1a6d7a7b6adbf9c501c9f95ed36ba00c_JaffaCakes118 | Triage

Sharing

General

Target

1a6d7a7b6adbf9c501c9f95ed36ba00c_JaffaCakes118
Size

3.2MB
MD5

1a6d7a7b6adbf9c501c9f95ed36ba00c
SHA1

72a6c3bdc267011fa1dc2306e479de3a87a5cfba
SHA256

19bc6acdad36a0eb5f2e5d6d3f07baa961c34a7f1b11355cd6fa24656dc9da6b
SHA512

fb3a97ca56d2996e5c9798b0473123dee0d3a75e00f8cb289435d3db9b690d7113a1f2c3202820786eb302cb0de0c72fa5231ce311f02a8b6b555aa6ed7253aa
SSDEEP

98304:0EH2qx7M9mCGeNDoSfYxiYLhtvvSYYBkaHL3:/H21B5BDsNBvTY+aHL3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/setup.exe

Files

1a6d7a7b6adbf9c501c9f95ed36ba00c_JaffaCakes118
.rar
readme.txt
setup.exe
.exe windows:1 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 35KB - Virtual size: 35KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 1024B - Virtual size: 584B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 3KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 8B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
下载说明.htm
.html .js polyglot