38196057fdf73de435b5094e49560da6_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

38196057fdf73de435b5094e49560da6_JaffaCakes118
Size

1.1MB
MD5

38196057fdf73de435b5094e49560da6
SHA1

56e4e8e3347fae72fa19af456fae176342c99440
SHA256

8217780b5ad54caa92486ebc64823fb59d18b3c0b328188f1156b221ab883677
SHA512

a2cc12347112cc1bac6bc694402d745292eeb762b07e7303f619a19b0dddee2a222413e22d54470e465bd2c459d60e10c5333f64917eaf04899bebac5dbb13e5
SSDEEP

24576:jnR6H0ZDnG4glD3JARMjlcJSkIazV1QAG1CwDEnZlK+W1ERXT:LR6Ut5QA+6SDa51QhgwDEZzgmT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/秒杀CF2.19自动超级鬼跳8.1A.exe

Files

38196057fdf73de435b5094e49560da6_JaffaCakes118
.rar
秒杀CF2.19自动超级鬼跳8.1A.exe
.exe windows:4 windows x86 arch:x86

baa93d47220682c04d92f7797d9224ce

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpy

comctl32

InitCommonControls

Sections

Size: 360KB - Virtual size: 880KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 4KB - Virtual size: 1008KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

kpyfxzea
Size: 820KB - Virtual size: 820KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

hzyfohfh
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE