2e5331ba98935181dcfedbda986b04d0_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2e5331ba98935181dcfedbda986b04d0_JaffaCakes118
Size

23KB
MD5

2e5331ba98935181dcfedbda986b04d0
SHA1

9b9ae591be3e7fdcbeb3960e9c0cb3a5d67d2d8b
SHA256

4df49a12d1b1ec0a4731f03faafcf805893206114ff9c686109b4e5be502d366
SHA512

84453de1223c6ce59000a3dce4ed9f5fcf73fa26479d2b3184072d1c99241592f50dad1104956bec085a4d6ef875cca63b504e5b8d3140090027cae8ddbaaaf1
SSDEEP

384:el3cEuuo5uX5WWFDYMla86ynto6bYVfsEVWARYVwh0RqBKYjPlE8ql71aPW/T5w6:eFcELo5uJW9bytopfsEwmYV6BFlE8ql1

Score

3^/10

Malware Config

Signatures

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack001/解决pid问题的通用补丁.exe
unpack001/魔兽争霸恶搞主机外挂.exe

Files

2e5331ba98935181dcfedbda986b04d0_JaffaCakes118
.rar
神Q网.url
解决pid问题的通用补丁.exe
.exe windows:4 windows x86 arch:x86

5a0355b284727d372ad63cc06469f6c7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

_CIcos
_adj_fptan
__vbaFreeVar
__vbaPut3
_adj_fdiv_m64
__vbaFreeObjList
_adj_fprem1
__vbaCopyBytes
__vbaStrCat
__vbaSetSystemError
__vbaHresultCheckObj
_adj_fdiv_m32
__vbaExitProc
__vbaObjSet
__vbaOnError
_adj_fdiv_m16i
_adj_fdivr_m16i
_CIsin
__vbaChkstk
__vbaFileClose
EVENT_SINK_AddRef
__vbaGenerateBoundsError
__vbaI2I4
DllFunctionCall
_adj_fpatan
EVENT_SINK_Release
__vbaUI1I2
_CIsqrt
EVENT_SINK_QueryInterface
__vbaExceptHandler
__vbaStrToUnicode
_adj_fprem
_adj_fdivr_m64
__vbaFPException
__vbaFileSeek
_CIlog
__vbaFileOpen
__vbaNew2
ord648
_adj_fdiv_m32i
_adj_fdivr_m32i
__vbaStrCopy
__vbaFreeStrList
_adj_fdivr_m32
_adj_fdiv_r
ord100
__vbaStrToAnsi
_CIatan
__vbaStrMove
_allmul
_CItan
_CIexp
__vbaFreeStr
__vbaFreeObj

Sections

.text
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
说明.htm
.html
魔兽争霸恶搞主机外挂.exe
.exe windows:4 windows x86 arch:x86

451c5847babc7a7771b41f57f626b50f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

_CIcos
_adj_fptan
__vbaStrI4
__vbaFreeVar
__vbaLineInputStr
__vbaLenBstr
__vbaStrVarMove
__vbaLateIdCall
__vbaEnd
__vbaFreeVarList
_adj_fdiv_m64
__vbaFreeObjList
_adj_fprem1
__vbaRecAnsiToUni
__vbaCopyBytes
__vbaStrCat
__vbaLsetFixstr
__vbaSetSystemError
__vbaHresultCheckObj
_adj_fdiv_m32
__vbaAryVar
__vbaAryDestruct
__vbaObjSet
_adj_fdiv_m16i
__vbaObjSetAddref
_adj_fdivr_m16i
_CIsin
ord525
__vbaChkstk
__vbaFileClose
ord526
EVENT_SINK_AddRef
__vbaGenerateBoundsError
__vbaStrCmp
__vbaAryConstruct2
ord561
__vbaI2I4
DllFunctionCall
_adj_fpatan
__vbaFixstrConstruct
__vbaLateIdCallLd
__vbaRedim
__vbaRecUniToAnsi
EVENT_SINK_Release
__vbaUI1I2
_CIsqrt
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord711
__vbaStrToUnicode
__vbaPrintFile
ord606
_adj_fprem
_adj_fdivr_m64
ord607
__vbaFPException
__vbaVarCat
ord537
ord645
_CIlog
__vbaErrorOverflow
__vbaFileOpen
__vbaInStr
ord648
__vbaNew2
_adj_fdiv_m32i
_adj_fdivr_m32i
__vbaStrCopy
__vbaI4Str
__vbaFreeStrList
_adj_fdivr_m32
__vbaPowerR8
_adj_fdiv_r
ord100
__vbaI4Var
__vbaAryLock
__vbaStrToAnsi
__vbaVarDup
__vbaFpI4
ord616
ord617
_CIatan
__vbaAryCopy
__vbaUI1Str
__vbaStrMove
_allmul
_CItan
__vbaAryUnlock
_CIexp
__vbaFreeObj
__vbaFreeStr

Sections

.text
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5a0355b284727d372ad63cc06469f6c7

Headers

File Characteristics

Imports

msvbvm60

Sections

.text Size: 20KB - Virtual size: 16KB

.data Size: 4KB - Virtual size: 3KB

.rsrc Size: 4KB - Virtual size: 3KB

451c5847babc7a7771b41f57f626b50f

Headers

File Characteristics

Imports

msvbvm60

Sections

.text Size: 48KB - Virtual size: 47KB

.data Size: 4KB - Virtual size: 7KB

.rsrc Size: 4KB - Virtual size: 3KB

.text
Size: 20KB - Virtual size: 16KB

.data
Size: 4KB - Virtual size: 3KB

.rsrc
Size: 4KB - Virtual size: 3KB

.text
Size: 48KB - Virtual size: 47KB

.data
Size: 4KB - Virtual size: 7KB

.rsrc
Size: 4KB - Virtual size: 3KB