833c3ab1b8beb0e8a075e496ca955a7d_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

833c3ab1b8beb0e8a075e496ca955a7d_JaffaCakes118
Size

1.5MB
MD5

833c3ab1b8beb0e8a075e496ca955a7d
SHA1

c70388dac0f8e0d09365c559f43c16c797bf51d8
SHA256

4ebeebfd1e8842376d90791b0bda1426352f97b1daf356d5c55194cfc17a81b0
SHA512

aca81b724e1d3f434a8b3ee13e4e0ac61a2c7ff0e63ff430df54b4a0cd8403d46e876b79ed0f95b349a3d66aeb26fe7f3b796158d7790a0bbf6a16ec571b2a78
SSDEEP

24576:sgN3JlJeYqE/zdUDtAlT/1SMecHB6GxcgsLNMM05iNZFSGzcRs1XSA773vf0qOM:s4lJFqwxUDo1SA6vV0W3NiA7Dv5B

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/SWF Encryptor v9.0/SWF Encryptor v9.0.exe

Files

833c3ab1b8beb0e8a075e496ca955a7d_JaffaCakes118
.rar
SWF Encryptor v9.0/SWF Encryptor v9.0.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 767KB - Virtual size: 766KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 7KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 16B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 51KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
SWF Encryptor v9.0/新云软件.url
.url
SWF Encryptor v9.0/视频教程.wmv