29b85e9f1508650d201066ab4ae0dbbe_JaffaCakes118 | Triage

Sharing

General

Target

29b85e9f1508650d201066ab4ae0dbbe_JaffaCakes118
Size

1.3MB
MD5

29b85e9f1508650d201066ab4ae0dbbe
SHA1

59e901493d9edd74cf29b26057bd20f881e92998
SHA256

58b06185de72ec87784e0cf1a5fc51d75ad2f3ce1887e7a6369565663a1e8134
SHA512

4f27feae8eb4e2e1f162a9d6250e75d2cefdf5d34f1418ad6738f36be9db7b953da2db69590b27b09d471f284ad07501b9e58f547810ebc2f4f00f203a2a0446
SSDEEP

24576:xbifQwUqhPcx1LaE5r7LqMj0R6IbXb8WZLb5DwPWk2t4aZPZOd/sHYAVHTH:xbiuqRcTL//ERbbr8WZ/5cuk2WaZBOJe

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/QQռ1.0.exe

Files

29b85e9f1508650d201066ab4ae0dbbe_JaffaCakes118
.zip
QQб.ini
QQռ1.0.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

nsp0
Size: - Virtual size: 424KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

nsp1
Size: 256KB - Virtual size: 262KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.ini
Ը_ȫ_Ϸȫ_ֻ.url
.url
QQб.ini