23c5429d14b3f9ab5388a654b8596575_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

23c5429d14b3f9ab5388a654b8596575_JaffaCakes118
Size

1.6MB
MD5

23c5429d14b3f9ab5388a654b8596575
SHA1

02236096f722c77583f796c405bb8809df2fb85a
SHA256

f8af9247e2044cb1d8e4a54ff67e354bc6f8335298c791833ae235272bc95bbd
SHA512

3429161a830be3d8013746bb60f5f3d03300d2c43e7f36bef02758d0cd45f564893b8cf542dce1b8ee0055341b1d06674001503ec481595745914315bfa8d5af
SSDEEP

49152:EU//pC7Zw/edvs4RvnLK9eysMwGuStELeo:EK47Zwss4F+9eEdZECo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/淘宝及时通移动旺旺.exe

Files

23c5429d14b3f9ab5388a654b8596575_JaffaCakes118
.rar
新云软件.url
.url
淘宝及时通移动旺旺.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 16KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 21KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 80KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
说明.txt