2841cd75da6db8f004f21986b641eea0_JaffaCakes118

General

Target

2841cd75da6db8f004f21986b641eea0_JaffaCakes118
Size

21KB
MD5

2841cd75da6db8f004f21986b641eea0
SHA1

82578494f2a209d4ba587cdc9fd200b051b5e410
SHA256

eeb8baec30dbc282664bab470ecac5f4ea4c1e92d5f2aba4ad9342420043bfe2
SHA512

7e8e5f7c0220fb70d1c3061937de4c36f7840d647b866e8d111078a9683f5f28cae25bc3b0084f402ec1c952ada586060783e3a1d92dad83376ab5291842c6d5
SSDEEP

384:BI0kvta6hJgMNROWASkYHCUTi79AdW7W0+tTlpK3f8j1ON:BIVThJgiOWXbi7W87WXFj4N

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/流星蝴蝶剑无限气/流星蝴蝶剑无限气外挂.exe

Files

2841cd75da6db8f004f21986b641eea0_JaffaCakes118
.zip
流星蝴蝶剑无限气/东坡下载说明.TXT
流星蝴蝶剑无限气/东坡软件下载基地.url
.url
流星蝴蝶剑无限气/流星蝴蝶剑无限气外挂.exe
.exe windows:4 windows x86 arch:x86

97e061f3d6035c63bc8f0bf26913b2a0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

_CIcos
_adj_fptan
__vbaStrI4
__vbaVarMove
__vbaVarVargNofree
__vbaFreeVar
__vbaLateIdCall
__vbaFreeVarList
__vbaEnd
_adj_fdiv_m64
__vbaFreeObjList
_adj_fprem1
__vbaStrCat
ord660
__vbaSetSystemError
__vbaHresultCheckObj
_adj_fdiv_m32
__vbaAryDestruct
__vbaObjSet
ord595
_adj_fdiv_m16i
_adj_fdivr_m16i
__vbaVarIndexLoad
__vbaRefVarAry
_CIsin
ord632
__vbaChkstk
EVENT_SINK_AddRef
__vbaGenerateBoundsError
__vbaStrCmp
__vbaAryConstruct2
__vbaVarTstEq
DllFunctionCall
_adj_fpatan
EVENT_SINK_Release
_CIsqrt
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord711
_adj_fprem
_adj_fdivr_m64
__vbaFPException
__vbaUbound
__vbaStrVarVal
__vbaVarCat
__vbaI2Var
_CIlog
__vbaErrorOverflow
__vbaNew2
_adj_fdiv_m32i
_adj_fdivr_m32i
__vbaStrCopy
ord573
__vbaI4Str
__vbaFreeStrList
_adj_fdivr_m32
ord577
_adj_fdiv_r
ord100
__vbaVarTstNe
__vbaI4Var
__vbaVarDup
__vbaStrToAnsi
__vbaVarCopy
_CIatan
__vbaStrMove
_allmul
_CItan
_CIexp
__vbaFreeStr
__vbaFreeObj

Sections

.text
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

97e061f3d6035c63bc8f0bf26913b2a0

Headers

File Characteristics

Imports

msvbvm60

Sections

.text Size: 48KB - Virtual size: 47KB

.data Size: 4KB - Virtual size: 2KB

.rsrc Size: 16KB - Virtual size: 13KB

.text
Size: 48KB - Virtual size: 47KB

.data
Size: 4KB - Virtual size: 2KB

.rsrc
Size: 16KB - Virtual size: 13KB