029e0fd5fa48ef949cc7d8c925c4d8dd_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

029e0fd5fa48ef949cc7d8c925c4d8dd_JaffaCakes118
Size

3.2MB
MD5

029e0fd5fa48ef949cc7d8c925c4d8dd
SHA1

9c119b4e546e29308c7c48afc104a1192a8f9d66
SHA256

7549cb55bc5b76a9d68a4c0884c87ad1531fbd48d381f4b4393495d9d01fda77
SHA512

c54d87609f2f03f1c7b1d92f0055b3fd415ca35cc3414d0a4e59f038374cb136e32e4591aa3db1e4a323f2f5988d88bf65fb3f85f7184004de1a2561c05fe58a
SSDEEP

49152:iw+hRxElIG1GNqokhXQbtmfpEYhd8VxH6DPiYn9g3Nub5X+aVbgj0B881VJykCVE:iRxEINqrhf1dgHYH9+Nu+gjHJ6sJV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/疯狂网络.Exe

Files

029e0fd5fa48ef949cc7d8c925c4d8dd_JaffaCakes118
.rar
WIN7系统的玩家进不去的方法.txt
疯狂网络.Exe
.exe windows:4 windows x86 arch:x86

baa93d47220682c04d92f7797d9224ce

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

lstrcpy

comctl32

InitCommonControls

Sections

Size: 595KB - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.6MB - Virtual size: 2.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

vndnfppq
Size: 1.0MB - Virtual size: 1.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

fvnssdou
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE