3838c1651d795d3319e43e90ee1068e4_JaffaCakes118 | Triage

Sharing

General

Target

3838c1651d795d3319e43e90ee1068e4_JaffaCakes118
Size

725KB
MD5

3838c1651d795d3319e43e90ee1068e4
SHA1

ac1f112035a012f4098ffa85cb41756d431e0481
SHA256

b725858d023f4c31c5180e9c22cf102b05f37566e4885b3c439c4be465081a15
SHA512

79cb6be80ce8e139facfc7b21ce679a48fd674de8f52a82fa32cdc4c3c426e537ccb9191527b5469dfbf9645e0e2b4c7a3490bce17a1b4b297da07777b889f79
SSDEEP

12288:SvtPoACJsChynqSeebn76SHmN00PXoJLuF+y/Mtv5wmlw7CznE3M:SijJsPq1YnvU00PXoJoFovjlw7Cbt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/xuanwuyinfu/QQ炫舞音符全P任务助手V3.1.0版本.exe

Files

3838c1651d795d3319e43e90ee1068e4_JaffaCakes118
.zip
xuanwuyinfu/QQ炫舞音符全P任务助手V3.1.0版本.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 246KB - Virtual size: 548KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 443KB - Virtual size: 1.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 19KB - Virtual size: 288KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.PEPack
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.xpr01
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
xuanwuyinfu/东坡下载说明.txt
xuanwuyinfu/更多软件下载.url