70457a7c7e063646332568e8909f13f5_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

70457a7c7e063646332568e8909f13f5_JaffaCakes118
Size

984KB
MD5

70457a7c7e063646332568e8909f13f5
SHA1

65ab0056900425804e51bfca87a5ce65e34c7d58
SHA256

a88e9be5e9c248b9d84d98e87073297cf1c0421063ec49a29a74114cb31a7d84
SHA512

bf9d2e1b9285370ea2d73c36c88b872ebf679735c92e9096aa6e7c67d379f247a66f383d4830baf1b2d220d166a06cf73cc6f30be2a7516fcfaaffa5831ccd01
SSDEEP

24576:WniWbhbuWZxCf8u6vd8vUCBQ2dffkuVXjUm:WiW9bub8fGvL/XHXjUm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/jianfan_setup.exe

Files

70457a7c7e063646332568e8909f13f5_JaffaCakes118
.rar
jianfan_setup.exe
.exe windows:1 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 1024B - Virtual size: 588B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 3KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 8B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
新云软件.url
.url