163c6e8ced9695d0f2bc2bc8a2fde937_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

163c6e8ced9695d0f2bc2bc8a2fde937_JaffaCakes118
Size

2.8MB
MD5

163c6e8ced9695d0f2bc2bc8a2fde937
SHA1

1eb53584cd3c9203e899e38ae4952f61a92289ec
SHA256

ca4757029006bfa7ad20764230ca0108651f739cc6b54a327394d3f06c85bf4f
SHA512

9edb68f4dc47f5e322a4d4efdc581fb804c33f7af8cc2bcad527208af45e29045044827dd956d4059c447f73ed1aa4c7b117aa433bafe69e35e670d036f52677
SSDEEP

49152:TsLJGQupX/9YOOqmMbhy6b7S3QMnk5dcOvJGCJtPNMjqg/io/njXKpqGfhRn:TokhpX/9MqtbUa7SAMnk5dcOvoCJtdYW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack002/23bb测试登录器.exe

Files

163c6e8ced9695d0f2bc2bc8a2fde937_JaffaCakes118
.rar
MirServer/23bb.net下载说明必看.txt
MirServer/23bb.net爱上版本站长站.htm
.html
MirServer/23bb测试登录器.rar
.rar
23bb测试登录器.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 749KB - Virtual size: 2.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: 22KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 1.2MB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 12KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 16B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.0080
Size: 130KB - Virtual size: 144KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 401KB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.0081
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.0082
Size: 119KB - Virtual size: 124KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: - Virtual size: 144KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.asp
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sky
Size: 28B - Virtual size: 28B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
MirServer/Config.ini
MirServer/DBServer/!addrtable.txt
MirServer/DBServer/!serverinfo.txt
站长推荐服务器租用.htm
.html
站长推荐服务器租用网站.htm
.html

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Sections

CODE Size: 749KB - Virtual size: 2.2MB

DATA Size: 22KB - Virtual size: 48KB

BSS Size: - Virtual size: 1.2MB

.idata Size: 12KB - Virtual size: 16KB

.tls Size: - Virtual size: 16B

.rdata Size: 512B - Virtual size: 4KB

.0080 Size: 130KB - Virtual size: 144KB

.rsrc Size: 401KB - Virtual size: 1.1MB

.0081 Size: 1.2MB - Virtual size: 1.2MB

.0082 Size: 119KB - Virtual size: 124KB

.reloc Size: - Virtual size: 144KB

.asp Size: 5KB - Virtual size: 8KB

.sky Size: 28B - Virtual size: 28B

CODE
Size: 749KB - Virtual size: 2.2MB

DATA
Size: 22KB - Virtual size: 48KB

BSS
Size: - Virtual size: 1.2MB

.idata
Size: 12KB - Virtual size: 16KB

.tls
Size: - Virtual size: 16B

.rdata
Size: 512B - Virtual size: 4KB

.0080
Size: 130KB - Virtual size: 144KB

.rsrc
Size: 401KB - Virtual size: 1.1MB

.0081
Size: 1.2MB - Virtual size: 1.2MB

.0082
Size: 119KB - Virtual size: 124KB

.reloc
Size: - Virtual size: 144KB

.asp
Size: 5KB - Virtual size: 8KB

.sky
Size: 28B - Virtual size: 28B