35fe0aacaef7734c6972b5f5f81ac265_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

35fe0aacaef7734c6972b5f5f81ac265_JaffaCakes118
Size

1.6MB
MD5

35fe0aacaef7734c6972b5f5f81ac265
SHA1

803d586178efaa6bcbd921af7718a4e7b0eded87
SHA256

382d6480582ce331510de20ca10c8e7bc0d5f17990fbbd7a48f9f3124b6f6e2c
SHA512

136da0b29208095c2a2fd72f0076012b6888486f8c61d2cebdfcaa30168dbb0070fbf54efd6ce32bbce7dfd06c2f065d7e1b0ddead61ea868143f8a167d9575d
SSDEEP

49152:CgzrrevoNfRmJXz85yMph6XF+u8ypsyLUFK:Cgz9pmhYsQ0XF+ufdLUo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/NetTransport/NXSetup.exe

Files

35fe0aacaef7734c6972b5f5f81ac265_JaffaCakes118
.rar
NetTransport/NXSetup.exe
.exe windows:1 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 1024B - Virtual size: 584B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 3KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 8B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
NetTransport/下载说明.htm
.html .js polyglot
NetTransport/非常世纪资源网.url
.url