6231482f1ec4f93fccd6ef250018d2db_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

6231482f1ec4f93fccd6ef250018d2db_JaffaCakes118
Size

1.5MB
MD5

6231482f1ec4f93fccd6ef250018d2db
SHA1

e5434c7e56373b5351fa3477809116f9b8b0fe01
SHA256

076fe861ee50ae0bf17e13f8f70154d38fc3ad33aeda5343b601a2bf0a8c55f1
SHA512

10d5079c9ca536f5296b33ddbb1b11b4a61fd93d2bd30766794cc55a5ba2e73f76e94b7170d6f79b09d43f97fab9a77b7919c39a4e8e79ff86f641b5d26b0319
SSDEEP

24576:FUlTZcLdLBUbJrkuhO48DmsOHYcHw4whY0Il4EVt1y4TlmuX7IEuAumfc/:FOTmUlrkuODNOHYiw4efI+EFTZX8Eu28

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/AutoOracle_client.exe

Files

6231482f1ec4f93fccd6ef250018d2db_JaffaCakes118
.rar
AutoOracle_client.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

Size: 390KB - Virtual size: 920KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 7KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: - Virtual size: 12KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 81KB - Virtual size: 304KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 40KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: - Virtual size: 3.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 726KB - Virtual size: 728KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
help.chm
.chm
数据恢复软件,数据恢复服务以及工具 - 惠盾数据恢复.url
.url
新云软件.url
.url

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Sections

Size: 390KB - Virtual size: 920KB

Size: 7KB - Virtual size: 16KB

Size: - Virtual size: 12KB

Size: - Virtual size: 12KB

Size: - Virtual size: 4KB

Size: - Virtual size: 4KB

Size: - Virtual size: 64KB

Size: 81KB - Virtual size: 304KB

.rsrc Size: 40KB - Virtual size: 44KB

Size: - Virtual size: 3.2MB

.data Size: 726KB - Virtual size: 728KB

.rsrc
Size: 40KB - Virtual size: 44KB

.data
Size: 726KB - Virtual size: 728KB