778c0a3e5951b38045a56c90c53ec129_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

778c0a3e5951b38045a56c90c53ec129_JaffaCakes118
Size

268KB
MD5

778c0a3e5951b38045a56c90c53ec129
SHA1

ad902b1fe5abf473f94dd284ffa8d0ba1824c9f9
SHA256

77e0da4064a6eca944f96fa5f15c34f87c5bdddb9c7dd5ab499a5163f56a9620
SHA512

a6bb8537c28d225a5cc626869395a576127a18b861ca56be749754116d634d4345c40d7388326ea049d99476096433c74ed473d9ade4d7ae708bb45e834b1de7
SSDEEP

6144:AMdmpJ3t+czqJHGtqjU/7+V3UA2XCYP+xbYoJx4Yr:AMdmz3tcJmjD+OtXCYP0J+a

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/pubwin EP CZ.exe

Files

778c0a3e5951b38045a56c90c53ec129_JaffaCakes118
.rar
)!双击导入.reg
pubwin EP CZ.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

.nsp0
Size: - Virtual size: 808KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.nsp1
Size: 269KB - Virtual size: 272KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.nsp2
Size: - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
下载使用说明.txt