0869d821f82280bcbc5a06a50c69f342_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

0869d821f82280bcbc5a06a50c69f342_JaffaCakes118
Size

394KB
MD5

0869d821f82280bcbc5a06a50c69f342
SHA1

849badcc8c0614b64e9e0cc24cd4cfce7e733dcd
SHA256

da52b30d7d70a08a68223d7ee80056f0d2a997bf7b6c4fd3873c2336759b3989
SHA512

f663b689624bacd56a35f7c483930aefd388a52888981f404a0edcef29501668ffd52e0b558de73946511a5405ea1dda6f8c92e46d8c87b76c476ce84a75b92f
SSDEEP

6144:r/CMrhl34ooprA218SwBnIfzvjEvN7kJTqKl5YCxs1cJw61L2pqZgtAJkeTZn:zTrhG/6m8SMavcSAKPJw6Xp

Score

3^/10

Malware Config

Signatures

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack001/k-lzsj/联众升级记牌器V4.20/LZ.dll
unpack001/k-lzsj/联众升级记牌器V4.20/LZCards.exe

Files

0869d821f82280bcbc5a06a50c69f342_JaffaCakes118
.rar
k-lzsj/使用说明.txt
k-lzsj/联众升级记牌器V4.20/LZ.dll
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

StartHook
StopHook

Sections

CODE
Size: 360KB - Virtual size: 360KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 9KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 26KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 400KB - Virtual size: 404KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
k-lzsj/联众升级记牌器V4.20/LZCards.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 355KB - Virtual size: 356KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 9KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 292KB - Virtual size: 291KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
k-lzsj/联众升级记牌器V4.20/LZSJ.ini

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Exports

Exports

Sections

CODE Size: 360KB - Virtual size: 360KB

DATA Size: 5KB - Virtual size: 8KB

BSS Size: - Virtual size: 8KB

.idata Size: 9KB - Virtual size: 12KB

.edata Size: 512B - Virtual size: 4KB

.reloc Size: 26KB - Virtual size: 28KB

.rsrc Size: 400KB - Virtual size: 404KB

Headers

File Characteristics

Sections

CODE Size: 355KB - Virtual size: 356KB

DATA Size: 5KB - Virtual size: 8KB

BSS Size: - Virtual size: 4KB

.idata Size: 9KB - Virtual size: 12KB

.tls Size: - Virtual size: 4KB

.rdata Size: 512B - Virtual size: 4KB

.reloc Size: - Virtual size: 28KB

.rsrc Size: 292KB - Virtual size: 291KB

CODE
Size: 360KB - Virtual size: 360KB

DATA
Size: 5KB - Virtual size: 8KB

BSS
Size: - Virtual size: 8KB

.idata
Size: 9KB - Virtual size: 12KB

.edata
Size: 512B - Virtual size: 4KB

.reloc
Size: 26KB - Virtual size: 28KB

.rsrc
Size: 400KB - Virtual size: 404KB

CODE
Size: 355KB - Virtual size: 356KB

DATA
Size: 5KB - Virtual size: 8KB

BSS
Size: - Virtual size: 4KB

.idata
Size: 9KB - Virtual size: 12KB

.tls
Size: - Virtual size: 4KB

.rdata
Size: 512B - Virtual size: 4KB

.reloc
Size: - Virtual size: 28KB

.rsrc
Size: 292KB - Virtual size: 291KB