18644c68bc0af6b36fb69334554c3975_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

18644c68bc0af6b36fb69334554c3975_JaffaCakes118
Size

31KB
MD5

18644c68bc0af6b36fb69334554c3975
SHA1

f8e63236c306aef82c5d8e269fe6ea1c3e18ad05
SHA256

4dc4b8df9feff593859432f7fc779ca752c3f4486f0f3d124e7d68caed5ef9ff
SHA512

4b3d9ed4910212afb06cf31fc3521abb3b2dcc9703ba42a65bb19ae8a703ce3e948ea5523358ce2afff16b860f3fb99b7810cccb75a1bdf1cac653b583ca6586
SSDEEP

768:WCv39IoLEUNtTXfAen+DBuGyl4amedhLi:WUTLx/n+DBuGyl4aVL

Score

1^/10

Malware Config

Signatures

Files

18644c68bc0af6b36fb69334554c3975_JaffaCakes118
.exe windows:4 windows x86 arch:x86

Code Sign

11:af:28:14:42:7f:82:ba:46:04:40:ca:66:6c:74:95
Certificate

Issuer

CN=Qizhi Software (beijing) Co. Ltd

Not Before

31/12/2007, 16:00

Not After

31/12/9998, 16:00

Subject

CN=Qizhi Software (beijing) Co. Ltd

61:5c:79:2c:42:fb:9b:ca:af:8a:27:22:dd:04:7f:27:34:f9:61:31
Signer

Actual PE Digest

61:5c:79:2c:42:fb:9b:ca:af:8a:27:22:dd:04:7f:27:34:f9:61:31

Digest Algorithm

sha1

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.packed
Size: - Virtual size: 76KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.packed
Size: 29KB - Virtual size: 29KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE