31cb2adb3c65644ef9f7b73d5c35abd6_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

31cb2adb3c65644ef9f7b73d5c35abd6_JaffaCakes118
Size

17KB
MD5

31cb2adb3c65644ef9f7b73d5c35abd6
SHA1

baacb6c716fe2dce8a4389597507fd1b24274923
SHA256

b908568aee79946eeb41835f73534638880e471cfec886e97993474b3552a8fa
SHA512

d597673db01fa399f7b3ba5b203275e15d7636b5492b322864a79fe7013941bf0eaa7798221280e12b65af086e0a01a3e9f2fd7af25538f08af9f54fb82fa2cb
SSDEEP

384:+08DmcQ8dHpNiXZfuAJmru83pF7TZYWPuIEGJOFlN:+08DmcQ8dHpNi1uua71YWPm

Score

1^/10

Malware Config

Signatures

Files

31cb2adb3c65644ef9f7b73d5c35abd6_JaffaCakes118
.exe windows:4 windows x86 arch:x86

Code Sign

11:af:28:14:42:7f:82:ba:46:04:40:ca:66:6c:74:95
Certificate

Issuer

CN=Qizhi Software (beijing) Co. Ltd

Not Before

31/12/2007, 16:00

Not After

31/12/9998, 16:00

Subject

CN=Qizhi Software (beijing) Co. Ltd

ef:96:50:79:e0:fd:9b:cc:ea:30:7b:37:fc:18:58:f8:07:8e:ba:17
Signer

Actual PE Digest

ef:96:50:79:e0:fd:9b:cc:ea:30:7b:37:fc:18:58:f8:07:8e:ba:17

Digest Algorithm

sha1

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.packed
Size: - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.packed
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE