44c413f28a9c1458944c3e2f867c139e_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

44c413f28a9c1458944c3e2f867c139e_JaffaCakes118
Size

532KB
MD5

44c413f28a9c1458944c3e2f867c139e
SHA1

62fc10339978c14c095a65350a6dd13789b95c07
SHA256

7802437d7bae284c38508d8ae76d29eb83c6197d0986f7eef94623ff7cec7a65
SHA512

9d01a68fb531a98607269de1148774805fabf0572ac1edc5e9fc4dad901bc51923671d135b87cf1ad6f52a2221fb3b791421c5849d3fdc8ed3bda169d1316d23
SSDEEP

12288:GONtXgTnbJpXedT19JAX33cdIVy8H9wVphPcYD03E:Z5gTnFOjAXHnQ8aVphJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/feidalu_changweici_V1.2/飞达鲁长尾词查询V1.2.exe

Files

44c413f28a9c1458944c3e2f867c139e_JaffaCakes118
.rar
feidalu_changweici_V1.2/飞达鲁长尾词查询V1.2.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 9KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 16B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 70KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 307KB - Virtual size: 307KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ