4cfcaf53adbf052242c384855c818f50_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4cfcaf53adbf052242c384855c818f50_JaffaCakes118
Size

430KB
MD5

4cfcaf53adbf052242c384855c818f50
SHA1

1576843cf51a16de4f9c81bf43b426e1f93379fa
SHA256

71749aa1e775939075e143bacade694b86b9d607f2f6e3abfbbd6eaadb8c77d3
SHA512

27521c42186ec4361e3d2071cd416d1336884e346f5ba6f31e5c17474d2586163eb108c8536ee10826e37777f352dc7f1929c154e47423cec38d4f024f73c77a
SSDEEP

12288:hAwLA0zOru7FR0FNrgo3ftk+lreRHdHjFoZbj/QUuIX:5AOz0FN8oVKRdRej/WIX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/viion/优藏.exe

Files

4cfcaf53adbf052242c384855c818f50_JaffaCakes118
.rar
viion/data/095b91c81686b44d664d676761ab60ba.ud
viion/data/38589f3a5b1e8e2eca835f956b204e0e.edt
viion/data/38589f3a5b1e8e2eca835f956b204e0e.ud
viion/data/42e7bc3715ff55cf6442b5d14ed2730a.ud
.gif
viion/data/d41d8cd98f00b204e9800998ecf8427e.ud
.gif
viion/data/d4b461cdad71494ad3b7b305ca98fbad.ud
viion/data/e227f4f20ccfc906f16934458da03057.ud
.gif
viion/优藏.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.nsp0
Size: - Virtual size: 1.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.nsp1
Size: 564KB - Virtual size: 568KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.nsp2
Size: - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
viion/优藏官方博客.url
.url
viion/优藏简介.txt