2d80c4d929dd3664d41500117c2a6b26_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2d80c4d929dd3664d41500117c2a6b26_JaffaCakes118
Size

1.3MB
MD5

2d80c4d929dd3664d41500117c2a6b26
SHA1

e4accedcb8379b136c1e78bd3425821150b48dc4
SHA256

36e9b808b2c9f490fcd3e8a13719635e50829b7a354a27fc4b717f64d043ead0
SHA512

e5e1881e6ab2645ced2a59e16e5c315ecdb6411f90485437298ff158d9f34eee447d6eee75fc6b317fdc63e92e50145993db9ef91118222810a1aa1ba3a041da
SSDEEP

24576:EEiJH9YTTe0pTOlzqrxAKyJiIOOkCGRzed3N40H2NgFarqE79MyIQB+FsvjbTuR1:EEiJHau0pTEurvEmiIzed3N40Hhazq37

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Keygen.exe

Files

2d80c4d929dd3664d41500117c2a6b26_JaffaCakes118
.rar
Keygen.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

ORN0
Size: - Virtual size: 148KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

ORN1
Size: 61KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
ORiON.rar
.rar .zip polyglot
fuldsk53.zip
.zip
DATA.TAG
License.txt
Readme.txt
SETUP.EXE
SETUP.INI
Setup.Ins
_INST32I.EX_
_ISDEL.EXE
_SETUP.DLL
_sys1.cab
_user1.cab
data1.cab
lang.dat
layout.bin
os.dat
setup.lid
file_id.diz
下载说明.htm
.html .js polyglot