0MB

.nsp1 Size: 445KB - Virtual size: 450KB

.nsp2 Size: 14KB - Virtual size: 13KB

.nsp0
Size: - Virtual size: 920KB

.nsp1
Size: 287KB - Virtual size: 291KB

.nsp2
Size: 23KB - Virtual size: 22KB

.nsp0
Size: - Virtual size: 2.0MB

.nsp1
Size: 445KB - Virtual size: 450KB

.nsp2
Size: 14KB - Virtual size: 13KB