JaffaCakes118_4da5a4b46285d901cfe2007c5ec1dabe

General

Target

JaffaCakes118_4da5a4b46285d901cfe2007c5ec1dabe
Size

1.2MB
MD5

4da5a4b46285d901cfe2007c5ec1dabe
SHA1

8ea6721fbef365e91e42c9687e05707573eb8077
SHA256

17fbfee0cd6f164786c1b90fba254a776edf1b917ba7e27484600b70fac949c9
SHA512

2be0e46acde5bd0d3660ea792d09b1b7b9dca53f74b68cf08422cc6256353efd50374ad47b644977a5676a32b7e49a37ca09eb3871f920c9532067d8ff4ddc1b
SSDEEP

24576:kDoEh5dREyJonpQYNYZm7/dANFGe4xy94bx3kJC9Yo6vZFaL8zygyOb:kDoFkonvUm7/dANR94b45ognIdw

Score

3^/10

Malware Config

Signatures

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack001/CF天空VIP V7.8版 8.29 日破解版/天空vip.exe
unpack001/CF天空VIP V7.8版 8.29 日破解版/破解补丁.exe

Files

JaffaCakes118_4da5a4b46285d901cfe2007c5ec1dabe
.rar
CF天空VIP V7.8版 8.29 日破解版/天空vip.exe
.exe windows:4 windows x86 arch:x86

2c88baf86544dceb3225ec54ca6eb559

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FreeResource
SizeofResource
LockResource
LoadResource
FindResourceW
GetEnvironmentVariableW
SetFilePointer
CreateFileW
CloseHandle
ReadFile
SystemTimeToFileTime
GetCurrentDirectoryW
LocalFileTimeToFileTime
MultiByteToWideChar
CreateDirectoryW
GetFileAttributesW
SetFileTime
WriteFile
GetModuleHandleW
GetStartupInfoW

user32

wsprintfW

shell32

ShellExecuteW

msvcrt.dll.

_XcptFilter
??2@YAPAXI@Z
__CxxFrameHandler
??0exception@@QAE@ABV0@@Z
??1exception@@UAE@XZ
_CxxThrowException
calloc
free
malloc
wcscat
wcslen
wcscpy
wcsstr
_exit
??0exception@@QAE@ABQBD@Z
exit
_wcmdln
__wgetmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
??1type_info@@UAE@XZ
_controlfp

Sections

door
Size: 1024B - Virtual size: 608B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 47KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
CF天空VIP V7.8版 8.29 日破解版/破解补丁.exe
.exe windows:4 windows x86 arch:x86

f0d35ec903c72dc2613ecb0d44ed71be

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

MessageBoxA

kernel32

ExitProcess
ExpandEnvironmentStringsA
FindResourceA
GetCommandLineA
GetFileSize
GetModuleFileNameA
GetModuleHandleA
GetPrivateProfileStringA
GetTempPathA
LoadResource
MapViewOfFile
ReadFile
ReadProcessMemory
ResumeThread
RtlMoveMemory
SetEnvironmentVariableA
SizeofResource
DeleteFileA
TerminateProcess
UnmapViewOfFile
VirtualAlloc
VirtualFree
VirtualProtectEx
WritePrivateProfileStringA
WriteProcessMemory
lstrcatA
lstrcmpA
lstrcmpiA
lstrcpyA
lstrlenA
CreateProcessA
CreateFileMappingA
FindClose
FindFirstFileA
FlushFileBuffers
WriteFile
RtlZeroMemory
SetCurrentDirectoryA
CreateFileA
CloseHandle
Sleep

shell32

ShellExecuteA

advapi32

RegCreateKeyExA
RegCloseKey
RegQueryValueExA
RegOpenKeyA

comdlg32

GetOpenFileNameA

Sections

.text
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2c88baf86544dceb3225ec54ca6eb559

Headers

File Characteristics

Imports

kernel32

user32

shell32

msvcrt.dll.

Sections

door Size: 1024B - Virtual size: 608B

.data Size: 47KB - Virtual size: 46KB

.rsrc Size: 1.2MB - Virtual size: 1.2MB

f0d35ec903c72dc2613ecb0d44ed71be

Headers

File Characteristics

Imports

user32

kernel32

shell32

advapi32

comdlg32

Sections

.text Size: 6KB - Virtual size: 5KB

.rdata Size: 1KB - Virtual size: 1KB

.data Size: 1024B - Virtual size: 4KB

.rsrc Size: 6KB - Virtual size: 5KB

door
Size: 1024B - Virtual size: 608B

.data
Size: 47KB - Virtual size: 46KB

.rsrc
Size: 1.2MB - Virtual size: 1.2MB

.text
Size: 6KB - Virtual size: 5KB

.rdata
Size: 1KB - Virtual size: 1KB

.data
Size: 1024B - Virtual size: 4KB

.rsrc
Size: 6KB - Virtual size: 5KB