358b3e53416b98dfc3e8182594205839_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

358b3e53416b98dfc3e8182594205839_JaffaCakes118
Size

26.3MB
MD5

358b3e53416b98dfc3e8182594205839
SHA1

70def20dc5e557f385da4fef7abbfa6d42438856
SHA256

a34e1c8366aaf73778a5fbc67725ac345242890059f0f272bd4433b3e92eedc2
SHA512

ae50548543e61454b6df0df44de3581ec87a606ce078977dcc05ee3a9a4a161cdd10ac92570018ee0d99ab44dd6b4342a42c17285d11eeeb6b72b6fc75760560
SSDEEP

786432:FTo368ztCBD85TJ1ApR28/TGWUn7eFeU5bvvx8hVIydhauu:FU36AcN8RJgR28LJUn7efBJyjq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Moying-v2.05.exe

Files

358b3e53416b98dfc3e8182594205839_JaffaCakes118
.rar
Moying-v2.05.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 487KB - Virtual size: 486KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 7KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 16B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 30KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 124KB - Virtual size: 124KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
新云软件.url
.url