18133608d1c2cebf2275b27b3208c053_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

18133608d1c2cebf2275b27b3208c053_JaffaCakes118
Size

202KB
MD5

18133608d1c2cebf2275b27b3208c053
SHA1

60310b3d1faca93f201d30d32d918448fb52c6a7
SHA256

25fe51cc56495398bd2692e4d12b38dae50484dba8e94c768bd5cfaeafb6bbf9
SHA512

e3aaa1a3d8bddefac783045d61b54e02d5c53e8d10d0585a35fe5ba0e2530353e7112395dffeb01899dba2f3fe4e3000cd07a1906c77157da875ed8b17803c45
SSDEEP

6144:1zw55j1shXgQAjDlzJuDchIZd51Z6ueJhD:1zwbj1wulzJIchIZDeJhD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/baotaliuliangguanli1201/Setup.exe

Files

18133608d1c2cebf2275b27b3208c053_JaffaCakes118
.zip
baotaliuliangguanli1201/Setup.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\项目\流量监控\Install\CloudSetup\obj\Release\Setup.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 893KB - Virtual size: 892KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 291KB - Virtual size: 290KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
更新日志.txt