0e4bf76cc591107560209dd9a265ed0d_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0e4bf76cc591107560209dd9a265ed0d_JaffaCakes118
Size

302KB
MD5

0e4bf76cc591107560209dd9a265ed0d
SHA1

54fce488b6b65a3e0a35a6f958ebd4d93e0dc9d9
SHA256

af4ee15b8f58bbc762260a198f9b42d01e0d66cf06e17802050375a277a0c544
SHA512

e4f7b700c66fa4f9701320044191e5341d70c886e35f41ea5f1f1c006dfbcf1a5b95352faebb23057bd2382b960b58064627e599b594e37747da71553d8e6f9b
SSDEEP

6144:M44H6E/ezKKOF2+JaXDXn3TbHdGbNJACn/jcI30wfZFzv9dHHxC0/+/m:MFHd/aVOFLJab3TbHdMa8/Hfv9dncO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/CF完美窗口化.exe

Files

0e4bf76cc591107560209dd9a265ed0d_JaffaCakes118
.rar
CF完美窗口化.exe
.exe windows:4 windows x86 arch:x86

820ab24e53af2dbafc74d24f87e40262

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

MessageBoxA

comctl32

InitCommonControls

kernel32

LoadLibraryA
GetProcAddress

Sections

.text
Size: 80KB - Virtual size: 136KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 11KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 3KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 153KB - Virtual size: 348KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.taz
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE