7879d9afb4d173e88b3c0ef3ae3e03f7_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

7879d9afb4d173e88b3c0ef3ae3e03f7_JaffaCakes118
Size

2.5MB
MD5

7879d9afb4d173e88b3c0ef3ae3e03f7
SHA1

e4152458c16c56045491284730da047be477fe85
SHA256

7f182b3414e6c52ffe6ee4515e2e1e3ca500a9718b04caba7017a5752e3df2bd
SHA512

78aa8c844c681cde1c87eec4ffd39e47f5ad58b742d9a166c7ec8c582180741fbc26a134e9e8d636367aaccbfab816af882cc2887443967ecbe01d6befe9ca03
SSDEEP

49152:2UDAczzWhY/f5MW3hHpig/Iz9+/qxfZqlJz0KxO1Y+2TU27iU80NM5eGtee6:VAczzWhY/13hJF/IzQ/YUJzromii6Hg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Enterdesk-v2.1.exe

Files

7879d9afb4d173e88b3c0ef3ae3e03f7_JaffaCakes118
.rar
Enterdesk-v2.1.exe
.exe windows:1 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 1024B - Virtual size: 588B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 3KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 8B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 85KB - Virtual size: 85KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
新云软件.url
.url