6a62f8bc9c60f687405433c82e80a9e2_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6a62f8bc9c60f687405433c82e80a9e2_JaffaCakes118
Size

455KB
MD5

6a62f8bc9c60f687405433c82e80a9e2
SHA1

41a958ca975157672192fd3401df13d29f9ca1f2
SHA256

601543834baf227fb71d4a020b58717c84ad36cf5ac463a187c2743dd304a4fb
SHA512

9b18dca6f55b3f2855440a685f5110732d332f87507daa03ca905db2ea27a17b6522eb1b54c598e6382c430dd5eb13ecd647212a1e1c03838429f057b81d4065
SSDEEP

12288:KV+yd5U09SyqQDJcmZl9l2HsnbtPHuTHcA:M1SyfJ9ZlSGb4x

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/ʼǱwifiȵðװ.exe

Files

6a62f8bc9c60f687405433c82e80a9e2_JaffaCakes118
.zip
绿盟-首页.url
.url
ʼǱwifiȵðװ.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sdata
Size: 512B - Virtual size: 177B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ʼǱwifiȵðװ.exe.config
.xml