42b55fc91312b9502a4da81092603299_JaffaCakes118 | Triage

Sharing

General

Target

42b55fc91312b9502a4da81092603299_JaffaCakes118
Size

4.2MB
MD5

42b55fc91312b9502a4da81092603299
SHA1

269c2da33db3523c9f94bdd910befd880ad05279
SHA256

ac645fa7e24f32f31802d6d7f199757222447afc43e70968d7a67dae23c2f2b4
SHA512

2bf4bb379a8c3513c5cb2cf750c289fddddcd54758ff61b4c0e0e677e001d25cbfecd2f9c83cc11fb67b393fe221c1e0b9c6c992db37a709ba0978b8b81f5375
SSDEEP

98304:2z0cB52ZFrvQrYBec2LPbQZ8W9zt/4YKmGy5jqp8tQbadcSoBOzpC0korV3I:SrrUrRtAkWyiYdGOqFFH0pd/J3I

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Z_Admin1.05/Z_Admin.exe

Files

42b55fc91312b9502a4da81092603299_JaffaCakes118
.rar
Z_Admin1.05/Help.chm
.chm
Z_Admin1.05/QQWry.dat
Z_Admin1.05/Z_Admin.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

Size: 421KB - Virtual size: 968KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 458KB - Virtual size: 612KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

1234567
Size: 653KB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.texts
Size: 512B - Virtual size: 512B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Z_Admin1.05/新云软件.url
.url
Z_Admin1.05/说明.txt