3a61ba7912358d9a180c2983bfab369a_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3a61ba7912358d9a180c2983bfab369a_JaffaCakes118
Size

1.6MB
MD5

3a61ba7912358d9a180c2983bfab369a
SHA1

bf8dbce83a8c4595ac90f948832996e56fde4935
SHA256

bbb67dba6522fa409a93c69b678bfee039f5778cdb9b31e4b5cee4b8c4cc7893
SHA512

9147ed7566853e32c60f780def7c5753456ec7a49a29fdb3d680083fb751155d22fd9625532b0fa6e04e60ac199e7484241bd69faf7cdb78bac282dee8c7a305
SSDEEP

49152:JymLGGWSbktR3LYNgDpmFd87POYDj966+H8nKmrZmDRcZtzxnBEppMp:JpiOwRbYNOEMP1Djv+H5WYcZFxnS8p

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/64219260/学生信息管理系统.exe

Files

3a61ba7912358d9a180c2983bfab369a_JaffaCakes118
.rar
64219260/DataE.DCA
64219260/DataE.Dsr
64219260/DataE.dsx
64219260/Library.mdb
64219260/MSSCCPRJ.SCC
64219260/Main.frm
.vbs
64219260/Main.frx
64219260/MainLibrary.frm
.vbs
64219260/MainLibrary.frx
64219260/Manage.frm
.vbs
64219260/Manage.frx
64219260/Manage.vbp
64219260/Manage.vbw
64219260/Register.frm
.vbs
64219260/Register.frx
64219260/frmBandR.frm
.vbs
64219260/frmBandR.frx
64219260/mdlMain.bas
64219260/mdlVar.bas
.vbs
64219260/下载说明.htm
.html .js polyglot
64219260/学生信息管理系统.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 164KB - Virtual size: 163KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ