7783529beb53f0c8857f1c1bbe19cf70_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

7783529beb53f0c8857f1c1bbe19cf70_JaffaCakes118
Size

358KB
MD5

7783529beb53f0c8857f1c1bbe19cf70
SHA1

38936695e36c6170de2a8a3f50dc638b21ace8ed
SHA256

5c922a4d07b0a3a6b9999e28721bae198ee0d711ed72a84c276551e05cff54c8
SHA512

ac627ff260f9846a6c07efebb2e6bd4bfd47410fc7afb1f3f5c8d3b8989d4215763a4e6ed0656f115243acdaab1dfd903c03bcc1f7250e9c486e1ebe589d342a
SSDEEP

6144:Zl8Ow+QoP/HsdayzDsnSMbWaheu8HL1WwXnwZTKooSH/n3VbTOLWs:8OZHsEyXsnStazaXnwZTESHflbe

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/QQLogin.exe

Files

7783529beb53f0c8857f1c1bbe19cf70_JaffaCakes118
.rar
QQLogin.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 764KB - Virtual size: 763KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 16B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 53KB - Virtual size: 53KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 81KB - Virtual size: 81KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
md5.txt
.js
新云软件.url
.url