1030d19fdd940bda08832875a2ebc4d4_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

1030d19fdd940bda08832875a2ebc4d4_JaffaCakes118
Size

18KB
MD5

1030d19fdd940bda08832875a2ebc4d4
SHA1

835f9c7a50078acb4a736c8667cfe232015cc715
SHA256

1f6b6faa88be625901ff0e950666e0b73f15d4fb1cbebc85076ebeb25edc4cfe
SHA512

144a8920c4fe6a28fdf21cc45c0919781f61ea7adadadf015af812951eb3c9a0e29b243084c59761bdc0ad20a47ddb05c6f08f5a375355f814361d3549be58a9
SSDEEP

384:OCujQkQTUb4sI0smZjY9aFIMnuUuEFmQpjsx6gPxqS1l:O1jQkQTUbk0smuUuwDjgxqcl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Ra2/红警2全能作弊器.exe

Files

1030d19fdd940bda08832875a2ebc4d4_JaffaCakes118
.rar
Ra2/红警2全能作弊器.exe
.exe windows:4 windows x86 arch:x86

8e51ba9c344dcda20451a8b3e49e6110

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

__vbaVarSub
_CIcos
_adj_fptan
__vbaStrI4
__vbaAryMove
__vbaFreeVar
__vbaStrVarMove
__vbaLenBstr
__vbaEnd
__vbaFreeVarList
_adj_fdiv_m64
__vbaFreeObjList
ord517
_adj_fprem1
__vbaCopyBytes
__vbaStrCat
__vbaSetSystemError
__vbaNameFile
__vbaHresultCheckObj
__vbaLenVar
_adj_fdiv_m32
__vbaAryVar
ord667
__vbaAryDestruct
__vbaLateMemSt
__vbaExitProc
__vbaOnError
_adj_fdiv_m16i
__vbaObjSetAddref
_adj_fdivr_m16i
ord598
__vbaRefVarAry
ord708
_CIsin
ord631
ord709
__vbaChkstk
EVENT_SINK_AddRef
__vbaGenerateBoundsError
__vbaStrCmp
__vbaAryConstruct2
__vbaVarTstEq
__vbaI2I4
__vbaObjVar
DllFunctionCall
__vbaRedimPreserve
_adj_fpatan
__vbaRedim
EVENT_SINK_Release
__vbaUI1I2
_CIsqrt
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord711
__vbaStrToUnicode
ord606
_adj_fprem
_adj_fdivr_m64
ord716
__vbaFPException
__vbaUbound
__vbaStrVarVal
__vbaVarCat
ord537
ord644
ord645
_CIlog
__vbaErrorOverflow
__vbaInStr
__vbaNew2
_adj_fdiv_m32i
_adj_fdivr_m32i
__vbaStrCopy
ord573
ord681
__vbaFreeStrList
_adj_fdivr_m32
_adj_fdiv_r
ord100
__vbaVarTstNe
__vbaI4Var
__vbaLateMemCall
__vbaAryLock
__vbaVarDup
__vbaStrToAnsi
ord616
__vbaLateMemCallLd
_CIatan
__vbaAryCopy
ord618
__vbaStrMove
_allmul
_CItan
__vbaAryUnlock
_CIexp
__vbaFreeStr
__vbaFreeObj

Sections

.text
Size: 52KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
logo.gif
.gif
更多实用小工具.url
.url
说明.txt

Sharing

General

Malware Config

Signatures

Files

8e51ba9c344dcda20451a8b3e49e6110

Headers

File Characteristics

Imports

msvbvm60

Sections

.text Size: 52KB - Virtual size: 48KB

.data Size: 4KB - Virtual size: 2KB

.rsrc Size: 8KB - Virtual size: 5KB

.text
Size: 52KB - Virtual size: 48KB

.data
Size: 4KB - Virtual size: 2KB

.rsrc
Size: 8KB - Virtual size: 5KB