679d6870243e7a856df661d7baf7806a_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

679d6870243e7a856df661d7baf7806a_JaffaCakes118
Size

286KB
MD5

679d6870243e7a856df661d7baf7806a
SHA1

5d2b00fea21c8dfdcf1af1f318df6e056c424cdb
SHA256

8fb9688a82a28cf6370a303fb0a4086850a2976a2875dc8e533c56df89446d40
SHA512

0cce829fc52bbbb3120e8318aa11eaa29a3d62cc15628afe30fe171673ab5f6e0e0b0414b2d609d0502f986ec78ab03e7dbb1148abcb96e2901073dbe88d8ae1
SSDEEP

6144:kUQO8To4yi0sqP48pjG8OIEkWkBn/pBpp9Z3PRh8MaTBpmIllMAm8tH:BQFpyiqfpqNABnZZ8tTfmIl1XH

Score

1^/10

Malware Config

Signatures

Files

679d6870243e7a856df661d7baf7806a_JaffaCakes118
.exe windows:5 windows x86 arch:x86

Code Sign

36:49:a3:3f:b7:c3:42:8a:43:f8:f1:5f:c2:7d:f2:90
Certificate

Issuer

CN=Root Agency

Not Before

11/01/2009, 02:34

Not After

31/12/2039, 23:59

Subject

CN=zlhack.cn,O=neroxps,1.2.840.113549.1.9.1=#130c6e65726f2d3136332d636f6d

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

upx0
Size: - Virtual size: 336KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

upx1
Size: 284KB - Virtual size: 288KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

upx2
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE