43211fe70021522720845d9891729371_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

43211fe70021522720845d9891729371_JaffaCakes118
Size

3.0MB
MD5

43211fe70021522720845d9891729371
SHA1

a4a63ab1cfdd0ca449207686e54eaa37dcf66a61
SHA256

e6eac8353b1a2b51d2f9734175d137c31b6e609ba147726acbf463783d10c37f
SHA512

94a83c167bad5befd4be7f6d64428a61caab63b7ab4e1a11858699a5be3348b162376278974df58907dd5bb98bcbeb93686da67636ced926d30b38a335bc5c84
SSDEEP

49152:60NppxAGsJgA7Wudsw7CYma+bNj7LSLtEVBxPc1LREq8cqutrpYWsDZh8rM0ALyx:60fAvgUt7Hm1162Bx09gcTJeBe2hi

Score

3^/10

Malware Config

Signatures

Unsigned PE 3 IoCs

Checks for missing Authenticode signature.

resource
unpack001/灰鸽子黑防And2.03暗组专版/dat/ResHacker.EXE
unpack002/2.03.ser
unpack002/dark.ser

Files

43211fe70021522720845d9891729371_JaffaCakes118
.rar
灰鸽子黑防And2.03暗组专版/Config/2009-08-10_152603.dat
灰鸽子黑防And2.03暗组专版/Config/2009-08-10_152603.ini
灰鸽子黑防And2.03暗组专版/Config/2009-09-04_094632.dat
灰鸽子黑防And2.03暗组专版/Config/2009-09-04_094632.ini
灰鸽子黑防And2.03暗组专版/Operate.ini
灰鸽子黑防And2.03暗组专版/SOUND/downfile.wav
灰鸽子黑防And2.03暗组专版/SOUND/login.wav
灰鸽子黑防And2.03暗组专版/SOUND/offline.wav
灰鸽子黑防And2.03暗组专版/SOUND/setting.wav
灰鸽子黑防And2.03暗组专版/SOUND/upfile.wav
灰鸽子黑防And2.03暗组专版/dat/QQwry.dat
灰鸽子黑防And2.03暗组专版/dat/ResHacker.EXE
.exe windows:1 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 683KB - Virtual size: 682KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 2KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 8B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 37KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 122KB - Virtual size: 122KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
灰鸽子黑防And2.03暗组专版/readme.txt
灰鸽子黑防And2.03暗组专版/处理过的ser.rar
.rar
2.03.ser
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 661KB - Virtual size: 661KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 7KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 20B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
dark.ser
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 644KB - Virtual size: 644KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 7KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 20B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 35B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 41KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Sections

CODE Size: 683KB - Virtual size: 682KB

DATA Size: 7KB - Virtual size: 7KB

BSS Size: - Virtual size: 2KB

.idata Size: 10KB - Virtual size: 9KB

.tls Size: - Virtual size: 8B

.rdata Size: 512B - Virtual size: 24B

.reloc Size: 37KB - Virtual size: 36KB

.rsrc Size: 122KB - Virtual size: 122KB

Headers

File Characteristics

Sections

CODE Size: 661KB - Virtual size: 661KB

DATA Size: 12KB - Virtual size: 12KB

BSS Size: - Virtual size: 7KB

.idata Size: 13KB - Virtual size: 13KB

.tls Size: - Virtual size: 20B

.rdata Size: 512B - Virtual size: 24B

.reloc Size: 42KB - Virtual size: 41KB

.rsrc Size: 32KB - Virtual size: 32KB

Headers

File Characteristics

Sections

CODE Size: 644KB - Virtual size: 644KB

DATA Size: 11KB - Virtual size: 10KB

BSS Size: - Virtual size: 7KB

.idata Size: 13KB - Virtual size: 12KB

.tls Size: - Virtual size: 20B

.rdata Size: 512B - Virtual size: 35B

.reloc Size: 41KB - Virtual size: 40KB

.rsrc Size: 32KB - Virtual size: 31KB

CODE
Size: 683KB - Virtual size: 682KB

DATA
Size: 7KB - Virtual size: 7KB

BSS
Size: - Virtual size: 2KB

.idata
Size: 10KB - Virtual size: 9KB

.tls
Size: - Virtual size: 8B

.rdata
Size: 512B - Virtual size: 24B

.reloc
Size: 37KB - Virtual size: 36KB

.rsrc
Size: 122KB - Virtual size: 122KB

CODE
Size: 661KB - Virtual size: 661KB

DATA
Size: 12KB - Virtual size: 12KB

BSS
Size: - Virtual size: 7KB

.idata
Size: 13KB - Virtual size: 13KB

.tls
Size: - Virtual size: 20B

.rdata
Size: 512B - Virtual size: 24B

.reloc
Size: 42KB - Virtual size: 41KB

.rsrc
Size: 32KB - Virtual size: 32KB

CODE
Size: 644KB - Virtual size: 644KB

DATA
Size: 11KB - Virtual size: 10KB

BSS
Size: - Virtual size: 7KB

.idata
Size: 13KB - Virtual size: 12KB

.tls
Size: - Virtual size: 20B

.rdata
Size: 512B - Virtual size: 35B

.reloc
Size: 41KB - Virtual size: 40KB

.rsrc
Size: 32KB - Virtual size: 31KB