f91ff7d512f945462e9fdd6a424ace57_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f91ff7d512f945462e9fdd6a424ace57_JaffaCakes118
Size

170KB
MD5

f91ff7d512f945462e9fdd6a424ace57
SHA1

91328033aae6b6f43371ce1e57661a4575383aee
SHA256

9c1d7fdfccccadaf383f3897836bbd100fcb6ee3087868e7b2878762ce2958ed
SHA512

46a04b39e2517423177ff01aa2dcea4102c7dd1b882f0c062f832c501f7ce8bb0f32d7a50c70d970ce311e94bf2ec08acfc2b35cf83c3193fed4d9074d6fdf4a
SSDEEP

3072:7dM82qhlvcqQAVoe8Es8FCoicYg1BHGbceksOmylE6Ff0BAYr+64GhgkYRSKeN:FJs4+e23o5DHGkrzFfur+6DhYRS/N

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/20261520/qqbobo.exe

Files

f91ff7d512f945462e9fdd6a424ace57_JaffaCakes118
.rar
20261520/Unit1.ddp
20261520/Unit1.dfm
20261520/Unit1.pas
20261520/qqbobo.cfg
20261520/qqbobo.dof
20261520/qqbobo.dpr
20261520/qqbobo.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 325KB - Virtual size: 325KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 2KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 16B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
20261520/qqbobo.res
20261520/qqmsg.txt
20261520/下载说明.htm
.html .js polyglot