6c4c347357cc2f0d6253b665dd72d376_JaffaCakes118 | Triage

Sharing

General

Target

6c4c347357cc2f0d6253b665dd72d376_JaffaCakes118
Size

573KB
MD5

6c4c347357cc2f0d6253b665dd72d376
SHA1

8a10d29ec888b89d714cb65d492b96f5180c0ea3
SHA256

e86050876a7db7f5c26b9252f423fdc4cd252268031ea6b0db6cdc4eeb82d317
SHA512

2d39a1baf303a0a3345f31dbebc1b3cdc82bc46f76191b4d626c34230b6200ea53a1574687304f3c970ac2e114b720b40fa37025fad2050b8745049d17cc9c13
SSDEEP

12288:xAqMeOHMiv4+qg5bNsy2Ly++Q6HzN8g2lrrZ9lENPP/KafXgMbc:xAqtOswN5bc2++Q6OrVLENPlgMbc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/SoraApp/SoraApp.exe

Files

6c4c347357cc2f0d6253b665dd72d376_JaffaCakes118
.zip
IT猫扑网_百度搜索.url
.url
SoraApp/SoraApp.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.nsp0
Size: - Virtual size: 88KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.nsp1
Size: 57KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.nsp2
Size: - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
说明.txt