126012a7f569463bb63ce5ffb61d349b_JaffaCakes118 | Triage

Sharing

General

Target

126012a7f569463bb63ce5ffb61d349b_JaffaCakes118
Size

2.7MB
MD5

126012a7f569463bb63ce5ffb61d349b
SHA1

baac6798d176519be7a4543a463f748c7a65ea17
SHA256

df5aba837feb48320815c88cf782d7d03fbad743df67009421300d10063ae7fb
SHA512

5f08187269b018876ff17174abf82a66ea1272443a24014eac739934922ca9242ff96ab29cbf3ac86eda2e66f7ac4a76e4f52ae22a43704baf08dba8e35fc44b
SSDEEP

49152:ax1/LMXyKgBwvCyOh+nf0VU4I/FYMacqQT7AAAJMbd278YDq0g2WjqjlRqyCkBW:ax1/LMXyr6MonfuUhCBy/AJMbd2W0gR/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/DNF霸/Launcher.exe

Files

126012a7f569463bb63ce5ffb61d349b_JaffaCakes118
.rar
DNF霸/24小时自动换卡.url
.url
DNF霸/DNF1100外挂网.url
.url
DNF霸/DNF掉线数据清理2.0版.bat
DNF霸/Launcher.exe
.exe windows:4 windows x86 arch:x86

baa93d47220682c04d92f7797d9224ce

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

lstrcpy

comctl32

InitCommonControls

Sections

Size: 716KB - Virtual size: 716KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2.4MB - Virtual size: 2.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

ysjsmefq
Size: 891KB - Virtual size: 892KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

ydvgfzdc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
DNF霸/使用说明.txt
DNF霸/注册码.reg