3fefea5a2cedaff3b1aa97791a1b403f_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3fefea5a2cedaff3b1aa97791a1b403f_JaffaCakes118
Size

85KB
MD5

3fefea5a2cedaff3b1aa97791a1b403f
SHA1

fb9b395211bf6dfda05d3e9f2b5c62ae03c3d729
SHA256

147bb55f8fdbbeb73f0ccca8233858f8ff8db84b4dcb479311d026f50cfe33a0
SHA512

9528ee6dc47c3a740ac9d89d6c5f635fd61440c080e6efae8d3dcd3351b849b261a3b75a8eeb1f00fb95c4139a054845e5b3b287504b001225069cf43ea848cb
SSDEEP

1536:wllDoLctCM/bjW9ZbJRngZlxfk8oPWStxHwxmyF67iIIcv4z0sXEvm+5RFp3:w/DoACM/bUM5fDm/iIZvQ0CEvtzFp3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/复件礼物/礼物/礼物/请耐心点点哈呵呵/作为朋友，我总希望把最好的给你们/愿你快乐平安幸福/忘了告诉你：我还要你幸福啊……呵呵……到了到了/现在把眼睛睁大了哦，马上就到了/呵呵……要有耐心啊，怎么又急了？在坚持一下就到了，乖！/我说到了吧，双击他吧the special wishes come from zck.exe

resource

unpack001/复件礼物/礼物/礼物/请耐心点点哈呵呵/作为朋友，我总希望把最好的给你们/愿你快乐平安幸福/忘了告诉你：我还要你幸福啊……呵呵……到了到了/现在把眼睛睁大了哦，马上就到了/呵呵……要有耐心啊，怎么又急了？在坚持一下就到了，乖！/我说到了吧，双击他吧the special wishes come from zck.exe

Files

3fefea5a2cedaff3b1aa97791a1b403f_JaffaCakes118
.rar
复件礼物/礼物/礼物/请耐心点点哈呵呵/作为朋友，我总希望把最好的给你们/愿你快乐平安幸福/忘了告诉你：我还要你幸福啊……呵呵……到了到了/现在把眼睛睁大了哦，马上就到了/呵呵……要有耐心啊，怎么又急了？在坚持一下就到了，乖！/我说到了吧，双击他吧the special wishes come from zck.exe
.exe windows:4 windows x86 arch:x86

98febf4addcc2119e18441382094c249

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

mciSendCommandA

kernel32

FindResourceA
GetTempPathA
GetProcAddress
GetModuleHandleA
GetTickCount
LCMapStringW
LCMapStringA
GetStringTypeW
GetStringTypeA
MultiByteToWideChar
LoadLibraryA
GetOEMCP
GetACP
GetCPInfo
CreateFileA
SetFilePointer
FlushFileBuffers
SizeofResource
IsBadCodePtr
IsBadReadPtr
SetUnhandledExceptionFilter
IsBadWritePtr
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
GetVersionExA
GetEnvironmentVariableA
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
WideCharToMultiByte
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetModuleFileNameA
LoadResource
LockResource
FreeResource
DeleteFileA
SetEndOfFile
ReadFile
SetStdHandle
RtlUnwind
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
HeapFree
HeapAlloc
HeapReAlloc
TerminateProcess
GetCurrentProcess
HeapSize
GetLastError
CloseHandle
WriteFile
UnhandledExceptionFilter

shell32

Shell_NotifyIconA

user32

GetDC
ReleaseDC
MessageBoxA
RegisterClassA
LoadIconA
GetMessageA
TranslateMessage
DispatchMessageA
DestroyIcon
KillTimer
SetWindowPos
SystemParametersInfoA
ShowWindow
PostQuitMessage
GetWindowRect
GetSubMenu
GetCursorPos
BringWindowToTop
SetForegroundWindow
TrackPopupMenu
DestroyMenu
DefWindowProcA
DestroyWindow
CreateWindowExA
GetWindowLongA
SetWindowLongA
SetTimer
PtInRect
SendMessageA
LoadMenuA

gdi32

CreateCompatibleDC
SelectObject
DeleteDC
CreateDIBSection
DeleteObject
GetObjectA

Sections

.text
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 392KB - Virtual size: 389KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

98febf4addcc2119e18441382094c249

Headers

File Characteristics

Imports

winmm

kernel32

shell32

user32

gdi32

Sections

.text Size: 40KB - Virtual size: 39KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 12KB - Virtual size: 16KB

.rsrc Size: 392KB - Virtual size: 389KB

.text
Size: 40KB - Virtual size: 39KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 12KB - Virtual size: 16KB

.rsrc
Size: 392KB - Virtual size: 389KB