39e10a4a6e1547193976f8e5af48470a_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

39e10a4a6e1547193976f8e5af48470a_JaffaCakes118
Size

2.8MB
MD5

39e10a4a6e1547193976f8e5af48470a
SHA1

e597006b894545791ab311d9df779100c643e337
SHA256

b5ad6e3a6a4cb0bf4d5377b1367ddab74baa8bbd59391a461a58f6a3e0d8332d
SHA512

30f9f7bb9598ade853deceeb0fd4a41eaeb3dfa70c40f8f0580c2f1c03c64c2823f110e6db17b82a31ebf55c6272bfcb470a4e124b282aa443200019d09a9dec
SSDEEP

49152:TZYViRFeA/oH14tY/wgbCPQ/ixPwGtRW/X1/OTPsOX1t3oKSzCYUzN+yig:TZdRFeAQH111bif9Xe/KBlXSeYURl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/HA_Light_Artist_V1.5.1.5/HA_Light_Artist_V1.5.1.5_SETUP_ata.exe

Files

39e10a4a6e1547193976f8e5af48470a_JaffaCakes118
.rar
HA_Light_Artist_V1.5.1.5/HA_Light_Artist_V1.5.1.5_SETUP_ata.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 92KB - Virtual size: 91KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 2KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 8B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
HA_Light_Artist_V1.5.1.5/新云软件.url
.url