078a9b55744b7ea937beaaa3d8d94879_JaffaCakes118 | Triage

Sharing

General

Target

078a9b55744b7ea937beaaa3d8d94879_JaffaCakes118
Size

676KB
MD5

078a9b55744b7ea937beaaa3d8d94879
SHA1

77adacf1b6246faf8d4de9afae74fec2eb3634fa
SHA256

dc09b2592f7fda47b2d23fa7f8424459a75db8309fa60451a751f2e3e1bc3d36
SHA512

f1e8eaf9de032b0cdaf54e7e691dbe207a0cf317ac94bb7d8696eadefd070f1e37a169c513ce3d6a1341723c57007fd90f02e7bcd0f396b198ac3f36e818cbef
SSDEEP

12288:JbjswOIZacrHACtUfL+i4zT7cg71E0HUW79wYCp8P0uW6dqajujSFsHJaFVVqr9P:JbjswOIZac/tUj+iMTxLHUW7upg7djjq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/qqqspshq_gr/QQ群视频刷花器.exe

Files

078a9b55744b7ea937beaaa3d8d94879_JaffaCakes118
.zip
qqqspshq_gr/QQ群视频刷花器.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 314KB - Virtual size: 548KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 267KB - Virtual size: 384KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 20KB - Virtual size: 308KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 23KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rmnet
Size: 56KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
qqqspshq_gr/东坡下载说明.txt
qqqspshq_gr/更多软件下载.url