1eb54039db148a0c427c8b8450e6cf82_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1eb54039db148a0c427c8b8450e6cf82_JaffaCakes118
Size

374KB
MD5

1eb54039db148a0c427c8b8450e6cf82
SHA1

7e716412bb8d7ed392202e52b2766f55e9aed92f
SHA256

a42ee20afd7835a0f09e401bf5f6f5d1287bc21093cc7bb4ce3aad9f7a98f3ec
SHA512

3f2696d27a119d47a27a0cd03e02f2fe29358229bb2b451ae0b47a9cfc551bf4118e35bb6051ef0431cfe676d02aa569cc72e6fe5ae2face630540d1e8a9b20a
SSDEEP

6144:MGnRFSDyA98mOCcXAHYrPpSn16qZhvOB4U2223dyBaOpZUaJB1DeMMpuqKk:MQA9aIHlOBb2Po0OpGaJB1Khpck

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/CF修改全屏分辨率工具.exe

Files

1eb54039db148a0c427c8b8450e6cf82_JaffaCakes118
.rar
CF修改全屏分辨率工具.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

Esp0
Size: - Virtual size: 488KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Esp1
Size: 353KB - Virtual size: 356KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 70KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.Esp
Size: 512B - Virtual size: 511B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
更多软件下载.url
飘荡软件.url
.url