400bf3ca3840e243db39ddb6f2278027_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

400bf3ca3840e243db39ddb6f2278027_JaffaCakes118
Size

596KB
MD5

400bf3ca3840e243db39ddb6f2278027
SHA1

1cb00b90e1d71091669dbf11e3543bc68341108b
SHA256

80b85c213fa554a80e37f508d9803965a413b561d6090d20ae69a79a1ba416e5
SHA512

19c2b00b6e6e9b045beb99f97cee157d891ab62f4eb35003f16a348267a630cb2410ce97f71f04175022284fb5852260d6935cf4242ec9ed73507b25ba6ac63b
SSDEEP

12288:yLVIRMbWEnQ//LHRZrKySF/MhO5GjdhIG556w1itgOvtGtvA1QBn:yJywWEnQ/TsM45uv6wEe3Y1QB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/小忆造梦西游3修改器v1.0.exe

Files

400bf3ca3840e243db39ddb6f2278027_JaffaCakes118
.rar
92wg说明.txt
小忆造梦西游3修改器v1.0.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

Esp0
Size: - Virtual size: 736KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Esp1
Size: 588KB - Virtual size: 592KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.Esp
Size: 512B - Virtual size: 511B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
就爱外挂网.htm
.html
玩家交流群.txt