066c51acdd6b6b3013a79ba05a3ec317_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

066c51acdd6b6b3013a79ba05a3ec317_JaffaCakes118
Size

2.5MB
MD5

066c51acdd6b6b3013a79ba05a3ec317
SHA1

6da303c2ca4dd4e559ac80806ff0f464a3dc6aef
SHA256

3cd1b30202631c8bc069cd90b5645f2412f1c3588c015d45ef72ce6943d77033
SHA512

ff74c8f2a02a5b13d4a4e9d20d35ff6ce507c4f05e898a96a3341e2d69993ca3a3b1e3046378c47a5191b0a988ba435adefccae2a3e0a8b8c3a3cec23c712b3b
SSDEEP

49152:GzRlKNz0ICEgpTaJlZ8O+XwTUxygVRLVLDVC77+2OL89:GzRlKNYndpTaPGKeyiRJV86RC

Score

3^/10

Malware Config

Signatures

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack001/咪兔QQ游戏中国象棋助手/AIEngine/佳佳快棋版/gg20100218.exe
unpack001/咪兔QQ游戏中国象棋助手/AIEngine/倚天高级版/deepsky.exe

Files

066c51acdd6b6b3013a79ba05a3ec317_JaffaCakes118
.rar
2011最给力在线小游戏.url
咪兔QQ游戏中国象棋助手/AIEngine/佳佳快棋版/gg20100218.exe
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

Size: 704KB - Virtual size: 42.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 336B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.mackt
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
咪兔QQ游戏中国象棋助手/AIEngine/倚天高级版/cyclone.ini
咪兔QQ游戏中国象棋助手/AIEngine/倚天高级版/deepsky.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 372KB - Virtual size: 372KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 32KB - Virtual size: 18.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.mackt
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
咪兔QQ游戏中国象棋助手/AIEngine/倚天高级版/deepsky.ini

Sharing

General

Malware Config

Signatures

Files

Headers

DLL Characteristics

File Characteristics

Sections

Size: 704KB - Virtual size: 42.4MB

.rsrc Size: 1KB - Virtual size: 4KB

.idata Size: 336B - Virtual size: 4KB

.mackt Size: 1KB - Virtual size: 4KB

Headers

File Characteristics

Sections

.text Size: 372KB - Virtual size: 372KB

.rdata Size: 32KB - Virtual size: 18.9MB

.data Size: 16KB - Virtual size: 16KB

.mackt Size: 4KB - Virtual size: 4KB

.rsrc
Size: 1KB - Virtual size: 4KB

.idata
Size: 336B - Virtual size: 4KB

.mackt
Size: 1KB - Virtual size: 4KB

.text
Size: 372KB - Virtual size: 372KB

.rdata
Size: 32KB - Virtual size: 18.9MB

.data
Size: 16KB - Virtual size: 16KB

.mackt
Size: 4KB - Virtual size: 4KB