8200df5ed5b0ef5e434e2ff8b41efdad_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8200df5ed5b0ef5e434e2ff8b41efdad_JaffaCakes118
Size

2.2MB
MD5

8200df5ed5b0ef5e434e2ff8b41efdad
SHA1

13caa3c313dffbe893b04228766b5dcc6bbfdb66
SHA256

db0b38be8aac589c0fbe5b4e82f865c8580da4160d697ece6e0816e31b425d6c
SHA512

504dbff0a42599925a9b5eeeda5a5194da38d3f901dfcac670615c3e2a9843f623ee51a5b7b7a7b98a5d7275292c9e20f982be5acf812aefb2bf4129833d33dc
SSDEEP

49152:1AT+F01WDTcdxG60Lu7e4k5K1EhcBQ4Ltl6ILyQqVn4Q3SwfH:1su0EDgdxILZO1LtlJ24t+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/HA_Cartoonist_V1.3.1.4/HA_Cartoonist_V1.3.1.4_SETUP_ata.exe

Files

8200df5ed5b0ef5e434e2ff8b41efdad_JaffaCakes118
.rar
HA_Cartoonist_V1.3.1.4/HA_Cartoonist_V1.3.1.4_SETUP_ata.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 92KB - Virtual size: 91KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 2KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 8B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
HA_Cartoonist_V1.3.1.4/新云软件.url
.url