443c12476791f0020ab0ed67a1c8a08f_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

443c12476791f0020ab0ed67a1c8a08f_JaffaCakes118
Size

20KB
MD5

443c12476791f0020ab0ed67a1c8a08f
SHA1

d8e7060f4d62c25806659b4ecf2193d082a87c0c
SHA256

6ee415ea12ce1dd58b09c25db31a04292fff0c27e192b93b7b2a2a3b76c66866
SHA512

6f36476d5fa789e98a6745a96d5e43e16553bc5e57cfd200dbe2351a19dbe629d7c545e254fd266972a5a53c8cbacb3c2f3c9e6dc73004bd1afd35b16890f3a7
SSDEEP

384:d0nrfRUwYwdTAnJe39OYb2D+NvW8VbaEsbetx9XhAt73mrB5uIJYI:EKoCYb2o+8VxsKtx9a565rJYI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/iis110monfree.exe

Files

443c12476791f0020ab0ed67a1c8a08f_JaffaCakes118
.rar
config.ini
iis110monfree.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.nsp0
Size: - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.nsp1
Size: 15KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.nsp2
Size: - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
iismonlog.mdb
iismonlogbak.mdb
安装说明.txt
新云软件.url
.url