2e296d0937b35c1bda8055ceb31d6413_JaffaCakes118 | Triage

Sharing

General

Target

2e296d0937b35c1bda8055ceb31d6413_JaffaCakes118
Size

330KB
MD5

2e296d0937b35c1bda8055ceb31d6413
SHA1

c5eb325019f9d303169c5db7065e9a4c9bcafd6c
SHA256

77ab2e742798c6d80703a5c67908b1711f51ad0ed8869ba5c5a33910c7c7a588
SHA512

8f5d8f89a749a7b99073c5983ad62a0df9bf3f9b0fd86fa51f3bac50120533bd7c596ec21d0ff181a779705e47729de34d93e0260fe3fa151095a2e547b2822c
SSDEEP

6144:4Yx098YiwKiOpeVXkeHCSPXsiUpBRIog9VnuOHfdSxaq/EHrQdVGPe0t3Rpr+mYH:JTx3eVbHx0ii1iVnuOHfGadrQK7t39YH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/hip21_cn_with gif.exe

Files

2e296d0937b35c1bda8055ceb31d6413_JaffaCakes118
.rar
COPYING
ReadME.txt
hip.htm
.html
hip.txt
hip21_cn_with gif.exe
.exe windows:1 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

Unpacked
Size: 119KB - Virtual size: 119KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

By
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Winter
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.Fixed
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
hip_en.exe
下载说明.htm
.html .js polyglot