3e880b89cd1ac9f3fb96ea2a47476710_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3e880b89cd1ac9f3fb96ea2a47476710_JaffaCakes118
Size

2.4MB
MD5

3e880b89cd1ac9f3fb96ea2a47476710
SHA1

0f7877d6740fbb45ab0f65334487a77df87d4226
SHA256

314a0fcb570c96319874c7b416719cb6ef4b86a76d49ea43c5e71e9d75a8eb28
SHA512

bc655aceba119b2864ab56f0ddc7b991b228114406aca8720097d264e0e3b09e654a179e6c52df9577cbb24127701d19b32c0798d57fde5a8f39780d07c6ecec
SSDEEP

49152:LT2ks9/Ju3zMlQFrEcvDvZuAVcn7TCgZkw2NTXOVHXk+UiRYbVQyUE:P2Tc3ebcLv4x7TZZDDtU+2hN

Score

3^/10

Malware Config

Signatures

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack001/GETsetup.exe
unpack001/钱龙转文本/DAY2GET.EXE

Files

3e880b89cd1ac9f3fb96ea2a47476710_JaffaCakes118
.rar
Advanced GET简介.txt
GETsetup.exe
.exe windows:1 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 125KB - Virtual size: 296KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: 2KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 7KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
GET文本数据的安装方法.chm
.chm
说明.txt
钱龙转文本/DAY2GET.EXE
.exe windows:4 windows x86 arch:x86

a903f6237dae3c0ed89dcf4e7c0a6a04

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree
ExitProcess
GetModuleHandleA

user32

GetKeyboardType

advapi32

RegQueryValueExA

oleaut32

SysFreeString

gdi32

UnrealizeObject

comctl32

ImageList_SetIconSize

Sections

pec1
Size: 174KB - Virtual size: 432KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 13KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
钱龙转文本/这个软件要放到钱龙的日线文件夹.gif

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Sections

CODE Size: 125KB - Virtual size: 296KB

DATA Size: 2KB - Virtual size: 8KB

BSS Size: - Virtual size: 8KB

.idata Size: 3KB - Virtual size: 12KB

.tls Size: - Virtual size: 4KB

.rdata Size: 512B - Virtual size: 4KB

.reloc Size: - Virtual size: 24KB

.rsrc Size: 7KB - Virtual size: 20KB

.aspack Size: 7KB - Virtual size: 8KB

.data Size: - Virtual size: 4KB

a903f6237dae3c0ed89dcf4e7c0a6a04

Headers

File Characteristics

Imports

kernel32

user32

advapi32

oleaut32

gdi32

comctl32

Sections

pec1 Size: 174KB - Virtual size: 432KB

.rsrc Size: 13KB - Virtual size: 44KB

.rsrc Size: 1KB - Virtual size: 4KB

CODE
Size: 125KB - Virtual size: 296KB

DATA
Size: 2KB - Virtual size: 8KB

BSS
Size: - Virtual size: 8KB

.idata
Size: 3KB - Virtual size: 12KB

.tls
Size: - Virtual size: 4KB

.rdata
Size: 512B - Virtual size: 4KB

.reloc
Size: - Virtual size: 24KB

.rsrc
Size: 7KB - Virtual size: 20KB

.aspack
Size: 7KB - Virtual size: 8KB

.data
Size: - Virtual size: 4KB

pec1
Size: 174KB - Virtual size: 432KB

.rsrc
Size: 13KB - Virtual size: 44KB

.rsrc
Size: 1KB - Virtual size: 4KB