ae7a000e43f5a887a95d847b6059c677_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ae7a000e43f5a887a95d847b6059c677_JaffaCakes118
Size

251KB
MD5

ae7a000e43f5a887a95d847b6059c677
SHA1

7abdb0e5e4bd3c489a0cc2c185a3f3adcd4db9fb
SHA256

15b693049475b6ab78fd974611fadd7d0f3dbec5d092a83444e6ec5a875b9470
SHA512

e8ba9a2487a027199b4032f4dae9137263105f9dea6f93e35d657cef4734549c66980c40f16e3dfe1eafbe9625c6cb938b1a07defe7d6402e7ab262736a843ca
SSDEEP

6144:+PJFcNUag90CeCRqRvd3v2xXc1IaJcf7MpDeMbM5JJs0sc:k6JOxanJLZbUJF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/bdwpdljzclj/百度网盘短链转长链.exe

Files

ae7a000e43f5a887a95d847b6059c677_JaffaCakes118
.rar
bdwpdljzclj/下载说明.htm
.html
bdwpdljzclj/使用帮助(河东软件站).url
.url
bdwpdljzclj/使用说明.txt
bdwpdljzclj/百度网盘短链转长链.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

CODE
Size: - Virtual size: 464KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: 247KB - Virtual size: 248KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE