b64fb6bad4f610f7d839af97b1e1331c_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b64fb6bad4f610f7d839af97b1e1331c_JaffaCakes118
Size

271KB
MD5

b64fb6bad4f610f7d839af97b1e1331c
SHA1

d9bb127ad8bdbe7cab09a925979e2cebc9696cf9
SHA256

1fdbd189e309fc6e324ccc0dfb38048556ce614f8bc68b530c6132b20ea7e58e
SHA512

8bfea0310f9e2f7d64786747dcc19878504be356db05ca75e127918702aeefc3d1e9be47f6cd0cb2df1a6a515a2df29d3a0e1b3b6871dfcb5ee4e78ec95faeaa
SSDEEP

6144:QhM2aejcT/p/3lzh0qDgZUZYIX53IMndf5OzwlmEBsjeWSiIwnsi4ZWeSH//a:QRaeYT/pN1YIXxIMd2WmqI8i4ZAC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/反后坐力.exe

Files

b64fb6bad4f610f7d839af97b1e1331c_JaffaCakes118
.rar
去脚本之家看看.url
反后坐力.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.textbss
Size: - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 3KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 307KB - Virtual size: 308KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 160B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
服务器软件.url